Exemple d’un logs :
42.193.186.22 - - [29/Jul/2021:10:49:58 +0200] "f+bin.arm7%3b%23&remoteSubmit=Save" 400 0 "-" "-"
42.193.186.22 - - [29/Jul/2021:10:49:58 +0200] "POST /cgi-bin/ViewLog.asp HTTP/1.1" 302 0 "-" "MtmKilledYou"J’ai donc fait :
# zgrep "arm7" /var/log/apache2/access.humhub.log.*gz | sed 's/:/ /g' | awk '{print $2}' | sort -n | uniq | awk '{print "iptables -A INPUT -s " $1 " -j DROP "}'
iptables -A INPUT -s 42.193.186.22 -j DROP
iptables -A INPUT -s 189.72.251.188 -j DROP
iptables -A INPUT -s 195.47.196.114 -j DROPJ’ai donc blacklisté trois IP de plus … quand on aime …
Misère.
42.193.186.22 -> Chine 189.72.251.188 -> Brésil 195.47.196.114 -> Russie.
Le trio gagnant …. pour changer.
Misère.