Web Server Abuse Detection

  • Hello Dev Team,


    I've encountered several web server security issues/tries along the way, most of them from script kiddies, like unwanted penetration scanning or just fake requests to nonexistent resources, causing logging of lots of 400-417, 500-505 messages, which translates into waste of resources and bandwidth. I've searched for a solution using fail2ban without success.


    I've found the solution into the following Perl script(https://calomel.org/web_server_abuse_detection.html), which I've tested on my I-MSCP server successfully. Apart from the script provided by the Calomel team, I've spent some time creating also an easy implementation for Debian, for now in the form of an daemon for simple start or stop of the script.
    I was wondering if the Dev Team and the users of I-MSCP will find this useful for their deployment in securing their servers, as I can find a solution in implementing the daemon and the script with I-MSCP: integrated, as a plugin or module/extension? ?(

    Edited once, last by scieri ().