Servlet Filter that catches and blocks IP's that request suspicious URL's
Before I go off and write my own, Is anyone aware of a servlet filter that
does some basic security checks and filtering. ie If someone hits our
server with a url that ends in .exe or contains "../../.." they are
clearly rootkit/exploit scanners not valid users (in our case at least).
I also wonder if a Thread.sleep(1000); in the servlet filter for those
particular types of requests wouldn't be such a bad thing.
No comments:
Post a Comment