captcha.php
Standard member
hacker scanning captcha.php
Hello,Checking my apache logs and i see hundreds of attemps like :
Code
"GET /data/captcha.php?cache_break=121326869 HTTP/1.1"
my guess is that they are trying to learn the captcha?
I was thinking i could create a rule in fail2ban to auto ban them. But if a normal visitor is on my site what would be the normal amount of times they would see this?
———–
Publisher of IronFeather Journal since 1987. Host of KGNU Colorado Radio for 20 years.
Currently in Japan & decided to focus on Composr as my number one CMS.
Composr site for community of Hokkaido: Nandalow.com
Composr site for my freelance work: Futurecode.jp
My Compsr edits : http://ironfeather.com/bbs/viewtopic.php?f=12&t=2862
Twitter: https://twitter.com/futurecodejp
Publisher of IronFeather Journal since 1987. Host of KGNU Colorado Radio for 20 years.
Currently in Japan & decided to focus on Composr as my number one CMS.
Composr site for community of Hokkaido: Nandalow.com
Composr site for my freelance work: Futurecode.jp
My Compsr edits : http://ironfeather.com/bbs/viewtopic.php?f=12&t=2862
Twitter: https://twitter.com/futurecodejp
Site director
Note the cache_break bit isn't a guess of a CAPTCHA, it's just us making doubly-sure the browser isn't caching the CAPTCHA image.
Become a fan of Composr on Facebook or add me as a friend. Add me on on Mastodon. Follow me on Minds (where I am most active). Support me on Patreon
- If not, please let us know how we can do better (please try and propose any bigger ideas in such a way that they are fundable and scalable).
- If so, please let others know about Composr whenever you see the opportunity or support me on Patreon.
- If my reply is too Vulcan or expressed too much in business-strategy terms, and not particularly personal, I apologise. As a company & project maintainer, time is very limited to me, so usually when I write a reply I try and make it generic advice to all readers. I'm also naturally a joined-up thinker, so I always express my thoughts in combined business and technical terms. I recognise not everyone likes that, don't let my Vulcan-thinking stop you enjoying Composr on fun personal projects.
- If my response can inspire a community tutorial, that's a great way of giving back to the project as a user.
Standard member
well since i am getting hundreds of these in the logs i added it to fail2Ban to ban them after 4 tries.
I also dont have new users or public input/posting allowed so no reason for that to be triggered as my system is for me to share infos.
———–
Publisher of IronFeather Journal since 1987. Host of KGNU Colorado Radio for 20 years.
Currently in Japan & decided to focus on Composr as my number one CMS.
Composr site for community of Hokkaido: Nandalow.com
Composr site for my freelance work: Futurecode.jp
My Compsr edits : http://ironfeather.com/bbs/viewtopic.php?f=12&t=2862
Twitter: https://twitter.com/futurecodejp
Publisher of IronFeather Journal since 1987. Host of KGNU Colorado Radio for 20 years.
Currently in Japan & decided to focus on Composr as my number one CMS.
Composr site for community of Hokkaido: Nandalow.com
Composr site for my freelance work: Futurecode.jp
My Compsr edits : http://ironfeather.com/bbs/viewtopic.php?f=12&t=2862
Twitter: https://twitter.com/futurecodejp
1 guest and 0 members have just viewed this.
