Dealing with requests for files that don't exist from bots or malicious entities

[Bugger]

Is there an easy way to deny or ban requests that aren't for a certain file, or group of files? I'm having bots or something request for root and trying different login names (user@ip) for a public server I use to host downloadable content for a game server. What I would like to do is automatically ban any ip that doesn't 'GET /myfile.xyz', or maybe any file that is in a folder like 'GET /myfolder/myfile.xyz' so multiple files can be hosted.

I was thinking maybe I can add a line to hfs.events to deal with this, but I didn't see anything related to banning in the wiki, so I don't really know how to go about it.

Please note: this server will never be used for anything other than public file hosting of 1-3 files, so preserving any functionality of user accounts or anything else along those lines is not necessary

Thanks for any input!

[bmartino1]

https://en.m.wikipedia.org/wiki/Robots_exclusion_standard

https://www.robotstxt.org/robotstxt.html#:~:text=

By adding a robot.txt file, as it seems you are have scripts scan your server.

I would recommend making and adding a custom robot
.txt file with disallow option...

[Bugger]

I really need something more along the lines of banning any address that doesn't request a hosted file as I have been having several bad apples trying exploitation methods as well, and I don't want anything in a list somewhere. There only should be game clients requesting specific files, so is there a simple line I can add to events that will accomplish this?

[danny]

I really need something more along the lines of banning any address that doesn't request a hosted file as I have been having several bad apples trying exploitation methods as well, and I don't want anything in a list somewhere. There only should be game clients requesting specific files, so is there a simple line I can add to events that will accomplish this?

A template (or diff-template) could do a default disconnect on error, to imitate a firewall:
[error-page]
{.disconnect.}

However, it would be better to use a filtered approach (help users but disconnect miscreants), such as in https://rejetto.com/forum/index.php?topic=12055.msg1065326#msg1065326  See the error-handler pages, to give you some ideas on how to arrange your filters. 

[dj]

welcome,

Code: [Select]

not found
{.set ini|{.no pipe|ban-list={.from table|#ini|ban-list.}%ip%#are you trying to break me? {.time.}|.}.}

[Bugger]

Pretty much exactly what I had in mind, thanks!

Edit: For anyone who is trying to do the same thing, this line from @dj in combination with thishttp://rejetto.com/forum/index.php?topic=11738.0, solved my problem completely for the time being. Since my particular use case has a unique user-agent, this seemed the best route to take. I know how and that it can be spoofed, but mainly this was an effort to save bandwidth and keep the logs clear. All my files are public anyway, and I just didn't want my logs filling up with spam for no good reason because some jackass wanted to find out if I had any secured accounts set up.

a couple of things to note:

You MUST set the root directory to a real folder

Try to put everything in root/properties/Diff template, and event scripts (alt+f6)
(If you don't know any better in the first place, thankfully I avoided some work by reading a little)

Cheers!