
Ask HN: How to stop bot onslaught on my website? - jmstfv
Hi! I have been looking through nginx logs for the last several days and noticed that a wide range of IP addresses, presumably bots, were hitting my site. They either scan for vulnerable endpoints (e.g. phpadmin, wordpress admin, etc..) or send POST requests to bogus URLs (POST &quot;x1ffl\x93\xa7\xaf\xb3\x8a;h\x02\x19...&quot;). In my understanding, these are most-likely script-kiddies launching unsophisticated &quot;attacks&quot; in order to hit low-hanging fruits. How can I block them?<p>P.S. These are nginx logs only. I used to experience high number of assaults on Port 22 and 23. I decided to change SSH&#x27;s port to a higher number that is less than 1024 and have not experienced a single &quot;attack&quot; yet (I also use public key authentication, strong ciphers, AllowUsers, no root logins, decreased MaxStartups, but the point still stands)
======
thisone
you're already running nginx, so you should be able to add naxsi
([https://github.com/nbs-system/naxsi](https://github.com/nbs-system/naxsi))

~~~
billconan
is there anything similar for haproxy?

~~~
thisone
I can only see options if you're paying for enterprise. So, if you're paying
for enterprise, you've already got it :thumbsup:

