Fake connections to WebClient

Forum to discuss the Web client version of Servoy.

Fake connections to WebClient

Postby grahamg » Tue Nov 20, 2018 11:44 am

One of my SV7.4 WebClient solutions occasionally gets a large number of connections from the same IP address.

They appear to be just sitting on the Login screen until timed-out and closed. However a 15 minute time-out is useless since they were coming in at 5 sec intervals - see screenshot. Have reported it to abuse@hetzner.de and other reports indicate it is a robots.txt crawler.

Looking at adding some code to check if the same IP address is connecting multiple times but wondering if others have suffered and resolved the same problem.


Cheers

GrahamG
You do not have the required permissions to view the files attached to this post.
Graham Greensall
Worxinfo Ltd
www.worxinfo.com
grahamg
 
Posts: 752
Joined: Fri Oct 03, 2003 3:15 pm
Location: Midlands UK

Re: Fake connections to WebClient

Postby swingman » Wed Nov 21, 2018 8:35 pm

Hi Graham,

Not familiar with the web-client, but you could check the IP-address of the user login in and if there is a failed attempt delay for let's say 2 seconds.
The second time there is a failed attempt from that IP address or username, you double the delay and so on...
Within a few attempts the intruder will be encouraged to give up...

For something else I use this (will not work with Servoy, but may give you some evil ideas):

https://github.com/kickstarter/rack-attack
Christian Batchelor
Certified Servoy Developer
Batchelor Associates Ltd, London, UK
http://www.batchelorassociates.co.uk

http://www.postgresql.org - The world's most advanced open source database.
User avatar
swingman
 
Posts: 1472
Joined: Wed Oct 01, 2003 10:20 am
Location: London

Re: Fake connections to WebClient

Postby grahamg » Wed Nov 21, 2018 10:57 pm

Hi Christian

Thanks for that link. Was thinking along similar lines but like the idea of doubling the delay each time :twisted:

They are not trying to Login - possibly just a badly setup Crawler - but I can certainly monitor and close them down after a short period.

Thanks again.

Graham
Graham Greensall
Worxinfo Ltd
www.worxinfo.com
grahamg
 
Posts: 752
Joined: Fri Oct 03, 2003 3:15 pm
Location: Midlands UK


Return to Servoy Web Client

Who is online

Users browsing this forum: No registered users and 6 guests

cron