Automatically block any IP identified as doing SQL injection attack
-
ramf shared this idea 3 years ago
- Admin Area
- 1 Comment
1
Votes
Hi,
Please block automatically any IP identified as doing SQL injection attack.
Now we get emails with "WHMCS Admin Failed Login Attempt" and in the Username there is something like [[or 1=1 limit 1 -- -+ or]] any other such code.
After receiving such an email I'm manually adding the Ip address that tried the attack to my Banned IPs list.
1. Please create a global list with information based on all the IPs that tied attacking all of WHMCS clients and automatically block any IP who such an attack originate from.
2. Please add any such Ip to the local Banned IPs list
Thanks,
Ram
Please block automatically any IP identified as doing SQL injection attack.
Now we get emails with "WHMCS Admin Failed Login Attempt" and in the Username there is something like [[or 1=1 limit 1 -- -+ or]] any other such code.
After receiving such an email I'm manually adding the Ip address that tried the attack to my Banned IPs list.
1. Please create a global list with information based on all the IPs that tied attacking all of WHMCS clients and automatically block any IP who such an attack originate from.
2. Please add any such Ip to the local Banned IPs list
Thanks,
Ram
Featured Comment
Thanks for taking the time to submit this suggestion.
Entering the business of providing IP reputation and web application firewall services is not the direction we envisage for WHMCS.
There are a number of established services which can potentially help with this already; Cloudflare, CloudFront, mod_security, Immunify365 are the ones which spring to mind immediately. Perhaps one of those can help meet your website hardening needs?