Blocking for too many "400 BAD REQUEST" Status
Posted: 01 Dec 2021, 10:01
It has become standard to block bad API calls with a 400 status.
With MVP architecture so prominent on the web, it has become commonplace to build everything as an API (for AJAX to serve the front end of a website).
Our API endpoints, especially login endpoints, constantly get bombarded with SQL injection attempts. These requests fail with a "400 Bad Request" status.
It would be extremely useful for LFD to catch these in the Apache access log and automatically block the IP -- saving a server from an attack that can last hours.
With MVP architecture so prominent on the web, it has become commonplace to build everything as an API (for AJAX to serve the front end of a website).
Our API endpoints, especially login endpoints, constantly get bombarded with SQL injection attempts. These requests fail with a "400 Bad Request" status.
It would be extremely useful for LFD to catch these in the Apache access log and automatically block the IP -- saving a server from an attack that can last hours.