Does anyone know of a way to check the incoming requests, check for a certain file, and if said file is requested, ban the IP of the requster?
I get code-red and nimda propogation attemps constantly, and I realize some of em are probably hackers, with IP spoofers, but I don't really care. I believe a majority of them are due to web servers elsewhere trying to compromise my webserver.
They're all listed as 404s, but I wanna keep them from even trying to access them. I don't know if IIS can do it, or I'd need some secondary program.. But the ideal solution would be something like this...
xxx.xxx.xxx.xxx tries to access /scripts/winnt/system32/cmd.exe
xxx.xxx.xxx.xxx gets added to a banlist
xxx.xxx.xxx.xxx tries to view the website
the IP is checked against a list
the IP is found in the list
/banned.html is the only thing that will be shown to the client
Anyone know of a way to do that?