[Flask] Webserver under attack
Bruno Colella
brn93 at live.it
Fri Dec 9 17:33:50 EST 2016
Hi everyone,
I have a VPS with Ubuntu 14.04.4 LTS with a public ip and a small Flask application(at the moment Flask is also the WSGI). Flask is in Debug mode, I know this isn't a good security practice but I need it as it's still under development :(
I log everything and recently there was a raise of attacks: here is a sample of the logs<https://pastebin.com/z2MK6dwi>.
Always different ip, and I've never seen this kind of attacks so I don't know if they are successful or not, my questions are:
* What kind of attacks are these?
* How can i verify if they hacked my vps?
* What is the best way to mitigate? Autoban for invalid requests?
Thanks in advance,
Bruno
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.python.org/pipermail/flask/attachments/20161209/686c0053/attachment.html>
More information about the Flask
mailing list