[Flask] Handling web requests from blacklisted IP addresses?
Keith MacDonald
keith at the-sanctuary.biz
Thu Apr 27 13:08:57 EDT 2017
I've recently built a website based on Python and Flask. Everything's fine (thanks Flask).
But being cautious, in case I made mistakes with the Routes, I've been logging any 404 error messages, along with the IP address the request came from. By accident, it seems to be working well as a malicious-probe detector. I'm seeing many 404 error messages caused by blacklisted IP addresses trying to find and access PHP admin pages (which don't exist).
Should I care about this?
I'm imagining I could add a table of blacklisted IP addresses quite easily, and check the IP address before routing any pages.
But then what?
Should I send all requests from blacklisted IP addresses to a special page?
Or a completely blank page?
Or redirect them to some hell-hole on the internet?
Or what?
Any suggestions gratefully received.
Keith MacDonald
More information about the Flask
mailing list