[Flask] Handling web requests from blacklisted IP addresses?

Unai Rodriguez unai at sysbible.org
Thu Apr 27 22:47:40 EDT 2017 

Fail2ban is also a good tool to handle that: https://www.fail2ban.org

-- unai

On Fri, Apr 28, 2017, at 02:52 AM, Young,Spencer P wrote:
> These things are just going to happen.
> If you blacklist an IP, I personally would offload that work to a
> firewall; just drop the traffic, no response. Don’t even let the requests
> hit the server, if possible. Others may opt to simply lockdown their more
> sensitive pages, like logins and downloads.
> In the WordPress world, there’s a product called ‘Wordfence’ that uses an
> algorithm to rank the ‘maliciousness’ of an IP to update blocking rules
> accordingly. Worth looking into how it works.
> Keep in mind, if you’re in an organization, it may be a vulnerability
> scanner probing internally. You may want to whitelist any vulnerability
> scanners.
> 
> Hope that helps,
> -Spencer
> 
> On 4/27/17, 1:08 PM, "Flask on behalf of Keith MacDonald"
> <flask-bounces+spenceryoung=ufl.edu at python.org on behalf of
> keith at the-sanctuary.biz> wrote:
> 
>     I've recently built a website based on Python and Flask. Everything's
>     fine (thanks Flask). 
>     
>     But being cautious, in case I made mistakes with the Routes, I've
>     been logging any 404 error messages, along with the IP address the
>     request came from. By accident, it seems to be working well as a
>     malicious-probe detector. I'm seeing many 404 error messages caused
>     by blacklisted IP addresses trying to find and access PHP admin pages
>     (which don't exist). 
>     
>     Should I care about this? 
>     I'm imagining I could add a table of blacklisted IP addresses quite
>     easily, and check the IP address before routing any pages. 
>     But then what?
>     Should I send all requests from  blacklisted IP addresses to a
>     special page? 
>     Or a completely blank page?
>     Or redirect them to some hell-hole on the internet?
>     Or what?
>     
>     Any suggestions gratefully received.
>     
>     Keith MacDonald
>     
>     
>     _______________________________________________
>     Flask mailing list
>     Flask at python.org
>     https://mail.python.org/mailman/listinfo/flask
>     
> 
> _______________________________________________
> Flask mailing list
> Flask at python.org
> https://mail.python.org/mailman/listinfo/flask

More information about the Flask mailing list