Automatically ban IP address if it accesses a certain URL

linux iptables

Solution 1:

Consider tarpitting these requests instead.

HAProxy (and I assume other HTTP proxies) has the ability to identify 'malicious' scan hits and delay the response (thus temporarily slowing the attack script).

Blocking the response entirely will just have the attack script move along to its next target immediately.

Solution 2:

You could, but that would make denial-of-service attacks trivial. All an attacker needs to do is access your site through the same proxy I'm using and hit one of those URLs and then I can't access your site. There are still entire cities that use a web proxy.

Related

Hiding non-standard ports in the address bar?
What next after Ubuntu? Arch Linux / FreeBSD / Gentoo [closed]
Amazon CloudFormation: How to get an ELB's private IP for a specific subnet?
How can I make sure the Source Code is not leaked by our own developers?
Block facebook even in the case users get their hands on tor, freegate and similar applications
What do you do to prevent stupid mistakes?
How can I retrieve a directory (folder) from Ubuntu Server 14.04 VM without FTP, SCP, or NFS
Have you ever used Sneakernet?
Why am I Unable to ping port 443 on Ubuntu?
Migrate linux dhcp to active directory
HAProxy authenticated httpchk (health check)
What factors should be taken into consideration by someone building a custom PC?