[f311a]

That’s from a single person most likely, who used sqlmap to test for sql injection. I haven’t seen internet wide attempts of testing sql injections.

[willhackett]

Our WAF logs are fun reading. We see so much traffic from bots looking for PHP files and posting to inputs.

[gnyman]

Yeah, so much noise. I enjoy screwing around with them on my free time, "imposing cost" by giving back unexpected things. I don't know if it actually does something, but I bet returning either a gzip-bomb or a 5 MiB really obscure (but valid) HTML file will crash quite a few scanners.

https://nitter.net/gnyman/status/1181652421841436672

[smokeyfish]

Are you familiar with OpenBSD tarpitting?

[gnyman]

Not specifically openBSD but the concept yes, I've played with it also

https://nyman.re/super-simple-ssh-tarpit/