|
|
|
|
|
|
by BigBalli
208 days ago
|
|
|
I always had fail2ban but a while back I wanted to set up something juicier... .htaccess diverts suspicious paths (e.g., /.git, /wp-login) to decoy.php and forces decoy.zip downloads (10GB), so scanners hitting common “secret” files never touch real content and get stuck downloading a huge dummy archive. decoy.php mimics whatever sensitive file was requested by endless streaming of fake config/log/SQL data, keeping bots busy while revealing nothing. |
|
|