|
|
|
|
|
|
by mqus
129 days ago
|
|
|
I "solved" this by adding a fail2ban rule for everyone accessing specific commits (no one does that 3 times in a row) and then blocking the following ASs completely (just too many IPs coming from those, feel free to look them up yourself):
136907 23724 9808 4808 37963 45102. And after that: sweet silence. How to block ASs? Just write a small script that queries all of their subnets once (even if it changes, its not so much to have an impact) and add them to a nft set (nft will take care of aggregating these into continouus blocks). Then just make nft reject requests from this set. |
|
|
- 23724 China Telco
- 9808 China Mobile
- 4808 China Unicom
- 37963 Alibaba
- 45102 Alibaba tech
You may want to add this list as well:
https://docs.aws.amazon.com/vpc/latest/userguide/aws-ip-rang...