If you are running Web Server Software like Microsoft IIS on your Windows server
you may find increasing numer of 404 (Page Not Found) errors in your website analytics.
Accessed resources may be completely irrelevant to your website, like PHP pages when your website is on ASP.NET,
or attempts to retrieve Linux specific file system entries when your server is on Windows, or attempts to find
pages that belongs to popular CMS like WordPress or Drupal.
In most cases these requests are generated by automated tools that bombard web sites with a ton of different URLs
in attempt to find old systems that are not updated to exploit known vulnerabilities.
Below are examples of such attempts:
Example of AWS and Node.js credentials scan
Generic website vulnerability scan example
Of course you should not use outdated web servers or 3-rd party CMS in the first place. And your web server
should not host anything that you don't want to be public, like AWS secrets or website backups with source code.
But these scan attempts are not just annoying, they waste your server resources like
processor time, memory, bandwidth and disk space.
you may significantly reduce the number of vulnerability scan attempts by detecting dangerous patterns
and temporarily blocking source IP addresses.
It monitors web server logs of your choice and detects dangerous scan patterns.
If the number of scan attempts from a single IP address reaches a set limit,
the attacker's IP address is blocked.
For Windows Vista/7/8/8.1/10/11 and Windows Server 2008/2012/2016/2019/2022