Is there a way on the server side to punish evil visitor?

Question

For example an admin page that should not be visited unless with special cookie or query string token. The point being that anyone who tried and failed would likely be with bad intention. Or when the connection has ddos behavior.

Is there a way that if you determine that request is an evil one, you withhold that connection as long as possible, and return a package as large as possible , in a way that is without side effect to the server? Maybe redirecting to other special website? Or other better strategy? (I am using Nginx. But I guess this question is quite general.)

I should have make it more clear that I ask this question only for the technicality or how-to. — user2643506, Oct 27 '13 at 18:42

score 4 · Answer 1 · answered Oct 27 '13 at 17:46

4

"Punishing" someone seems like an idea that could backfire. Perhaps you'd be happy just to block them? For that look at Fail2Ban.

answered Oct 27 '13 at 17:46

sciurus

12,678
2
31
49

I just had to upvote this :D – wlf Oct 27 '13 at 17:49

Is there a way on the server side to punish evil visitor?

1 Answers1