Trying this again because I got blocked by a security rule. I tried to include the SQL injection string I saw this morning, which in retrospect was a bad idea. I got too focused on my post and didn't think what including it might seem like. My apologies.
My question is this - Is there any reason I should not blacklist virtually every SQL Injection IP address? I do look at them. Most are exploits for components that are not installed on my sites(s).
Also, is it a good idea to blacklist those IPs on my other websites?
I get (what seems like) frequent attacks, all within minutes of each other but coming from different IPs, for the same exploit. The attached image shows the attacks I'm seeing.
Thanks,
Mike
My question is this - Is there any reason I should not blacklist virtually every SQL Injection IP address? I do look at them. Most are exploits for components that are not installed on my sites(s).
Also, is it a good idea to blacklist those IPs on my other websites?
I get (what seems like) frequent attacks, all within minutes of each other but coming from different IPs, for the same exploit. The attached image shows the attacks I'm seeing.
Thanks,
Mike
