My dear Livewire believers, I need your help. Yesterday, one of my projects was attacked by what I believe were automated bots.
The issue is that the scripts were targeting (among other things) the "livewire/update" route. They were attempting to call methods that clearly don't exist or trying to access properties.
I suspect they might have bypassed the checksum check, but I'm not sure.
Has anyone seen anything like this before?
Back
•
if you're behind something like cloudflare can you activate the antibot feature so you temporary block them?
•
In response to @danielpetrica
Thank you Andrei. Yes it can be made with cloudflare. But what I do is that I go deep into nginx access log, copy the offending IPs and block them via firewall and also a silly global middleware that checks IPs and if in my list, they get redirected anywhere else.
I also checked in an IP address lookup service and all offending IPs are from datacenters in Belgium, Germany, Finland, SFO... so definitely automated and as far as I'm concerned, blocked forever 😂