Module Description
Basic perimeter defence for a Drupal site. This module bans the IPs who send suspicious requests to the site. The concept is: if you have no business here, go away.

Use the perimeter module if you get a lot of requests to 'wp-admin' or to .aspx urls on a linux server, or other similar requests.

Currently, the module bans users who generate "page not found" events for requesting any of the following url patterns:

private $bannedPatterns = [ '/.*\.aspx/', '/.*\.asp/', '/.*\.jsp/', '/\/blog_edit\.php/', '/\/blogs\.php/', '/\/wp-admin.*/', '/\/wp-login.*/', '/\/my_blogs/', '/\/system\/.*\.php/', '/.*systopice.*/', ]; The module is optimized for performance and designed to be activated when a Drupal site is targeted by hackers or bots.

How to use
Just enable the module, and check your site logs after a while.

Use the core's ban module to manage banned IPs.

Note: Before testing this module from your own IP, make sure you can delete your IP from the ban_ip table in your Drupal site's database.

Currently in the dev branch

* Honeypot integration
* Admin page for configuring banned urls

Future improvements

* Ban on Drupageddon attempts
* Design change: act on requests, not on 404 errors. Not sure about this, ideas welcome.

Drupal 7
For a module that provides similar functionality under Drupal 7 please see path2ban.

Project Usage
5670
Creation Date
Changed Date
Security Covered
Covered By Security Advisory
Version Available
Production
Module Summary
Perimeter module bans suspicious IPs sending requests to Drupal site, targeting hackers and bots for increased security.
Data Name
perimeter

OPENAI CHATBOT

OPENAI CHATBOT

08:49:15
Generic Chatbot
Hi, I'm a Drupal module expert powered by OpenAI, answering your questions about the Drupal module ecosystem. How can I be helpful today? Please note that we will log your question.