When running a Rails4 app, I often see bots probing to see whether I'm running a Wordpress site. I expect that they are looking to either create comment spam or looking for Wordpress security vulnerabilities.
Here's an example error from the log:
ActionController::RoutingError (No route matches [GET] "/wp-login.php")
What is a simple example of Rack middleware where I could block this http request? How would I name the file and where would it go in the Rails application?
Thank you!
You can use rack-attack gem to blacklist certain requests and the requests from specific ip addresses as well. You can also throttle requests for certain amount of time using this gem.
Follow the readme from the github documentation to install and setup the gem in your Rails project.
To blacklist certain requests, you can do something like this in the app/config/initializers/rack_attack.rb
file:
# Block logins from a bad user agent
Rack::Attack.blacklist('block bad UA logins') do |req|
req.path == '/wp-login.php' && req.get? && req.user_agent == 'BadUA'
end