Yesterday i saw on one of my sites that does not have Cloudflare a hacking attempts which used the ip address to send sql injection code.
So first i want to know if Cloudflare block this by default? and if not, is it possible to implement such rule to block all requests with invalid ip address (which is not valid ipv4 or ipv6)
I’m confused? What did the attack look like? Did they enter an SQL injection into a form field?
If a request is using an invalid IP address, then it wouldn’t be routed over the internet.
The attacker ip address was the sql.
We log the request and we log the ip address of the client, this one used the request header for ip address and replace it with sql injection, in hope that we will save his ip to the db…
This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.