My question is not specific to ColdFusion, I know how to set HTTP status codes.
What I am wondering is if anyone knows of any best practices for what to do when a known attack comes into a site. I am speaking primarally of specifically formatted URLs of people scanning to find weaknesses in my sites.
I have collected a large number of URLs that we get scanned for regularly that are clear attempts to locate weaknesses.
Should I?
- Send a 404 telling them the attacked page does not exists
- Send a 503 making them think it errored
- Send a 200 with a blank page making them think they go to a real page
- Something else I havn't concidered
I am trying to avoid any sort of escalation on their part thinking they can hit my site harder, IE, if they get a 503, might they believe that my site could be weak and they step up the attack...
Any thoughts would be greatly apreciated.
Thanks
1
Reply
AdChoices