1 Reply Latest reply on Feb 13, 2014 6:29 AM by BKBK

    HTTP status code to return when attacked

    MudockSR Level 1

      My question is not specific to ColdFusion, I know how to set HTTP status codes.

       

      What I am wondering is if anyone knows of any best practices for what to do when a known attack comes into a site. I am speaking primarally of specifically formatted URLs of people scanning to find weaknesses in my sites.

       

      I have collected a large number of URLs that we get scanned for regularly that are clear attempts to locate weaknesses.

       

      Should I?

      1. Send a 404 telling them the attacked page does not exists
      2. Send a 503 making them think it errored
      3. Send a 200 with a blank page making them think they go to a real page
      4. Something else I havn't concidered

       

      I am trying to avoid any sort of escalation on their part thinking they can hit my site harder, IE, if they get a 503, might they believe that my site could be weak and they step up the attack...

       

      Any thoughts would be greatly apreciated.

       

      Thanks