My question is not specific to ColdFusion, I know how to set HTTP status codes.
What I am wondering is if anyone knows of any best practices for what to do when a known attack comes into a site. I am speaking primarally of specifically formatted URLs of people scanning to find weaknesses in my sites.
I have collected a large number of URLs that we get scanned for regularly that are clear attempts to locate weaknesses.
I am trying to avoid any sort of escalation on their part thinking they can hit my site harder, IE, if they get a 503, might they believe that my site could be weak and they step up the attack...
Any thoughts would be greatly apreciated.
Be proactive: go on the offensive. For example, the famous Mykonos web security software chooses to:
Warn the attacker
Block the user
Force a CAPTCHA
Slow the connection
Simulate a broken application