Here's some of the 404 requests from the past 24 hours:
wp-monamon.php
TL.php
fck.php
x123x.php
nw2.php
blackmini.php
gssdd.php
F19.php
R57.php
BDKR28WP.php
pouhg.php
vgtyu.php
x123.php
moshou.php
seetox.php
ws60.php
samiri.php
xoot.php
X57.php
shas.php
xda.php
fault.php
66.php
leuk.php
kolda.php
kj.php
ms-edit.php
I thought about having 404.php sleep() for a long time, but that would likely be a recipe for an easy DDOS.
I do keep a record and block the worst offenders via a process that writes to a file that can be used to deny requests quickly.
Seems like, IIRC, years ago I just did:header("https://fbi.gov"); exit;
Do you have other strategies?
