: If i use 301 redirects (to bounce the requests), will the other destination be aware of my Server IP? (Just for the knowledge) I wonder, let's say one day, when my Site is suddenly having

@Ann8826881

The other answers have already covered that redirecting would be a bad/pointless response and that simply dropping the response with a suitable status would be preferred. However, you did ask some other questions...


will the other destination be aware of my Server IP?


You used Google in your example. Being a search engine they will probably discover the redirect from crawling your site. So yes, they will know your Server IP.

However, some arbitrary website that you are redirecting to will be stuck with looking at the HTTP Referer on the inbound request (if any) and resolving that to find your server IP.

However, any "illegal attempts" are more likely to be from automated bots which may not send the Referer anyway. After all, this would be an additional, unnecessary step for the bot.


Of course then all these kinda illegal attempts will be redirected to ...


This is assuming that these malicious bots even follow redirects (it is, after all, more work). For something like a "login page" that is a known URL they are specifically targeting, why would they follow a redirect? If they don't get a meaningful response on the initial request then abort. But even if they do follow some redirects, it would be trivial for the bot to ignore some nonsense targets... "Google", "Return to sender", "Disney" etc.


Instead of blocking the incoming attacks, or sending to to somewhere else, you could redirect them back from where they are comming from. Thus perhaps breaking the attackers system ;)


I've seen this "science fiction" idea mentioned a few times - but I can't imagine this working as intended in the real world. It's either going to do nothing - the bot simply does not follow the redirect, or in the case of a serious attack, it's going to compound the problem and flood the network (or someone else's network) with traffic. Either way, the bot doesn't care.

Vote Up Vote Down

@Courtney195

Well aren't you friendly...


"Hey Google, I'm having a DOS, but im making it your problem, thanks"


First: There is no difference for you between serving an 301 or an 404 error page. Your server will have to do the same amount of work. The difference here is that you, with your 301->google solution, now ALSO make it Google's problem, effectively doubling the attackers damage.

A solution would be to use a IP based firewall, something along the lines of the commonly used and recommended Fail2Ban service for linux. This allows you to set up effective security. Fail2ban could be used to:


Block entire regions of IP's
Block failed login after X tries (e.g.:3 wrong tries »10min, 10tries »30mins, too many »indefinate)
Block IP's crawling too many pages too fast


Settings up Fail2Ban properly will save you quite some resources and/or hacky solutions.

Vote Up Vote Down

@Si4351233

In the situation you give it is definarely dangerous and not a good idea, and could most definately result in issues for your site, it woukd be better to simply take that one file offline or if the traffic is coming from one cidr block then block that cidr, forwarding the attack to another site oike Google could ge seen as you taking part in the attack, plus user experience would be poor as real users woukd be bounced without expecting it as well.

Vote Up Vote Down