homeNode

Building a Wall of Shame to Stop Server Bots

Written by

homenode

in

How a simple custom script helped me block thousands of shady bots targeting my home server

If you’ve ever hosted a home server, you know how relentless those bots can be. They keep knocking on your digital door, probing for any weak spot to exploit. I’m talking about what I like to call server bot defense – the ways we protect our setups from unwanted automated visitors.

Last month, I noticed something: my Fedora Rawhide home server, running on an i5 4th Gen with 16GB RAM and a hefty 12 TB storage, was getting hit nonstop by bots. The requests were coming fast, trying to poke at vulnerabilities I hadn’t even considered. Curious and a bit annoyed, I decided to do something about it.

What is Server Bot Defense?

Server bot defense simply means the methods or measures you put in place to stop bots from attacking or probing your server. These bots aren’t just random internet noise; many are scanning for known vulnerabilities (CVEs) to exploit. It’s surprising that more servers aren’t compromised if you ask me.

Building My Own Wall of Shame

To stop these relentless bots, I wrote a small custom 404 script. When a bot hits a non-existent page, instead of just an ordinary 404 error, the script adds the bad actor’s IP to my firewallD blocklist automatically. Pretty neat, right?

But I didn’t stop there. Every time a bot tried to break in, I logged the request details into a database. Then I built a simple web page to showcase all these attackers. I’ve dubbed it the “Wall of Shame.” It’s a little gallery of all the IPs and bot requests I’ve caught trying to breach my server.

In just a month, I’ve caught over 8,000 bad requests!

Why This Matters

What strikes me most is the variety and number of attack attempts focused on well-known vulnerabilities. If so many bots are out there trying to exploit these CVEs, it’s clear a lot of servers could be vulnerable. This realization has made me think more seriously about hardening my server to make sure I stay ahead of the bad guys.

Simple Steps to Start Your Own Bot Defense

You don’t have to be a network pro to start defending your server. Here are a few tips:

  • Use firewall rules to block suspicious IPs.
  • Set up custom error pages that manage unwanted requests.
  • Log all connection attempts to keep an eye on patterns.
  • Keep your system and applications updated to patch known vulnerabilities.

If you want to dig deeper into firewallD and its blocklisting capabilities, Red Hat’s official documentation is an excellent resource: https://firewalld.org/documentation/

For more on understanding CVEs and why patching your system matters, check out the MITRE CVE database: https://cve.mitre.org/

Lastly, if you’re keen on monitoring and managing your logs better, here’s a helpful guide from DigitalOcean: https://www.digitalocean.com/community/tutorials/how-to-manage-log-files

Final Thoughts

Bots aren’t going away anytime soon, but you don’t have to welcome them with open arms. A little server bot defense can go a long way to keep your data safe and your server running smoothly. Plus, it’s oddly satisfying to see the Wall of Shame fill up with the IPs of those pesky intruders. If anything, it’s a reminder to us all how important it is to stay vigilant and proactive.

Do you have any bot defense strategies you swear by? I’d love to hear about them!

Date noted: August 24, 2025

More posts