Do you still store 404backup.zip on the server? I'm on 200D

In the twilight winter evenings under the song of a blizzard, wrapped in a sheep blanket with a glass of apple brew, I like to read the logs on the server. Authorization by keys simplifies this, so if they don’t let me go to the public space, the server is always happy to shelter, old devil.

There are a lot of things happening in the world, someone has a happy 200, someone looks at 301 in bewilderment, someone scratches offensiveness on 403.

But the most valuable fur is the researchers. These are those who discover a new world based on their knowledge through trial and 404.

That's about 404 and will be discussed. This article is not about nothing. She is about security.
')
Every day, more and more people of different ages, religions, sex, and the installed system choose their way as an IT security worker, then to become an IT security officer with a good bad track record.

Such creative guys and girls send requests for exploits day and night, which are given to them in the form of 403 and 404, but this later.

Everyone starts with a rough search analytics backup.zip , which should be in the root of the site. Many go beyond backup.zip , and backup.zip into the archive.zip wall. Someone, having put MySQL 3.0 first in its life, is looking for dump.zip , mysql.zip and, for computer, also, hallelujah, home.zip . About .7z or .tar.gz even no thoughts!

Every time I see 404 in the log opposite the next head, or worse get, my heart is squeezed by the pain they feel, reading the error from the screen, as you read this article.

One day, I told myself - “Enough,%% username! You are cruel! You do not give them a chance, so it is impossible, it is not human. "

I objected that life was such a thing, they could not file a file on a platter, and even with a border. The third voice said "my preelsessst ..", I did not understand what, but my hand reached into my pocket.

As a result, after the deal with conscience and the iron superhero, which is in almost all of us and of you, I wrote this:

 location ~* "^/(archive|auth|backup|clients|com|dat|dump|engine|files|home|html|index|master|media|my|mysql|old|site|sql|website|wordpress)\.zip$" { access_log /usr/local/nginx/logs/dummy.log; default_type application/zip; root /usr/local/nginx/html/dummy; rewrite ^(.*)$ /mydummy break; max_ranges 0; limit_rate 4k; include param/zone1rs; } 

max_ranges 0; - prohibits the "resume"
limit_rate 4k; - limits download speed
include param/zone1rs; - The zone where 1 connection is allowed for 1 ip. In different versions of nginx your listing. The main limit_conn one 1; is limit_conn one 1; where one is the name of your zone.

mydummy is very simple:

 dd bs=1024 count=1572864 </dev/urandom >mydummy 

Then you need to show incredulous that this is a zip archive:

 echo -ne \\x50\\x4b\\x03\\x04\\x14\\x00\\x00\\x00\\x08\\x00 | dd conv=notrunc bs=1 count=10 of=mydummy 

Now even the bad weather does not bother me! If there is a sad autumn in the yard, or a dead winter, I gently blow the bread crumbs from the console, calling:

 tail -n 16 /usr/local/nginx/logs/dummy.log 

... and a smile appears on my face! I am happy for the future of mankind, I am proud of those adsl or cablenet , who purposefully, for five days, carefully download this archive, this small ticket for life, weighing 1.5 gigabytes and costing 5 days of the same life. I am happy that I can make this world a better place and give an incomplete week of happiness and almost Christmas expectation of a gift from my right sock.