I have an asp.net site ... In recent days, I have seen in my logs that they are attacking me with sql injection, for example:
Exceptia: Error Caught in Application_Error event Error in: http:
Of course, this will throw an exception, because I check the parameters before executing any sql query:
Error Message:Input string was not in a correct format.
For all these exceptions, I redirect the user to the page with a specific error.
Of course, these attacks do not affect me right now (I use the sql parameterized commands), but I take the ips and put them in the IIS-Ip address and domain restrictions so that ip can no longer access my site.
My question is: can I do anything else? It seems that this attacker, even I block his ip, is going and trying to use the same attack from another ip (I blocked about 6 ips in the last 3 days, which is pretty ugly ...). Can you suggest anything else I have to do?
UPDATE:. All these attacks put /**/or/**/ 1=@ @version instead of the value of the query parameter, so I am sure that the attack is not a random problem for users, but a real SQL injection attack. The problem is that these ips are from different places, so I can not report this to some Internet service providers or host companies ...
source share