Antiscan is an add-on module that extends the IP address blocking module (version 1.x-1.0.5 or newest) to automatically block anyone who tries to access paths defined as restricted.
Usually it is a bad crawler looking for known potentially vulnerable paths, such as "wp-admin.php", "xmlrpc.php" and so on.
Administration page is available via menu Administration > Configuration > User accounts > Antiscan (admin/config/people/antiscan) and may be used for:
- add your patterns for paths to be restricted (some usefull patterns are already added out of the box);
- enable automatic reporting to AbuseIPDB about blocked scanners activity ("AbuseIPDB report" module should be installed);
- enable logging for blocked access attempts (enabled by default);
- select the time after which the blocked IP will be unblocked automatically;
- enable "Test Mode" to test your patterns, your current IP will not be blocked, but you may see a message when you try to visit the restricted path;
- set paths or portions of paths that will NOT be restricted to avoid self-blocking.