Dealing with bots sending malformed URLs?

Is anybody aware of any libraries for Phoenix that deal with bots sending malformed URLs?

Here’s an example:

[Phoenix.Router.MalformedURIError **

malformed URI path: "/cgi-bin/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/bin/sh"

I’m getting a bunch of entries like these showing up in my Sentry alerts and if anyone is aware of a plugin solution for this, I’d love to hear about it.


You could probably setup and configure plug_attack to block the offending IPs. See in particular the fail2ban rule function, with which you can fail specific requests, and temporarily ban IPs that keep trying them.

Admittedly, I do not have experience with it, but it is very similar to Ruby’s rack-attack, that offers the same features in Ruby applications, and that I used in the past for these kind of cases.


Dealed with it last week. Fail2ban was not only the easiest but also the most effective solution. For Nginx we scraped the acces.log for 404’s.


Here’s some more details on implementing PlugAttack, it’s a great library for dealing with this