Is anybody aware of any libraries for Phoenix that deal with bots sending malformed URLs?
Here’s an example:
[Phoenix.Router.MalformedURIError *MereWeb.Router.call/2*
](https://sentry.io/organizations/personal-6jx/issues/2746880988/?project=5996367&query=is%3Aunresolved)
malformed URI path: "/cgi-bin/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/bin/sh"
I’m getting a bunch of entries like these showing up in my Sentry alerts and if anyone is aware of a plugin solution for this, I’d love to hear about it.
You could probably setup and configure plug_attack to block the offending IPs. See in particular the fail2ban rule function, with which you can fail specific requests, and temporarily ban IPs that keep trying them.
Admittedly, I do not have experience with it, but it is very similar to Ruby’s rack-attack, that offers the same features in Ruby applications, and that I used in the past for these kind of cases.