The past two weeks we have noticed an increase in a particular type of user agent performing malicious amounts of requests. It looks like a new type of brute force attack that uses the user agent python-requests/2.13.0 and has millions of daily requests on our Hypernode platform as you can see in the graph below.
This user agent can increase the shop’s load and therefore can have a negative impact on the performance of your shop. It’s important to take action now since the number of online visitors will rise as a result of COVID-19 and the upcoming holiday season. You really want to preserve all your resources for the converting visitors.
Hypernode blocks this new type of brute force attack for all customers
We have started automatically blocking all requests that have the user agent python-requests/2.13.0 on our fleet of servers. If you do not want to have this user agent blocked, you can make the /data/web/nginx/server.malicious_python_requests empty.
Not hosting at Hypernode? Block it yourself.
If you are not hosting at Hypernode, make sure you block the python-requests/2.13.0 yourself. Important: you shouldn’t block all python-requests since these requests are legitimately used by many clients.
How Hypernode can identify and block new security threats within the hour
Our platform is equipped with a smart proactive thread identification system. The system can identify and block new security threats within the hour. This process is fully automated. No human interaction is necessary, which makes it fast and safe. The setup has been designed in such a way that we can extend it if more spammers or other types of abuse are discovered. This way our Tech department has the means to quickly react to emerging security threats.