Security on Webapp against hacking attempts

I hava a under-construction django webapp on Heroku. While checking the latest features on the logs, I read a great deal (several hundreds) of rapid succesion GET request, asking for passwords, keys, and other sensible credentials. This is new, we are only 2 people working daily on the website, and it makes no sense as the WebApp doesnt ask and doesnt have these credential, so they are hacking attempts. I know nothing about web security. Sorry if I am asking or saying obvious or wrong things

My questions are:

what to do now ?
How do I prenvent these specific attacks from happening and been sucesfull ?
How do I prevent other common attacks from happening and been sucesfull ?
How can assets the webapp vulnerabilities ?

I wrote the fwd="latest_ip" on https://www.iplocation.net/ip-lookup trying to know from where the attacks came from, but it shows widely different results.

I imagine that I need a Firewall. But I dont know which rule I should apply, or if there is an option to protect from django (instead of the firewall), or other option. Reading https://devcenter.heroku.com/articles/expeditedwaf it seems that :

CAPTCHA protection rule for the entire site (enter / as the URL)
Country from GETing option (but I dont know the country to block)
force all client requests from http to https on the Stop Attack page.
Block Bots (Blocking user agents)
Blocking anonymous proxies

Thanks in advnace

2025-04-01T01:31:35.112725+00:00 app[web.1]: 10.1.YY.XXX - - [01/Apr/2025:01:31:35 +0000] "GET /settings.json HTTP/1.1" 404 3146 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36"
2025-04-01T01:31:35.113051+00:00 heroku[router]: at=info method=GET path="/settings.json" host=www.mywebapp.com request_id=e6f6a459-be25-4c54-bd4e-208fb6e68d2b fwd="first_ip" dyno=web.1 connect=0ms service=6ms status=404 bytes=3435 protocol=http
2025-04-01T01:31:35.201311+00:00 app[web.1]: Not Found: /.settings.json
2025-04-01T01:31:35.201542+00:00 app[web.1]: 10.1.YY.XXX - - [01/Apr/2025:01:31:35 +0000] "GET /.settings.json HTTP/1.1" 404 3149 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36"
2025-04-01T01:31:35.201914+00:00 heroku[router]: at=info method=GET path="/.settings.json" host=www.mywebapp.com request_id=9e31cb3d-c0d1-4a5f-8f72-6b0aa7c41853 fwd="first_ip" dyno=web.1 connect=0ms service=5ms status=404 bytes=3438 protocol=http
2025-04-01T01:31:35.291901+00:00 app[web.1]: Not Found: /.aws_config.js
2025-04-01T01:31:35.292481+00:00 app[web.1]: 10.1.YY.XXX - - [01/Apr/2025:01:31:35 +0000] "GET /.aws_config.js HTTP/1.1" 404 3149 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36"
2025-04-01T01:31:35.292543+00:00 heroku[router]: at=info method=GET path="/.aws_config.js" host=www.mywebapp.com request_id=3ac8b2bc-1598-4d98-b341-35dfb9533288 fwd="first_ip" dyno=web.1 connect=0ms service=6ms status=404 bytes=3438 protocol=http
2025-04-01T01:31:40.557600+00:00 app[web.1]: Not Found: /.aws_secrets.js

2025-04-02T06:06:56.109516+00:00 heroku[router]: at=info method=GET path="/.env" host=www.mywebapp.com request_id=cfb6ec22-62ad-4199-aa06-efdc92a76e5e fwd="latest_ip" dyno=web.1 connect=0ms service=5ms status=404 bytes=3408 protocol=http
2025-04-02T06:06:56.402547+00:00 app[web.1]: Not Found: /.env
2025-04-02T06:06:56.402832+00:00 app[web.1]: 10.1.AA.BBB - - [02/Apr/2025:06:06:56 +0000] "GET /.env HTTP/1.1" 404 3120 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.135 Safari/537.36 Edge/12.10240"
2025-04-02T06:06:56.403317+00:00 heroku[router]: at=info method=GET path="/.env" host=www.mywebapp.com request_id=d6b317b3-2282-4c7b-b52f-6e87939ef4e3 fwd="latest_ip" dyno=web.1 connect=0ms service=6ms status=404 bytes=3409 protocol=https
2025-04-02T06:06:57.788377+00:00 app[web.1]: Not Found: /.aws/credentials
2025-04-02T06:06:57.788665+00:00 app[web.1]: 10.1.CC.DDD - - [02/Apr/2025:06:06:57 +0000] "GET /.aws/credentials HTTP/1.1" 404 3155 "-" "Mozilla/5.0 (Linux; U; Android 4.0.3; en-us; KFTT Build/IML74K) AppleWebKit/535.19 (KHTML, like Gecko) Silk/2.1 Mobile Safari/535.19 Silk-Accelerated=true"
2025-04-02T06:06:57.789281+00:00 heroku[router]: at=info method=GET path="/.aws/credentials" host=www.mywebapp.com request_id=3a455ff8-4dd6-4f68-bc48-535ce00bb4dd fwd="latest_ip" dyno=web.1 connect=0ms service=5ms status=404 bytes=3444 protocol=http
2025-04-02T06:06:58.200582+00:00 app[web.1]: Not Found: /.env.example
2025-04-02T06:06:58.200869+00:00 app[web.1]: 10.1.EE.FFF - - [02/Apr/2025:06:06:58 +0000] "GET /.env.example HTTP/1.1" 404 3143 "-" "Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5)"
2025-04-02T06:06:58.201154+00:00 heroku[router]: at=info method=GET path="/.env.example" host=www.mywebapp.com request_id=8a2680e7-76e5-42c7-a9e6-d0e40bcc95b9 fwd="latest_ip" dyno=web.1 connect=1ms service=5ms status=404 bytes=3432 protocol=http
2025-04-02T06:06:58.766858+00:00 app[web.1]: Not Found: /.env.production

Вернуться на верх

Последние вопросы и ответы

Django app with Azure storage account - images are not saved to blob storage container

Django superuser privileges

django.core.exceptions.ImproperlyConfigured: [closed]

django Pannel error Could not reach the URL. Please check the link

Django project - Redis connection "kombu.exceptions.OperationalError: invalid username-password pair or user is disabled."

Django Select2 Autocomplete: How to Pass Extra Parameter (argId) to the View?

I do not understand why in Django Rest Framework, my serializer do not serialize the file I gave it

Security on Webapp against hacking attempts

Custom sorting of the Django admin panel sidebar

Javascript mystery error - Event listener does not fire

Security on Webapp against hacking attempts

Последние вопросы и ответы

Рекомендуемые записи по теме