a year ago
Hi I keep seeing this "bun" thing in my logs (I'm not very deep into my web dev experience just yet). Is this person attacking my site or trying to do something here?
6 Replies
a year ago
Bun is a javascript runtime, I'm unsure why its being named there
My best guess would be that its the user-agent in which case the requests are coming from a server using Bun
it could be a brute force attack, probably best to assume the worst and act quickly
ratelimiting, geo blocking and IP banning will solve this problem
a year ago
if your /login allows logging in via passed headers or params or whatever then this could be a brute force attack, though its unclear why there's GET requests mixed in; unless the attacker is just throwing darts in the dark
a year ago
Perfect!
a year ago
all clear to mark as solved?