a way to protect hacking

[gengjun]

Hi, as soon as I turn on my app in the real world, i noticed tons of possibly hacking attempts, which is normal in this world. There're tools such as fail2ban to parse the log and ban their ips. salvo produces some default log messages, such as:

2023-12-07T04:29:50.748696Z ERROR salvo_core::server: accept connection failed error=Custom { kind: Other, error: "received corrupt message of type InvalidServerName" }
2023-12-07T04:36:38.762846Z ERROR salvo_core::server: accept connection failed error=Custom { kind: Other, error: "Connection reset by peer (os error 104)" }
2023-12-07T04:37:54.023440Z ERROR salvo_core::server: accept connection failed error=Custom { kind: Other, error: "peer is incompatible: SignatureAlgorithmsExtensionRequired" }
2023-12-07T04:44:55.787703Z ERROR salvo_core::server: accept connection failed error=Custom { kind: Other, error: "received fatal alert: BadCertificate" }
2023-12-07T04:45:28.581790Z ERROR salvo_core::server: accept connection failed error=Custom { kind: Other, error: "tls handshake eof" }

I wonder if we can output the remote ip so that we could use fail2ban to ban the frequent offenders' ips.

Thanks

[prabirshrestha]

Ideally there should be an apache logger format which is commonly understood by other tools. I wished this was default at least in release mode so Logger::new() just works.

10.185.248.71 - - [09/Jan/2015:19:12:06 +0000] 808840 "GET /inventoryService/inventory/purchaseItem?userId=20253471&itemId=23434300 HTTP/1.1" 500 17 "-" "Apache-HttpClient/4.2.6 (java 1.5)"