I run a web application that has very low traffic, except for some flurries at predictable times.
I’m getting several error alerts a day because vulnerability scanners are trying to find a way in, and keep hitting various errors, such as 404s and CSRF fails. They’re not getting in to my precious data, but they are triggering lots of error alerts, almost to the point I have to ignore alerts or I get nothing else done.
I don’t want to disable checking for 404s in case it highlights a broken link, so how can I prevent my alerts becoming useless due to security scanners? It’s not a known range of IPs or user agents, as they pretend to be all sorts of things, and come from all sorts of locations.
Anyone got any ideas?