{"_id":"55dc837b55be9f21004ee283","user":"55dc702d7fa0290d00559106","project":"55db8f8f1a91690d007ad975","parentDoc":null,"__v":6,"category":{"_id":"57d9b91cda17c30e003897f4","project":"55db8f8f1a91690d007ad975","__v":0,"version":"55db8f901a91690d007ad978","sync":{"url":"","isSync":false},"reference":false,"createdAt":"2016-09-14T20:54:52.969Z","from_sync":false,"order":5,"slug":"suspicious-behavior","title":"Suspicious Behavior"},"githubsync":"","version":{"_id":"55db8f901a91690d007ad978","project":"55db8f8f1a91690d007ad975","__v":17,"createdAt":"2015-08-24T21:41:36.034Z","releaseDate":"2015-08-24T21:41:36.034Z","categories":["55db8f901a91690d007ad979","55db9856b3d6540d00886426","55dc751b00a8811900c230e3","55dc766255be9f21004ee250","55dc769200a8811900c230ed","55e4c701177b6e0d003330fa","55f4915caf0bc71900a53130","55f491b2be9c2b2100f0635d","560b22739c7be70d00100bd8","57488c53e8c6a420000b729c","574cefd95953e20e00f40f9f","5798edfd7700d30e00ad250c","579ac88234b5fd0e00b9e140","57c81c6d690c200e0047b72e","57d9b8fbda17c30e003897f1","57d9b90e608ea00e00f358d8","57d9b91cda17c30e003897f4"],"is_deprecated":false,"is_hidden":false,"is_beta":false,"is_stable":true,"codename":"","version_clean":"1.0.0","version":"1.0"},"updates":[],"next":{"pages":[],"description":""},"createdAt":"2015-08-25T15:02:19.251Z","link_external":false,"link_url":"","sync_unique":"","hidden":false,"api":{"results":{"codes":[]},"settings":"","auth":"required","params":[],"url":""},"isReference":false,"order":8,"body":"HTTP codes in the 5xx range are indicative of a server error. Attackers will generate such errors when making malformed requests which the server cannot properly handle.\n\nA high rate of errors in a short time-span is an indication that the site is being targeted by a vulnerability scanner.\n[block:api-header]\n{\n  \"type\": \"basic\",\n  \"title\": \"Mitigation\"\n}\n[/block]\nWithin a 5 minute window, if the user generates over sixteen HTTP 5xx errors, IMMUNIO will detect it, and if configured to do so will alert with the details on the dashboard.","excerpt":"","slug":"excessive-50xs","type":"basic","title":"Excessive HTTP 500s"}

Excessive HTTP 500s


HTTP codes in the 5xx range are indicative of a server error. Attackers will generate such errors when making malformed requests which the server cannot properly handle. A high rate of errors in a short time-span is an indication that the site is being targeted by a vulnerability scanner. [block:api-header] { "type": "basic", "title": "Mitigation" } [/block] Within a 5 minute window, if the user generates over sixteen HTTP 5xx errors, IMMUNIO will detect it, and if configured to do so will alert with the details on the dashboard.