It's naive ("let's poke it with a stick and see what happens"), but should be mostly harmless with a properly configured IDS. You don't want to permanently blacklist legitimate users, just discourage malicious ones.
Unfortunately, there's no guarantee that an HTTPS site is identical to the corresponding HTTP site. In most web servers, each one has its own configuration, so it's best to visit SSL sites only when you've been explicitly directed to do so.
Unfortunately, there's no guarantee that an HTTPS site is identical to the corresponding HTTP site. In most web servers, each one has its own configuration, so it's best to visit SSL sites only when you've been explicitly directed to do so.