homepage Welcome to WebmasterWorld Guest from 54.211.231.221
register, free tools, login, search, subscribe, help, library, announcements, recent posts, open posts,
Accredited PayPal World Seller

Visit PubCon.com
Home / Forums Index / Code, Content, and Presentation / Apache Web Server
Forum Library, Charter, Moderators: Ocean10000 & incrediBILL & phranque

Apache Web Server Forum

    
block spammers on proxies
jackvull




msg:4450309
 12:24 pm on May 7, 2012 (gmt 0)

I have a spammer on my site from Africa so I block restricted IP access from that country and a number of other countries.
However, the same guy then went through another proxy in an allowed country to create an account.
The large majority of legitimate users on my site come from home broadband connections where a proxy is not in use.
So, I wondered if I could block proxy access.
How do I build this into my current htaccess?

new code
# BLOCK PROXY VISITS
# PerishablePress.com: [bit.ly...]
<ifModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{HTTP:VIA} !^$ [OR]
RewriteCond %{HTTP:FORWARDED} !^$ [OR]
RewriteCond %{HTTP:USERAGENT_VIA} !^$ [OR]
RewriteCond %{HTTP:X_FORWARDED_FOR} !^$ [OR]
RewriteCond %{HTTP:PROXY_CONNECTION} !^$ [OR]
RewriteCond %{HTTP:XPROXY_CONNECTION} !^$ [OR]
RewriteCond %{HTTP:HTTP_PC_REMOTE_ADDR} !^$ [OR]
RewriteCond %{HTTP:HTTP_CLIENT_IP} !^$
RewriteRule .* - [F]
</ifModule>

current code
RewriteEngine On
RewriteCond %{HTTP_HOST} !^(www\.mysite\.co\.uk)?$
RewriteCond $1 !^cart/updateorders\.php$
RewriteCond $1 !^IntegrityCheck\.php$
RewriteRule ^(.*)$ [mysite.co.uk...] [R=301,L]

I also want to allow access from my own proxy server, so how do I turn off rewrite if it's a proxy I know?

 

wilderness




msg:4450827
 2:08 pm on May 8, 2012 (gmt 0)

There's a Feb thread [webmasterworld.com] almost identical, in which no solution was offered.

There's also a similar January thread, (hijacked by Bill and g1smd debating the perils of Proxy). in which a solution was never provided, thus it appears your SOL.

jackvull




msg:4450877
 3:36 pm on May 8, 2012 (gmt 0)

Why do these ISPs use proxies?! Shouldn't they have a direct to internet connection with other firewall rules rather than running it through a proxy?

Is there a way to do a DNS blacklist lookup instead?

Will this block googlebot by accident?

wilderness




msg:4450879
 3:44 pm on May 8, 2012 (gmt 0)

Why do these ISPs use pr---es?


The only way you'd get am accurate answer would be to communicate with them directly.

Is there a way to do a DNS blacklist lookup instead?


I do not know, nor, does it seem anybody else, else a solution would have been provided in the previous threads.

There are many inquires in this forum for pr---es, simply because the SE's pick up the word and the results attract additional inquires.
Traditionally speaking, there has been very little discussion of that same topic in this forum (and even less solutions), yet the inquires keep coming.

jackvull




msg:4450881
 3:46 pm on May 8, 2012 (gmt 0)

Considering the amount of spam around nowadays, I'd think it was quite an important topic.
If not a hardcode block like this or to block ISPs, there must be some way of managing it.

wilderness




msg:4450883
 3:49 pm on May 8, 2012 (gmt 0)

SSID Forum [webmasterworld.com], is the correct forum for this thread, however you'll likely get little response there as well.

lucy24




msg:4451029
 8:40 pm on May 8, 2012 (gmt 0)

<ifModule mod_rewrite.c>
...
</ifModule>


Dump this. The envelope, that is, not its contents! It's htaccess boilerplate that probably came with your cms. Now that you're in your own individual site, you either have mod_rewrite or you don't.

I don't suppose your spammer is thoughtful enough to use the same UA each time?

The short version of the proxy discussion is: There exist legitimate reasons for legitimate humans* to use proxies. There are also legitimate humans who have no choice, because they're connecting through something that goes through a proxy whether they like it or not.


* This is not a reference to the marital status of the human user's parents.

enigma1




msg:4453695
 11:57 am on May 15, 2012 (gmt 0)

In which way they abuse your site? Is it connections and b/w wasted or account/checkout problems? For instance, if you're using customer accounts for your cart, then one way is to force a validated account creation meaning the customer gets an email about his account registration and has to click a link to activate his account. If there is a vulnerability with your site then you should fix it. Look at the server logs to see what they try to access from the proxy your refer to.

Global Options:
 top home search open messages active posts  
 

Home / Forums Index / Code, Content, and Presentation / Apache Web Server
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About
© Webmaster World 1996-2014 all rights reserved