homepage Welcome to WebmasterWorld Guest from 54.166.14.218
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Become a Pro Member

Home / Forums Index / Code, Content, and Presentation / Apache Web Server
Forum Library, Charter, Moderators: Ocean10000 & incrediBILL & phranque

Apache Web Server Forum

    
block spammers on proxies
jackvull

5+ Year Member



 
Msg#: 4450307 posted 12:24 pm on May 7, 2012 (gmt 0)

I have a spammer on my site from Africa so I block restricted IP access from that country and a number of other countries.
However, the same guy then went through another proxy in an allowed country to create an account.
The large majority of legitimate users on my site come from home broadband connections where a proxy is not in use.
So, I wondered if I could block proxy access.
How do I build this into my current htaccess?

new code
# BLOCK PROXY VISITS
# PerishablePress.com: [bit.ly...]
<ifModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{HTTP:VIA} !^$ [OR]
RewriteCond %{HTTP:FORWARDED} !^$ [OR]
RewriteCond %{HTTP:USERAGENT_VIA} !^$ [OR]
RewriteCond %{HTTP:X_FORWARDED_FOR} !^$ [OR]
RewriteCond %{HTTP:PROXY_CONNECTION} !^$ [OR]
RewriteCond %{HTTP:XPROXY_CONNECTION} !^$ [OR]
RewriteCond %{HTTP:HTTP_PC_REMOTE_ADDR} !^$ [OR]
RewriteCond %{HTTP:HTTP_CLIENT_IP} !^$
RewriteRule .* - [F]
</ifModule>

current code
RewriteEngine On
RewriteCond %{HTTP_HOST} !^(www\.mysite\.co\.uk)?$
RewriteCond $1 !^cart/updateorders\.php$
RewriteCond $1 !^IntegrityCheck\.php$
RewriteRule ^(.*)$ [mysite.co.uk...] [R=301,L]

I also want to allow access from my own proxy server, so how do I turn off rewrite if it's a proxy I know?

 

wilderness

WebmasterWorld Senior Member wilderness us a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month



 
Msg#: 4450307 posted 2:08 pm on May 8, 2012 (gmt 0)

There's a Feb thread [webmasterworld.com] almost identical, in which no solution was offered.

There's also a similar January thread, (hijacked by Bill and g1smd debating the perils of Proxy). in which a solution was never provided, thus it appears your SOL.

jackvull

5+ Year Member



 
Msg#: 4450307 posted 3:36 pm on May 8, 2012 (gmt 0)

Why do these ISPs use proxies?! Shouldn't they have a direct to internet connection with other firewall rules rather than running it through a proxy?

Is there a way to do a DNS blacklist lookup instead?

Will this block googlebot by accident?

wilderness

WebmasterWorld Senior Member wilderness us a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month



 
Msg#: 4450307 posted 3:44 pm on May 8, 2012 (gmt 0)

Why do these ISPs use pr---es?


The only way you'd get am accurate answer would be to communicate with them directly.

Is there a way to do a DNS blacklist lookup instead?


I do not know, nor, does it seem anybody else, else a solution would have been provided in the previous threads.

There are many inquires in this forum for pr---es, simply because the SE's pick up the word and the results attract additional inquires.
Traditionally speaking, there has been very little discussion of that same topic in this forum (and even less solutions), yet the inquires keep coming.

jackvull

5+ Year Member



 
Msg#: 4450307 posted 3:46 pm on May 8, 2012 (gmt 0)

Considering the amount of spam around nowadays, I'd think it was quite an important topic.
If not a hardcode block like this or to block ISPs, there must be some way of managing it.

wilderness

WebmasterWorld Senior Member wilderness us a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month



 
Msg#: 4450307 posted 3:49 pm on May 8, 2012 (gmt 0)

SSID Forum [webmasterworld.com], is the correct forum for this thread, however you'll likely get little response there as well.

lucy24

WebmasterWorld Senior Member lucy24 us a WebmasterWorld Top Contributor of All Time Top Contributors Of The Month



 
Msg#: 4450307 posted 8:40 pm on May 8, 2012 (gmt 0)

<ifModule mod_rewrite.c>
...
</ifModule>


Dump this. The envelope, that is, not its contents! It's htaccess boilerplate that probably came with your cms. Now that you're in your own individual site, you either have mod_rewrite or you don't.

I don't suppose your spammer is thoughtful enough to use the same UA each time?

The short version of the proxy discussion is: There exist legitimate reasons for legitimate humans* to use proxies. There are also legitimate humans who have no choice, because they're connecting through something that goes through a proxy whether they like it or not.


* This is not a reference to the marital status of the human user's parents.

enigma1

WebmasterWorld Senior Member 5+ Year Member



 
Msg#: 4450307 posted 11:57 am on May 15, 2012 (gmt 0)

In which way they abuse your site? Is it connections and b/w wasted or account/checkout problems? For instance, if you're using customer accounts for your cart, then one way is to force a validated account creation meaning the customer gets an email about his account registration and has to click a link to activate his account. If there is a vulnerability with your site then you should fix it. Look at the server logs to see what they try to access from the proxy your refer to.

Global Options:
 top home search open messages active posts  
 

Home / Forums Index / Code, Content, and Presentation / Apache Web Server
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved