homepage Welcome to WebmasterWorld Guest from 54.167.185.110
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Become a Pro Member

Home / Forums Index / WebmasterWorld / Website Analytics - Tracking and Logging
Forum Library, Charter, Moderators: Receptional & mademetop

Website Analytics - Tracking and Logging Forum

    
Problems with a recurring visitor
how do I stop him
Andy_White




msg:904535
 2:32 pm on Mar 17, 2003 (gmt 0)

Hi,

checking my online logs today I noticed a visitor who is looping through the same cycle of 10 images on one of my sites. The requests are a constant loop, it takes less than a second to loop through and then it starts again. So far today it's thousands of requests.

a sample log entry is :-

www.xxxxxxxxx 65.137.42.30 - - [17/Mar/2003:05:33:16 +0000] "GET /images/pic2.jpg HTTP/1.1" 304 - "http://www.xxxxxxxxx/xxxxxxx.html" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; Q312461; YComp 5.0.2.4)"

The return code is a 304 so nothing is being sent but it's impacting response times, so I added in a .htaccess to stop it, but that didn't work (see below) and now it's a 403 with data.

www.xxxxxxxxx 65.137.42.30 - - [17/Mar/2003:13:51:41 +0000] "GET /images/pic5.jpg HTTP/1.1" 403 665 "http://www.xxxxxxxxxxxx/xxxxxxx.html" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; Q312461; YComp 5.0.2.4)"

Has anybody got any suggestions (I tried suspendeding the site briefly but it's still coming back.

Cheers

Andy

 

Gibble




msg:904536
 2:38 pm on Mar 17, 2003 (gmt 0)

ban that IP address

Chris_R




msg:904537
 2:42 pm on Mar 17, 2003 (gmt 0)

OrgAbuseName: Qwest IP Abuse
OrgAbusePhone: +1-703-363-3001
OrgAbuseEmail: abuse@qwest.net

Andy_White




msg:904538
 3:41 pm on Mar 17, 2003 (gmt 0)

"ban that IP address"

That's what I did,

I put up an htaccess file with

Order Allow,Deny
Allow from all
Deny from 65.137.42.30

which is when the return code went from a 304 to a 403.

Regarding the abuse, I think it's more the dump bot has got itself caught in an infinite loop, and I want to break the cycle.

Gibble




msg:904539
 4:00 pm on Mar 17, 2003 (gmt 0)

block it before the webserver

Andy_White




msg:904540
 4:40 pm on Mar 17, 2003 (gmt 0)

"block it before the webserver"

I run an apache web server with multiple sites.
I've currently got the htaccess file in the "web" directory of this specific site.

Where should I put it to stop it before it gets there?

Gibble




msg:904541
 5:02 pm on Mar 17, 2003 (gmt 0)

I meant block the IP at a router before the webserver

Global Options:
 top home search open messages active posts  
 

Home / Forums Index / WebmasterWorld / Website Analytics - Tracking and Logging
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved