mel_the_snowbird - 11:40 pm on Dec 21, 2012 (gmt 0)
Hi Wilderness & Lucy:
Here is the actual 'log' access where I've obscured the badguy with 'example':
22.214.171.124 - - [20/Dec/2012:11:46:42 -0700] "GET / HTTP/1.1" 200 962933 "http://www.example.com/s?wd=resort%20in%20charlevoix&pn=100&ie=utf-8&usm=1&rsv_page=1" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; Sky Broadband; GTB6.6; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; .NET4.0C; .NET4.0E)"
Altho he got thru to me with this attempt, you'll see below that I Denied him further access with a quick mod to my httpd.conf file below.
Here is my Virtual host definition where I've used 'mysite' instead of my actual site, and 'mydir' for the actual sub-directory of my CGI executable 'myscript.exe':
I'm not sure of the '^' hat character at the start of the regex string. Please take a look at the set up and the use of the badguy vrbl. I hope I've implemented it correctly.
Because I use a port number along with ww2. to access my site, I changed the Port Number to 9999
I note (with a *shock*) that I used a backslash immediately in front of the '\example.com' below. Why did I do this ?
Will look at it and correct it if unless I made a type here :(
Thanks to y'all
********* fragment of httpd.conf file below********
SetEnvIfNoCase Referer "^http://www\.\example\.com" badguy
Options ExecCGI Indexes FollowSymLinks
Allow from all
Deny from 126.96.36.199 91. 46.17. 77.234. 1.202. 31.214. 110.75. 109.230. 117.22. 193.151. 208.80.194.
Deny from 107.20. 107.22. 175.180. 175.181. 175.182.
Deny from 119.63. 123.125. 204.236. 204.56. 23. 50. 54. 67.202 184.73. 184.72. 107.21. 220.181.
Deny from 203.184.
# this next is from advice of webmasterworld and others. Hope it works
Deny from env=badguy
# This next one (IP: 188.8.131.52) sneaked by the badguy env vbl above
Deny from 72.44.
# This next IP is from the Russian Yandex Bot (184.108.40.206)which troubles me:
Deny from 95.108.
AddOutputFilterByType DEFLATE text/html text/plain text/xml
ScriptAlias /cgi-bin/mydir/ "C:/Apache/cgi-bin/mydir/"
AddHandler cgi-script .exe
DirectoryIndex myscript.exe index.html