| 5:03 pm on Sep 27, 2013 (gmt 0)|
Maybe you're code isn't working as intended. Post a snippet of what you're using to block IPs.
| 3:51 pm on Sep 29, 2013 (gmt 0)|
Thanks for your reply.
I am using vbulletin software script.
| 3:11 pm on Nov 21, 2013 (gmt 0)|
Any more suggestions, or i am locked blocking unrequested IPs ?
Request for help ?
I tried searching for many options, but it was dead end.
| 4:39 pm on Nov 21, 2013 (gmt 0)|
|I am using vbulletin software script |
As long as you persist upon using the PHP Forum scripts you'll be chasing these pests for all eternity (based upon past experiences in similar PHP Forums).
The most effective (and general) application is to limit their access with htaccess and from your root directory, thus they never even see the PHP and/or vBulletin software.
| 8:21 pm on Nov 21, 2013 (gmt 0)|
I assume vbulletin is PHP and you are running on linux?
If so, use .htaccess to block whatever you need to block. If that doesn't work you are probably doing something wrong.
There's a lot of help online for .htaccess as well as in this forum (and probably server forums such as apache hereabouts).
| 10:22 pm on Nov 21, 2013 (gmt 0)|
|I assume vbulletin is PHP |
FWIW, vBulletin, SMF and many other types of web-based forums are all primarily run on PHP.
I've managed both of the above two formats for other websites and htaccess in the root was the most effective solution (far less time consuming).
| 7:30 am on Nov 22, 2013 (gmt 0)|
Thank You for your answers.
I understand, I have to block each of this IP address in the root domain .htaccess file. (I am running the forum on a subdomain).
Is there any limit on total number of IPs I can add to .htaccess file ?
| 8:09 am on Nov 22, 2013 (gmt 0)|
|Is there any limit on total number of IPs I can add to .htaccess file ? |
Nope, however some caution needs to be used in applying ranges, rather than specific IP's down to the Class D, or else the bot will just come back on a different Class C or Class D.
You should also learn to keep the ranges in some type of ascending order for easier control/reference.
Here's the latest AWS ranges as of Dec-2012:
deny from 18.104.22.168/14 22.214.171.124/16 126.96.36.199/15 188.8.131.52/17 184.108.40.206/20 220.127.116.11/14 18.104.22.168/14 22.214.171.124/12 126.96.36.199/12 188.8.131.52/18 184.108.40.206/19
Deny from env=keep_out
Additionally, if you have an htaccess within the sub-domain, than you may require adjustments in that sub-domain htaccess so that the root domain takes precedence (as it should be).
| 7:59 pm on Nov 23, 2013 (gmt 0)|
IP ranges are not the only thing you need to block. Think user-agents for the more honest (but unwanted) bot and other header field combinations to block new attacks.
Today I axed some dozen NEW (to me) attack IPs (and I have a LOT of indexed IP ranges!) mostly, but not all, from DSL ranges which are not usually blocked. These hits are almost certainly all from compromised machines and, since it's the weekend, probably from home computers.
There was a recent take-down of a criminal network (again!). Every time this happens there is a new spate of attacks on servers and domestic machines alike trying to regenerate the number of hacked machines. Makes sense but very annoying.