Welcome to WebmasterWorld Guest from 188.8.131.52
I'm still frightened of using htaccess in the httpd.conf file.
I'm still frightened of using htaccess in the httpd.conf file
Since, I have Allow All in this newly attacked site, then I have to Deny From aaa.bbb.ccc.ddd *again* for each of his attempts.
A solution is to use the SetEnvIfNoCase Referer (mod_setenvif; Apache)
In the log example you provided I see four potential words:
You'll also need to set an environment variable (env=), then add that variable word you select onto the end of SetEnvIfNoCase Referer line.
What I would like is if you placed some code inside this VH that would stop *any* access from www.baidu.com.
SetEnvIfNoCase Referer baidu badguy
Allow from all
# this next is from advice of wilderness from webmasterworld
Deny from env=badguy
SetEnvIfNoCase Referer "^http://www\.\example\.com/" badguy
I'm still undergoing the same attacks as noted in an earlier post. They have now intensified.
btw, that 'setEnvIfNoCase' directive is not working, because the attacker came thru yesterday with a new IP (again from Amazon) that I had not previously denied, and *it* got thru* to my web site.
184.108.40.206 - - [13/Dec/2012:11:44:02 -0700] "GET / HTTP/1.1" 403 202 "http://www.baidu.com/s?wd=jasper%2 etc.
I've started blocking their China ranges, but have left their Japan ranges open... so far.