Forum Moderators: open
9 calls (shown) in 2 seconds, all from the same exact IP number
and each with a different browser/user agent/version #.
I have forgotten how many times suspicious visits have traced back
to RIPE clients, only to see the trail run cold.
I see this batch mostly targets directories.
Question: If I ban these using .htaccess rewrites,
will that return 403 'forbidden' errors as shown? -Larry
For all of those that do not block the entire RIPE like wilderness
Golly Gee Jan ;)
There ya go humiliating me in public again ;)
Edited for larry's benefit.
Yes is your answer.
for this particular IP range use either.
deny from 217.20.114 (plus accompanying lines)
or
RewriteCond %{REMOTE_ADDR} ^217\.20\.11[3-6]\. [OR]
(plus accompanying lines)
I personally (as Jan was kind enough to point out) prefer
deny from 217.
Don
67.19.136.180 - - [24/May/2005:01:39:13 -0700] "GET /myfolder/page1.html HTTP/1.1" 403 - "-" "Mozilla/4.79 [fr] (X11; U; Linux 2.4.18-3smp i686)"
67.19.136.180 - - [24/May/2005:01:41:03 -0700] "GET /myfolder/page2.html HTTP/1.1" 403 - "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; Hotbar 4.1.8.0; FREE; .NET CLR 1.0.3705)"
67.19.136.180 - - [24/May/2005:01:58:54 -0700] "GET /myfolder2/page2.html HTTP/1.1" 403 - "-" "Mozilla/5.0 (Macintosh; U; PPC Mac OS X Mach-O; en-US; rv:1.4) Gecko/20030624 Netscape/7.1"
67.19.136.180 - - [24/May/2005:01:59:02 -0700] "GET /myfolder/page4.html HTTP/1.1" 403 - "-" "Mozilla/4.0 (compatible; MSIE 5.5; Windows 98; Win 9x 4.90; Wanadoo 5.5; .NET CLR 1.1.4322)"
67.19.136.180 - - [24/May/2005:02:01:28 -0700] "GET /myfolder/page3.html HTTP/1.1" 403 - "-" "Mozilla/4.6C-CCK-MCD [en] (X11; I; OSF1 V4.0 alpha)"
67.19.136.180 - - [24/May/2005:02:21:48 -0700] "GET /myfolder2/page1.html HTTP/1.1" 403 - "-" "Mozilla/4.0 (compatible; MSIE 5.5; Windows 98; Win 9x 4.90; PI)"
67.19.136.180 - - [24/May/2005:02:23:00 -0700] "GET /myfolder/page7.html HTTP/1.1" 403 - "-" "Mozilla/4.0 (compatible; MSIE 6.0; MSIE 5.5; Windows 98) Opera 7.02 [en]"
67.19.136.180 - - [24/May/2005:02:24:01 -0700] "GET /myfolder/page9.html HTTP/1.1" 403 - "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows 98; KITV4.6 Wanadoo; KITV4.6 Câble Wanadoo)"
67.19.136.180 - - [24/May/2005:02:27:11 -0700] "GET /myfolder/page8.html HTTP/1.1" 403 - "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows 98; KITV4.7 Wanadoo; MyIE2)"
67.19.136.180 - - [24/May/2005:02:48:39 -0700] "GET /myfolder/page6.html HTTP/1.1" 403 - "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; {788EF9BE-B443-4A79-84DF-233748A280AE})"
67.19.136.180 - - [24/May/2005:02:54:52 -0700] "GET /myfolder/page5.html HTTP/1.1" 403 - "-" "Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0; Wanadoo 5.3; Wanadoo 5.5; i-NavFourF)"
