Welcome to WebmasterWorld Guest from 23.23.46.20

Forum Moderators: Ocean10000 & incrediBILL

AOL changing IPs

Velocity and other traps

   
9:51 pm on Jun 4, 2008 (gmt 0)

5+ Year Member



Iíve known for a while that in the case of changing AOL IPs my velocity triggered events could be better implemented. I still trap some situations but things could be much better. Some time ago I also implemented an embedded IP trap in the web site logic of some functions. Today I realized that the multiple per session, ever changing, AOL IP ďfeatureĒ breaks that logic. Bugger. I need to address the AOL changing IP situation.

Looking back over the logs it appears that:

. gethostbyaddr - not all AOL IPs yield a host name; those that do resolve end in proxy.aol.com.
. UA always seem to contain AOL
. The first three IP octets appear to be constant.

To address the the AOL problem Iím currently thinking about changing to a technique where I identify AOL visitors based on UA (and maybe host name), use only the first three octets of AOL visitors IPs and possibly appended with a hash of some sort per session. That would restore velocity traps to full function and I could re-implement the IP logic trap.

Any suggestions? Help would be much appreciated.

Cheers,
Phred

10:23 pm on Jun 5, 2008 (gmt 0)

WebmasterWorld Administrator incredibill is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month



When dealing with shared IP pools such as AOL and others you need to put special time limits on the quarantine period, such as an hour instead of 24 hours.

Amazingly, many bad bots accept cookies because some sites won't work unless you accept cookies, so I feed them a session cookie and it tracks them across multiple IP addresses on AOL so once I flag the session as bad, you can run, hop IPs, whatever, but until you toss that cookie, you're still blocked ;)

Hope that helps.

 

Featured Threads

Hot Threads This Week

Hot Threads This Month