Welcome to WebmasterWorld Guest from 54.167.0.111

Forum Moderators: Ocean10000 & incrediBILL

Message Too Old, No Replies

About wowrack and dotnetdot.com

hosting or isp or what?

     

iwillgetu

4:39 pm on Oct 2, 2012 (gmt 0)



Can anyone explain me what they are?
They are a hosting company right?

And their IP range as i see is 208.115.96.* till 208.115.126.255

Ok so if you go to some "whois" page it says ISP=wowrack

This is what i need answered:
All visitors from their IP's thats not real people right? Thats all some machines that are provided(sold) and accesed remotely right?

So i dont need any of those to visit my website right?

Thanks!

iwillgetu

6:41 pm on Oct 2, 2012 (gmt 0)



Thanks for moving to needed thread. i posted there because i couldn find any better sorry

wilderness

7:02 pm on Oct 2, 2012 (gmt 0)

WebmasterWorld Senior Member wilderness is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month



Here's a similar thread [webmasterworld.com]

iwillgetu

7:45 pm on Oct 2, 2012 (gmt 0)



Thanks well i blocked all this ip's

isnt there easier way to block ip range than this?
i block like this...

deny from 208.115.96.
deny from 208.115.97.
deny from 208.115.98.
deny from 208.115.99.
...

wilderness

8:54 pm on Oct 2, 2012 (gmt 0)

WebmasterWorld Senior Member wilderness is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month



You may used CIDR in the deny from method:
208.115.96.0 - 208.115.127.255

deny from 208.115.96.0/19

Or in mod_rewrite:

RewriteEngine on
RewriteCond %{REMOTE_ADDR} ^208\.115\.(9[6-9]|1[01][0-9]|12[0-7])\. [OR]
RewriteCond %{REMOTE_ADDR} ^216\.176\.1(7[6-9]|8[0-9]|9[01])\.
RewriteRule .* - [F]

lucy24

9:40 pm on Oct 2, 2012 (gmt 0)

WebmasterWorld Senior Member lucy24 is a WebmasterWorld Top Contributor of All Time Top Contributors Of The Month



208.115.96.* till 208.115.126.255

Assuming for the sake of discussion that that's a typo and the second piece is really ..127..

You will very soon get these internalized. Chunks of 32 (inclusive) are /19 or /11 or -- shudder -- /27 depending on how deep into the number you go.

iwillgetu

10:07 pm on Oct 2, 2012 (gmt 0)



so if i write
order allow,deny
deny from 208.115.96.0 - 208.115.127.255
allow from all

thats ok?

wilderness

10:24 pm on Oct 2, 2012 (gmt 0)

WebmasterWorld Senior Member wilderness is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month



thats ok?


NO!

order allow,deny
deny from 208.115.96.0/19
allow from all

Additionally, it's best advised to use the format deny,allow to assure function of ErrerorDocuments ana custom 403's.

iwillgetu

10:32 pm on Oct 2, 2012 (gmt 0)



Ok please explain me what this 0./19 means?

208.115.96 (96) + 19 ? = 115 ?

I have custom 403 but the default apache is presented to blocked ones.

thanks

g1smd

10:37 pm on Oct 2, 2012 (gmt 0)

WebmasterWorld Senior Member g1smd is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month



Google search: "CIDR notation".

iwillgetu

10:43 pm on Oct 2, 2012 (gmt 0)



yes i am aware of google existance and its purpose thanks for help g1smd

i checked those poor writen documentations but i still dont understand what those writers want to say and i am sure you didnt 2 and someone explained you better

nevermind i will make htaccess 50MB

g1smd

10:44 pm on Oct 2, 2012 (gmt 0)

WebmasterWorld Senior Member g1smd is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month



I see no point in cutting and pasting the Wikipedia article on CIDR notation into this thread for you to read.

iwillgetu

10:46 pm on Oct 2, 2012 (gmt 0)



sorry i am just mad as hell, not on you.

all those stu*id competitors and bots killing my busines, last thing i noticed they come from [google.(XXX)...] WITH QUERY and they stay on site <2 secconds MAKES google think my site is not giving good results of what users search for :(

iwillgetu

10:51 pm on Oct 2, 2012 (gmt 0)



so if i am right i actualy need this:

deny from 208.115.96.0/20
deny from 208.115.112.0/21
deny from 208.115.120.0/22
deny from 208.115.124.0/23
deny from 208.115.126.0/24

wilderness

2:38 am on Oct 3, 2012 (gmt 0)

WebmasterWorld Senior Member wilderness is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month



Ok please explain me what this 0./19 means?


Sorry, I'm not CIDR user (I use mod_rewrite for those types of expressions.

Just do a WHOIS on 208.115.96.0 and the CIDR range is provided on the second line.

There are numerous CIDR calculator/converters for free use on the www, some even explain the bits and bytes.

This range
208.115.96.0 - 208.115.127.255

and this range
208.115.96.0/19

are identical, and just expressed in a different syntax.

wilderness

2:39 am on Oct 3, 2012 (gmt 0)

WebmasterWorld Senior Member wilderness is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month



so if i am right i actualy need this:

deny from 208.115.96.0/20
deny from 208.115.112.0/21
deny from 208.115.120.0/22
deny from 208.115.124.0/23
deny from 208.115.126.0/24


NO!
You need the single line I've now provided thrice:

208.115.96.0/19

lucy24

10:03 am on Oct 3, 2012 (gmt 0)

WebmasterWorld Senior Member lucy24 is a WebmasterWorld Top Contributor of All Time Top Contributors Of The Month



so if i am right i actualy need this:

deny from 208.115.96.0/20
deny from 208.115.112.0/21
deny from 208.115.120.0/22
deny from 208.115.124.0/23
deny from 208.115.126.0/24

If 208.115.127.n truly is absent from your series, then yes, you would be exactly right. But I really doubt it is.

/19 means, in English: if you put the whole string of numbers into binary notation (total of 32 digits), then the first 19 digits are the same. So
/8 means all of 208
/16 means all of 208.115
/24 means all of 208.114.126

I just re-checked a random wowrack number and landed on

208.115.96.0 - 208.115.127.255
208.115.96.0/19

so I think your original ..126.. was a typo. Or you read too fast. WhoIs and similar lookups will generally do the work for you by including the CIDR range.

iwillgetu

7:00 pm on Oct 3, 2012 (gmt 0)



How can i redirect all this zombies to another website?

g1smd

7:32 pm on Oct 3, 2012 (gmt 0)

WebmasterWorld Senior Member g1smd is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month



You can't.

You can send a 301 status code but they don't have to obey it, and probably won't.

dstiles

7:43 pm on Oct 3, 2012 (gmt 0)

WebmasterWorld Senior Member dstiles is a WebmasterWorld Top Contributor of All Time 5+ Year Member



Also not a good idea even if you can do it. Presumably you would redirect it to a "bad" site which may well detect the hits in their logs and launch a ddos against you. If you direct them to a "good" site they may well complain to your ISP and get you dumped.

iwillgetu

7:46 pm on Oct 3, 2012 (gmt 0)



no i ment to redirect them to another my server where i can collect informations about them

then use it for protection for year or 2

lucy24

10:03 pm on Oct 3, 2012 (gmt 0)

WebmasterWorld Senior Member lucy24 is a WebmasterWorld Top Contributor of All Time Top Contributors Of The Month



Not worth it. Redirecting a spammer to something like 127.0.0.1 or to its own originating IP may give you a warm fuzzy feeling. But it will have no real effect, because robots don't have to follow redirects. And unless it's a phenomenally stupid robot* it will stop short and say "127.0.0.1? Isn't that...?" and scratch it off the shopping list, if any.


* We've met them ;) My favorite was the one that interpreted anything immediately after "<a " as a literal link. I've never seen such a collection of 404s.