Welcome to WebmasterWorld Guest from 54.198.69.193

Forum Moderators: Ocean10000 & incrediBILL

Message Too Old, No Replies

Amazon aws, dedicatedcpanel, serverloft Issues

These domains are dedicatedly screwing my site - Need Help.

     
3:55 pm on Sep 25, 2013 (gmt 0)

5+ Year Member



Hello,
As requested Amazon aws, dedicatedcpanel, serverloft domains are dedicatedly screwing my site - Need Help.

I can find these domains active on my site 24x7 no matter, how much I bann these IPs or IP ranges.

Request help.
5:03 pm on Sep 27, 2013 (gmt 0)

WebmasterWorld Senior Member keyplyr is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month





Maybe you're code isn't working as intended. Post a snippet of what you're using to block IPs.
3:51 pm on Sep 29, 2013 (gmt 0)

5+ Year Member



Hello,
Thanks for your reply.
I am using vbulletin software script.
3:11 pm on Nov 21, 2013 (gmt 0)

5+ Year Member



Any more suggestions, or i am locked blocking unrequested IPs ?
Request for help ?
I tried searching for many options, but it was dead end.


Regards,
4:39 pm on Nov 21, 2013 (gmt 0)

WebmasterWorld Senior Member wilderness is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month



I am using vbulletin software script


As long as you persist upon using the PHP Forum scripts you'll be chasing these pests for all eternity (based upon past experiences in similar PHP Forums).

The most effective (and general) application is to limit their access with htaccess and from your root directory, thus they never even see the PHP and/or vBulletin software.
8:21 pm on Nov 21, 2013 (gmt 0)

WebmasterWorld Senior Member dstiles is a WebmasterWorld Top Contributor of All Time 5+ Year Member



I assume vbulletin is PHP and you are running on linux?

If so, use .htaccess to block whatever you need to block. If that doesn't work you are probably doing something wrong.

There's a lot of help online for .htaccess as well as in this forum (and probably server forums such as apache hereabouts).
10:22 pm on Nov 21, 2013 (gmt 0)

WebmasterWorld Senior Member wilderness is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month



I assume vbulletin is PHP


FWIW, vBulletin, SMF and many other types of web-based forums are all primarily run on PHP.

I've managed both of the above two formats for other websites and htaccess in the root was the most effective solution (far less time consuming).
7:30 am on Nov 22, 2013 (gmt 0)

5+ Year Member



Thank You for your answers.
I understand, I have to block each of this IP address in the root domain .htaccess file. (I am running the forum on a subdomain).

Is there any limit on total number of IPs I can add to .htaccess file ?
8:09 am on Nov 22, 2013 (gmt 0)

WebmasterWorld Senior Member wilderness is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month



Is there any limit on total number of IPs I can add to .htaccess file ?


Nope, however some caution needs to be used in applying ranges, rather than specific IP's down to the Class D, or else the bot will just come back on a different Class C or Class D.

You should also learn to keep the ranges in some type of ascending order for easier control/reference.

Here's the latest AWS ranges as of Dec-2012:
Order Deny,Allow
deny from 107.20.0.0/14 174.129.0.0/16 184.72.0.0/15 204.236.128.0/17 216.182.224.0/20 23.20.0.0/14 50.16.0.0/14 54.224.0.0/12 54.240.0.0/12 67.202.0.0/18 72.44.32.0/19
75.101.128.0/17
Deny from env=keep_out

Additionally, if you have an htaccess within the sub-domain, than you may require adjustments in that sub-domain htaccess so that the root domain takes precedence (as it should be).
7:59 pm on Nov 23, 2013 (gmt 0)

WebmasterWorld Senior Member dstiles is a WebmasterWorld Top Contributor of All Time 5+ Year Member



IP ranges are not the only thing you need to block. Think user-agents for the more honest (but unwanted) bot and other header field combinations to block new attacks.

Today I axed some dozen NEW (to me) attack IPs (and I have a LOT of indexed IP ranges!) mostly, but not all, from DSL ranges which are not usually blocked. These hits are almost certainly all from compromised machines and, since it's the weekend, probably from home computers.

There was a recent take-down of a criminal network (again!). Every time this happens there is a new spate of attacks on servers and domestic machines alike trying to regenerate the number of hacked machines. Makes sense but very annoying.
 

Featured Threads

Hot Threads This Week

Hot Threads This Month