Help! I need to keep an IP from visiting

Forum Moderators: phranque

Message Too Old, No Replies

Help! I need to keep an IP from visiting

Main_Mike

3:43 am on Nov 23, 2002 (gmt 0)

Please excuse the inexperience, but can someone give me a step-by-step on how to keep a specific IP address from viewing my site/files? It seems I have been visited by someone who uses a fake IP address gets into files and posts false info on sites.

for your info, the visiter's agent switched between the following during his short but file intensive visit:
Mozilla/3.01 (compatible; )
Mozilla/4.0 (compatible; MSIE 5.5; Windows NT 4.0; T312461; Hotbar 4.1.5.0
Mozilla/3.01 (compatible; )

while his IP was 198.26.130.36

Also, any way I can see if damage was done in the way of passwords found or any other potentially harmful things?
Thanks Mike

NeedScripts

4:17 am on Nov 23, 2002 (gmt 0)

in your .htaccess file put the following line

deny from 198.26.130.36

jdMorgan

4:50 am on Nov 23, 2002 (gmt 0)

MainMike,

Mozilla/3.01 (compatible; ) is a typical caching-proxy user-agent. It usually just means that the user's ISP provides a caching proxy between their users and the 'net to minimize redundant traffic to/from the web. An example is AOL - and even many smaller regional ISPs do this.

So, in and of itself, that particular user-agent appearing after an initial page request from a "real" user-agent is not a problem. Note that this initial page request might even be days or weeks in the past, depending on how you have configured your "Expires", "must-revalidate", and "no-cache" server headers.

However, this in no way changes the fact that your visitor is behaving badly. Blocking this visitor by IP address is definitely the way to go - I just wanted to point out what seeing the Mozilla/3.01 (compatible; ) user-agent means.

Jim