Greenguy's Board

Greenguy's Board (http://www.greenguysboard.com/board/index.php)
-   Newbie Questions (http://www.greenguysboard.com/board/forumdisplay.php?f=5)
-   -   Having trouble banning via .htaccess file (http://www.greenguysboard.com/board/showthread.php?t=45402)

Saturnin 2008-02-09 03:54 AM
Having trouble banning via .htaccess file
 
I get hits every ten minutes from a URL in China (reverse.gdsz.cncnet.net), which keeps trying to log into my members section. I've tried banning via the .htaccess file with both the URL name and the IP address, to no avail, and then gone further up the scale with the IP range (instead of xxx.xxx.xx.xxx, I've gone to xxx.xxx, to no avail either).

Any ideas on how to ban this URL, or maybe cncnet.net completely?

Simon 2008-02-09 06:58 AM
Without an example posted from your current htaccess file, it's hard to tell where you might have gone wrong. Here's a link to some pages with information on how to do banning by IP (and range) where you can check your own work. Or post something here that we can look at for you.

http://www.google.com/search?q=htacc...+by+IP+address



.

Saturnin 2008-02-10 01:13 PM
Thanks .... here's what I've put in the file so far...

order allow,deny
deny from 124.115.0
deny from 210.21.
deny from 210.22.
deny from cncnet.net
deny from 210.52.149.2
deny from 210.52.207.2
deny from 210.53.31.2
deny from reverse.gdsz.cncnet.net
deny from gdsz.cncnet.net
deny from 220.250.64.22
deny from 210.21.220.6
deny from 220.250.64.19
deny from 220.250.
allow from all

RewriteEngine On

RewriteCond %{HTTP_USER_AGENT} ^BlackWidow [OR]
RewriteCond %{HTTP_USER_AGENT} ^Bot\ mailto:craftbot@yahoo.com [OR]
RewriteCond %{HTTP_USER_AGENT} ^ChinaClaw [OR]
RewriteCond %{HTTP_USER_AGENT} ^Custo [OR]
RewriteCond %{HTTP_USER_AGENT} ^DISCo [OR]
RewriteCond %{HTTP_USER_AGENT} ^Download\ Demon [OR]
RewriteCond %{HTTP_USER_AGENT} ^eCatch [OR]
RewriteCond %{HTTP_USER_AGENT} ^EirGrabber [OR]
RewriteCond %{HTTP_USER_AGENT} ^EmailSiphon [OR]
RewriteCond %{HTTP_USER_AGENT} ^EmailWolf [OR]
RewriteCond %{HTTP_USER_AGENT} ^Express\ WebPictures [OR]
RewriteCond %{HTTP_USER_AGENT} ^ExtractorPro [OR]
RewriteCond %{HTTP_USER_AGENT} ^EyeNetIE [OR]
RewriteCond %{HTTP_USER_AGENT} ^FlashGet [OR]
RewriteCond %{HTTP_USER_AGENT} ^GetRight [OR]
RewriteCond %{HTTP_USER_AGENT} ^GetWeb! [OR]
RewriteCond %{HTTP_USER_AGENT} ^Go!Zilla [OR]
RewriteCond %{HTTP_USER_AGENT} ^Go-Ahead-Got-It [OR]
RewriteCond %{HTTP_USER_AGENT} ^GrabNet [OR]
RewriteCond %{HTTP_USER_AGENT} ^Grafula [OR]
RewriteCond %{HTTP_USER_AGENT} ^HMView [OR]
RewriteCond %{HTTP_USER_AGENT} HTTrack [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^Image\ Stripper [OR]
RewriteCond %{HTTP_USER_AGENT} ^Image\ Sucker [OR]
RewriteCond %{HTTP_USER_AGENT} Indy\ Library [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^InterGET [OR]
RewriteCond %{HTTP_USER_AGENT} ^Internet\ Ninja [OR]
RewriteCond %{HTTP_USER_AGENT} ^JetCar [OR]
RewriteCond %{HTTP_USER_AGENT} ^JOC\ Web\ Spider [OR]
RewriteCond %{HTTP_USER_AGENT} ^larbin [OR]
RewriteCond %{HTTP_USER_AGENT} ^LeechFTP [OR]
RewriteCond %{HTTP_USER_AGENT} ^Mass\ Downloader [OR]
RewriteCond %{HTTP_USER_AGENT} ^MIDown\ tool [OR]
RewriteCond %{HTTP_USER_AGENT} ^Mister\ PiX [OR]
RewriteCond %{HTTP_USER_AGENT} ^Navroad [OR]
RewriteCond %{HTTP_USER_AGENT} ^NearSite [OR]
RewriteCond %{HTTP_USER_AGENT} ^NetAnts [OR]
RewriteCond %{HTTP_USER_AGENT} ^NetSpider [OR]
RewriteCond %{HTTP_USER_AGENT} ^Net\ Vampire [OR]
RewriteCond %{HTTP_USER_AGENT} ^NetZIP [OR]
RewriteCond %{HTTP_USER_AGENT} ^Octopus [OR]
RewriteCond %{HTTP_USER_AGENT} ^Offline\ Explorer [OR]
RewriteCond %{HTTP_USER_AGENT} ^Offline\ Navigator [OR]
RewriteCond %{HTTP_USER_AGENT} ^PageGrabber [OR]
RewriteCond %{HTTP_USER_AGENT} ^Papa\ Foto [OR]
RewriteCond %{HTTP_USER_AGENT} ^pavuk [OR]
RewriteCond %{HTTP_USER_AGENT} ^pcBrowser [OR]
RewriteCond %{HTTP_USER_AGENT} ^RealDownload [OR]
RewriteCond %{HTTP_USER_AGENT} ^ReGet [OR]
RewriteCond %{HTTP_USER_AGENT} ^SiteSnagger [OR]
RewriteCond %{HTTP_USER_AGENT} ^SmartDownload [OR]
RewriteCond %{HTTP_USER_AGENT} ^SuperBot [OR]
RewriteCond %{HTTP_USER_AGENT} ^SuperHTTP [OR]
RewriteCond %{HTTP_USER_AGENT} ^Surfbot [OR]
RewriteCond %{HTTP_USER_AGENT} ^tAkeOut [OR]
RewriteCond %{HTTP_USER_AGENT} ^Teleport\ Pro [OR]
RewriteCond %{HTTP_USER_AGENT} ^VoidEYE [OR]
RewriteCond %{HTTP_USER_AGENT} ^Web\ Image\ Collector [OR]
RewriteCond %{HTTP_USER_AGENT} ^Web\ Sucker [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebAuto [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebCopier [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebFetch [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebGo\ IS [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebLeacher [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebReaper [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebSauger [OR]
RewriteCond %{HTTP_USER_AGENT} ^Website\ eXtractor [OR]
RewriteCond %{HTTP_USER_AGENT} ^Website\ Quester [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebStripper [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebWhacker [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebZIP [OR]
RewriteCond %{HTTP_USER_AGENT} ^Wget [OR]
RewriteCond %{HTTP_USER_AGENT} ^Widow [OR]
RewriteCond %{HTTP_USER_AGENT} ^WWWOFFLE [OR]
RewriteCond %{HTTP_USER_AGENT} ^Xaldon\ WebSpider [OR]
RewriteCond %{HTTP_USER_AGENT} ^Zeus
RewriteRule ^.* - [F,L]

Simon 2008-02-10 05:48 PM
Is the htaccess code above live on your site now?

Where do you have your htaccess file located, and do you have more than one htaccess file?

Are you still getting hit by IPs you don't want to reach your pages?

Saturnin 2008-02-11 01:55 AM
That URL is using multiple IPs, and seems to have been changing IP numbers on a quicker basis than were updated in some of the IP trace directories. Just keep running through directories until you get the right combination....

Maj. Stress 2008-02-11 02:48 AM
Maybe you could ban by country as mentioned in this post. http://www.greenguysboard.com/board/...81&postcount=3

cd34 2008-02-11 11:16 AM
Two things:

deny from reverse.gdsz.cncnet.net
deny from gdsz.cncnet.net

Having that in your .htaccess is going to cause apache to have to do a reverse dns lookup for each visitor to your web page. If there is no reverse dns, or, an improperly configured DNS entry, or a timeout on the reverse lookup, any surfer hitting the page will take time to resolve that before they are allowed access.

Secondly -- are you saying that those webservers/IPs are the ones hittin your site? or, is it actually a referring site that is sending surfers/bots?

Code:
x.x.x.x - - [11/Feb/2008:06:32:18 -0500] "GET /images/xxxxxxx.jpg HTTP/1.1" 200 9128 "http://www.blahblah.com" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; SIMBAR={4194A8CC-7C68-11DD-956D-000D6112ED67}; .NET CLR 2.0.50727)"
So, are the entries you're seeing corresponding with the x.x.x.x in the above log line, or "http://www.blahblah.com"

If "http://www.blahblah.com", then you need something like:

Code:
RewriteEngine on
RewriteCond %{HTTP_REFERER} reverse.gdsz.cncnet.net [NC]
RewriteRule .* - [F,L]
Based on your original post, I'm thinking you're probably wanting to ban hits coming from that referrer rather than the domain.

cd34 2008-02-11 01:23 PM
also, you mention your members section.

Is your members section also protected by an .htaccess file? if so, apache won't read the rules in the .htaccess file above the members directory and you would need to make the same entries in your members .htaccess that contains the auth directives.

Saturnin 2008-02-13 01:40 AM
Thanks everybody, it seems to have done the trick... the access file is working again.... (I think it had something to do with identifying the underlying IP, which the URL name was not doing somehow)... but the advice was good, and I'm still going through it all.


All times are GMT -4. The time now is 06:29 PM.

Powered by vBulletin® Version 3.8.1
Copyright ©2000 - 2025, Jelsoft Enterprises Ltd.
© Greenguy Marketing Inc