How To Block User-agent / Bot
Aug 7, 2008
There's a bot that's taken to trolling my site. I'd like to block it.
1) Is there a relatively straightforward way through cPanel that I can do this?
2) Failing that, via adding some code to a page on my site (I've seen some code when googling on the 'net, but I'm new to this, and don't even know where such code belongs. As far as I can tell, depending on the bot, sometimes severe measures may need to be taken. However, from my limited reading, it seems that appropriate editing of .htaccess might do it.)
View 6 Replies
ADVERTISEMENT
Nov 25, 2008
I have a SSG-320M I manage, and would like to know if I can block traffic to our web servers based on the user agent hitting us? I know user agents that keep using more and more IP addresses to crawl us, one already taking up some 30 or 40 addresses under my policies and its a pain to identify these by hand and keep updating the firewall every few days to add new IP addresses for them. Is there somewhere I can add part of the user agent I do not want to ever see again? Right now I do this by having a policy at the top saying "BadBotsGroup" is denied. But I want to deny anyone with a user agent "OneUserAgent" or "SecondUserAgent"
It seems so important and simple, but I do not see anything about being able to do this. Thanks for help and pointers. Right now we have special code at the top of our sites that blocks these bots, but I would much rather do it in one location at the firewall.
View 3 Replies
View Related
Dec 17, 2008
how can i block this user agent through mod_rewrite
"Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)"
and is this agent will affect all the IE 6 users ?
and whats is the difference between the one above and this one :
Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; InfoPath.2; .NET CLR 2.0.50727; .NET CLR 3.0.04506.30)?
View 7 Replies
View Related
Jan 13, 2007
I'm trying to deny from the block of "192.168.1" without much success. Could someone around here divulge the error of my ways?
Here is the exact code I have in my .htaccess file:
Code:
AuthName "Test"
AuthType Basic
<Limit GET POST>
order deny,allow
deny from all
allow from 192.168.1.
</Limit>
View 13 Replies
View Related
Jan 27, 2014
I have a rewrite for mobile clients :
RewriteEngine On
RewriteCond %{HTTP_USER_AGENT} "android|blackberry|iphone|ipad|nokia" [NC]
RewriteRule ^$ https://www.myudomain.com/Mobile [L,R=302]
My mobile site is HTML5 written and old phones doesn't support it. How to exclude f.x. old nokias - like 6220 and rewrite old phones to /Mobile_old?
View 1 Replies
View Related
Apr 15, 2007
Is there any way to totally block php shell scripts on users accounts, i don't mean like the java shell in cPanel i mean a php shell script like the kind frequently used by hackers...
View 11 Replies
View Related
May 23, 2009
i have run exim -qff from SSH then i got below error let me know what to do
Code:
root@web [~]# exim -qff
sda7: write failed, user block limit reached.
sda7: write failed, user block limit reached.
sda7: write failed, user block limit reached.
View 4 Replies
View Related
May 10, 2009
i recently got multiple logs regarding this weird browser user agent,
Browser Agent:
XXX<? echo "w0000t"; ?>XXX
anyone have information regarding this?
View 3 Replies
View Related
Apr 6, 2009
My dedi host, was having all sorts of problems with simply just setting up a box, taking them roughly a week, and I'm still waiting for a resolution.
Anyhow,
Windows validation failed, I contacted them to open up a ticket, They wanted the password to root because I've changed the default password they gave me, so I gave them the password
(1)Should I not be doing this, or do you have to give them the password when they ask.
(2)Can this have been resolved without giving them password to root.
They said it'd be resolved in an hour, I emailed them back and they said they'll email me when it's done. But they've closed off the ticket.
(3)Issue hasn't been resolved, how's anyone going to be working on it if the ticket is closed? Shouldn't that ticket be left open till the issue is resolved?
Wow I'm so green behind the ears with all this stuff.
View 4 Replies
View Related
Oct 28, 2007
I've setup my ssh to login with keys and passphrase. I would like to do away with passphrases by using agent forwarding. Putty uses Pageant to store private keys, bu from all the tutorials I can find, it's a windows based feature (to add private keys). I've also tried to use ssh-add (a different agent), but it has trouble recognizing my private key passphrase (made with putty). I know the private key is working because I'm able to use use ssh without a password, just the phrase.
What's the best way to do this? Is there a putty pageant command line that I don't know about?
View 2 Replies
View Related
Dec 20, 2014
Plesk from plesk server Migration, I want to do
I get the following error.
Error: No Migration & Transfer Agent found. Data migration cannot be performed.
View 4 Replies
View Related
Aug 21, 2014
I'd like to upgrade my server from Ubuntu 12.04 to Ubuntu 14.04. The idea is to migrate my actual server (S1) to another one (S2). Then, format and install ubuntu 14.04 with Plesk on S1, and finally migrate the data from S2 to S1. Is it a good solution? Is it possible to do this using only one server? I don't know if I can do it making a backup, install Ubuntu 14.04 and then, restore the data into the server.
However, I have a problem with the migration agent. When I go the migration page, the migration agent tries to update itself and it keep at 0% forever (I attach an screenshot).
View 2 Replies
View Related
Jan 10, 2015
I got error, can`t access to panel:
ERROR: Service_Agent_Exception
Unable to read apache features from the service node: [Sat Jan 10 12:25:03.013856 2015] [so:warn] [pid 32541] AH01574: module actions_module is already loaded, skipping
[Sat Jan 10 12:25:03.014058 2015] [so:warn] [pid 32541] AH01574: module auth_digest_module is already loaded, skipping
[Sat Jan 10 12:25:03.014694 2015] [so:warn] [pid 32541] AH01574: module authz_user_module is already loaded, skipping
[Code] ....
View 2 Replies
View Related
May 7, 2007
I thought I knew enough about my .htaccess stuff to do this, but I can't seem to work it out. What I want to do is if a user visits domain.com/folder, we check to see if the folder exists. If so, show as normal (IE domain.com/support)
If a user visits domain.com/dynamicusername (dynamicusername is not a physical folder), redirect to dynamicusername.domain.com
View 3 Replies
View Related
Jan 3, 2014
when I find the subscription from the admin side of PPA, if I select "Login as user" I've noticed that it is different from actually logging in as the user - for example - "add domain alias" is missing when I login as a customer - but not as an admin... I need my customers to add their own aliases and manage them - how do I add that feature to the client login side?
View 9 Replies
View Related
Jul 8, 2009
I am curious, what is the best way to ban certain IP from accessing server? I have software firewall (APF) and there is, of course, /etc/hosts.deny.
Which is the most efficient? I've read that software firewall becomes unstable after so many entries. Does the same apply to /etc/hosts.deny file?
Or is there a better way altogether?
View 7 Replies
View Related
Jun 8, 2009
some Chinese forums hotlinking images from my site and I even delete those images they keep sending me huge amount of http requests to my hosting server and eating 800mb of memory and upto 1GB cause server crash
I tried to block incoming referrer traffic from those sites using htaccess but it didn't work , I still see their http request on my server logs and memory keep goes high , am not sure my code is the right
how can I block these http request from these domains , what is the right htaccess code , I use DirectAdmin panel by the way
View 7 Replies
View Related
May 16, 2007
Can any one let me know how to block a range IP on SSH?
Eg: i'd like to block all IP: 67.63.123.xxx
View 5 Replies
View Related
Jan 9, 2007
I'm currently experiencing a lot of IP's starting with 200 and 201 (from Brazil) some IP’s have over 200 connections. I have APF installed and want to know how to block a block on ip's if this is possible.
IPS:
200.11.*******
201.*******
View 3 Replies
View Related
Apr 27, 2007
I have DDos Attack right now so I want to block all the IP from all over the world and just allow certain IP range.
How to do it using APF or any other way.
For example I want to block everything but Germany IP
Code:
53.0.0.0/8
62.4.64.0/19
62.8.32.0/19
62.8.128.0/17
62.24.0.0/19
62.26.0.0/15
62.40.0.0/19
62.44.32.0/19
62.48.64.0/19
62.50.32.0/19
62.50.96.0/19
62.50.192.0/18
62.52.0.0/14
62.61.32.0/19
62.68.0.0/19
62.72.0.0/18
62.72.64.0/19
62.75.128.0/17
62.78.64.0/20
62.80.0.0/18
62.80.96.0/19
62.89.160.0/19
62.91.0.0/16
62.93.192.0/18
62.95.128.0/18
62.104.0.0/16
62.109.64.0/18
62.109.128.0/19
62.111.0.0/17
62.112.32.0/19
62.112.64.0/19
62.112.128.0/19
62.116.128.0/18
62.117.0.0/19
62.128.0.0/19
62.128.160.0/19
62.133.0.0/19
62.138.0.0/16
62.141.32.0/19
62.141.160.0/19
62.145.0.0/19
62.143.0.0/16
62.144.0.0/16
62.146.0.0/16
62.152.0.0/19
62.152.160.0/19
62.153.0.0/16
62.154.0.0/15
62.156.0.0/14
62.165.0.0/19
62.168.192.0/19
62.169.0.0/19
62.176.128.0/19
View 2 Replies
View Related
Apr 15, 2007
how can i block to access to some IP?
for examaple scripts in my hosts can not access to some IPs i want
View 6 Replies
View Related
May 5, 2009
Fortigate appliances blocking an IP that is not in RBLs I have a problem with the IP 66.187.108.157 of my VPS it seems to be blocked by Fortigate appliances, as you can see in this error message:
SMTP error from remote mail server after RCPT TO:[url] host mail.am.com.pe [200.62.221.107]: 554 5.7.1 This message has been
blocked because it is from a FortiGuard - AntiSpam black IP address.(connection black ip 66.187.108.157)
However I have searched in this URL [url]and it is clean.
Any ideas on how to have/force Fortigate databases to become updated.
View 1 Replies
View Related
May 12, 2009
I'm having difficulties with a whm running on centos dedicated server. The problem is that we receive too much of spam and junk emails. by too much I mean 2000 bulks per week. It's killing us.
how I can stop it.
View 14 Replies
View Related
Jul 4, 2009
IM about tired of spam and hackers putting phishing items on my server.
My question is.
How can I block the whole world expect for US, CA and UK?
I've added several countrys to csf's csf.deny list but half of them keep disappearing.
View 14 Replies
View Related
Jun 12, 2008
Is there any way to block a particular ISP? Have a visitor that changes IP hourly, but the IP always resolves back to a hostname like dsl.yuns.sksk.uk .
I have CSF installed. Any way to block all visitors from dsl.yuns.sksk.uk?
View 3 Replies
View Related
Jun 17, 2008
in one of my servers i have this line in my ConfigServer Security & Firewall:
190.28.118.155 # lfd: 10 (suhosin) login failures from 190.28.118.155 - Mon Jun 16 23:27:50 2008
is this ok? i mean... its an attack of some sort? i know suhosin is meant to increase php security, so its blocking an attack right?
View 0 Replies
View Related
Apr 29, 2008
I have blocked this IP 125.115.144.28
/etc/apf/apf -d 125.115.144.28
But
netstat -anp|grep tcp|awk '{print $5}'| cut -d : -f1 | sort | uniq -c | sort -n
It still showing
202 125.115.144.28
Why?
Is it supposed to blocked right away, or need some time to get blocked.
When I checked /etc/apf/deny_hosts.rules
The IP is in the file.
View 12 Replies
View Related
Apr 6, 2008
I set up a forum for a small group of users, so I don't really wish to see spiders or bots on it, so I've put a robots.txt file there to prevent all of them from accessing the forum pages.
I know not all bots follow the robots.txt rule, and these days a really annoying bot called MUNAXNET or Munax AB with IP range 82.99.30.0 - 82.99.30.127 is causing the forum to have extra and unexpected loads.
I've tried to block this IP range with .htaccess and uploaded it to the root of the site a few days ago, here is the content:
<Limit GET HEAD POST>
order allow,deny
deny from 82.99.30.0-82.99.30.127
allow from all
</LIMIT>
However strangely it seems that all of these are not working for this bot, today I saw my forum had 80 users online and that army still keeps coming and browsing all pages of my forums...
I tested the .htaccess with blocking myself, and it actually worked for me, dunno why it's not working for that bot..
View 3 Replies
View Related
Mar 13, 2008
I was just researching my log analyzers to see whats happening... I noticed something new in the logs, a large number of unnamed robots or spiders... so I found the robot... it was this:
23310 7.99% 23303 9.48% 1159765 18.56% 22 0.12% 77.88.26.26
After some reading, sites say the ip belongs to spider26.yandex.ru
For simply security reasons, would it be in best interest to block the entire subnet? It seems that the same IP ending in .25 belongs to spider25.yandex.ru
View 0 Replies
View Related
