Still happening?
First thing I’d do is change your 404
It will have less bandwidth impact if it’s the default server page rather than loading images.
Second – tried Bad-Behaviour?
There is probably a way using the referrer info but I’ve forgotten it… I’ll see what I can find.
Third and best way – contact your host and get them to ban this guy at the server level. Works every time. π
Thread Starter
Kahil
(@kahil)
yeah, i can’t use the bad behavior plugin because of my host… i tried and bed behavior even blocked me from my own site…
how do i change my 404? cause i’ve tried changing it up and even deleting it. deleting it will take you to the home page no matter what you put in there that is incorrect…
thank you,
Kahil
Thread Starter
Kahil
(@kahil)
and the thng is, its not always just from a single IP. my htaccess file has over 50 of them. the only thing they seem to have in common are that they are on foreign networks (RIPE, Latin America, Asia/Pacific, etc)
Thread Starter
Kahil
(@kahil)
yeah, i just checked again and somehow many of these IP addresses are getting past the whole htaccess thing…
kahil,
if your .htaccess is done properly they shouldnt be able to. sounds like something is done correctly…
can you post some relevant web log entries, so we can see exactly what’s going on? possible that something like CG-Referrer might be able to just bounce the guy in PHP, but if you can use an htaccess-based referrer it’ll be a much lower resource hit.
I’ve been hit by torrential trackback spamming attempts recently, and while my new CG-Referrer is intercepting and blocking them, it’s a love-hate relationship: it costs more in resources, but I get to log the attempts… Then again, the server logs should log an attempt that is htaccess-blocked, so that’d be good for most folks.
-d
Thread Starter
Kahil
(@kahil)
well… you can go here and see…
http://mykahil.com/.htaccess
72.36.244.195 and 81.177.0.130 keep getting through… and others are starting to as well… is this happening to anyone else? I just can’t see so many IP addresses from all the different foreign networks happenning to just me…
i can’t figure out what is wrong with my .htaccess file. everywhere i’ve looked and everyone i’ve asked tells me to format it the same way…
Not quite related but,
Most of the robots you are blocking with the env matching rules obey robots.txt.
Realted, that .htaccess looks OK to me.
ok, well for starters π your usage of * for matching wildcards is incorrect.
And yes, I see that the codex suggests otherwise. Its wrong as well.
I wanted to make sure I wasnt thinking of something else so I doublechecked the apache docs for mod_access
The correct way to handle :
deny from 72.36.244.*
is like so:
deny from 72.36.244
Fix those instances where you used the asteric and see if those ips stop getting through.
—
http://httpd.apache.org/docs/1.3/mod/mod_access.html
# Might be a good idea if info on the codex was proofed occassionally for accuracy.
—
Also, make sure that your original .htaccess does not have any hidden tabs in it. Its common to see that if someone is doing editing in the cough*wrong*cough word processing application. I didnt find any in your posted version but ya never know.
Thread Starter
Kahil
(@kahil)
IIIIIIIV: Those robots are only there because they weren’t following my robots.txt file. Never once did they visit that file, otherwise they wouldn’t have gone further. Also, they were visiting pages that didn’t exist and never once did. They were visiting and crawling non-stop, including ths supposed good google bot…
Whooami: OK, I’ll try that for my .htaccess file. but what I don’t understand is that the ones I tried the wildcard for are ones that the whole IP address was already there and they were getting through somehow…
Thank you
Thread Starter
Kahil
(@kahil)
OK, i fixed the wildcard thing and just a couple mins afterwards, i get hit again from an IP address that is on the list. if my htaccess file is formated correctly, then how are they getting through?
Thank you
we are going to play a game, kahil :),
add this ip: 71.195.48.163.
to your .htaccess (thats me) block it, of course.
and let me know when youre done …
Thread Starter
Kahil
(@kahil)
done… ur added and uploaded…
