WordPress.org

Ready to get started?Download WordPress

Forums

iThemes Security (formerly Better WP Security)
[resolved] [Plugin: Better WP Security] User and Bot Blacklist excludes? (14 posts)

  1. nomax07
    Member
    Posted 1 year ago #

    Hi, I use your beautiful plugin. Sometimes ago I tried use option "blacklist by Jim Walker of HackRepair.com.". It's cool thing. But in this blacklist contains russian search engine Yandex. I tried edit my .htaccess file that remove ban for it. but sometimes later .htaccess rules all the same automatic changes and Yandex again banned. May be, for USA and Europe this search engine not needed, but for russian segment of Internet - Yandex is very popular search engine which used many peoples from Russia, Ukraine, Belorus and another countries where peoples speak in Russian.

    How about exceptions? May you added this options in next releases?

    thanks.

    best regards, nomax07.

    http://wordpress.org/extend/plugins/better-wp-security/

  2. I'll see about taking that out. Thanks for the info.

  3. nomax07
    Member
    Posted 1 year ago #

    hi,

    thanks for your responsiveness. I read changelog about new plugin's version, I said that "remove yandex from remove yandex from hackrepair.com blacklist".

    ...but Yandex still not working with hackrepair.com blacklist. You deleted only 1 string of rules. but hereinafter in rules, there are other:

    # Yandex
    deny from 77.88.0.0/18
    deny from 77.88.22.0/23
    deny from 77.88.24.0/21
    deny from 77.88.24.0/22
    deny from 77.88.28.0/22
    deny from 77.88.36.0/23
    deny from 77.88.42.0/23
    deny from 77.88.44.0/24
    deny from 77.88.50.0/23
    deny from 87.250.224.0/19
    deny from 87.250.230.0/23
    deny from 87.250.252.0/22
    deny from 93.158.128.0/18
    deny from 93.158.137.0/24
    deny from 93.158.144.0/21
    deny from 93.158.144.0/23
    deny from 93.158.146.0/23
    deny from 93.158.148.0/22
    deny from 95.108.128.0/17
    deny from 95.108.128.0/24
    deny from 95.108.152.0/22
    deny from 95.108.216.0/23
    deny from 95.108.240.0/21
    deny from 95.108.248.0/23
    deny from 178.154.128.0/17
    deny from 178.154.160.0/22
    deny from 178.154.164.0/23
    deny from 199.36.240.0/22
    deny from 213.180.192.0/19
    deny from 213.180.204.0/24
    deny from 213.180.206.0/23
    deny from 213.180.209.0/24
    deny from 213.180.218.0/23
    deny from 213.180.220.0/23

    I think this strings make ban for yandex engine too.
    Yandex engine have special form for checking ping from server. There are answer from it with activated hackrepair.com blacklist:

    status code HTTP: "403 Forbidden" ?
    server timeout: 29ms
    IP adress: *I replace it :)*
    Headers:
    
        Date: Mon, 13 Aug 2012 00:02:55 GMT
        Content-Length: 380
        Keep-Alive: timeout=5, max=100
        Content-Type: text/html
        Connection: Keep-Alive
        Server: LiteSpeed
        Pragma: no-cache
        Cache-Control: private, no-cache, max-age=0
    
    Charset: UTF-8
    Page size: 0.37kb

    when I deleted this strings too, Yandex checking form return me:

    status code HTTP: "200 OK"
    Server timeout: 443ms
    IP adress: *I replace it :)*
    Headers:
    
        X-Pingback: http://hotel-forsazh.ru/xmlrpc.php
        Date: Mon, 13 Aug 2012 00:08:41 GMT
        Transfer-Encoding: chunked
        Content-Type: text/html; charset=UTF-8
        Connection: close
        X-Powered-By: PHP/5.2.17
        Server: LiteSpeed
    
    Charset: UTF-8
    Page size: 16.52kb

    thats all. :)

  4. hlanggo
    Member
    Posted 1 year ago #

    I was wondering about this as well. The changelog said that Yandex was removed from banlist but I'm still getting 500 errors caused by Yandex trying to access my site.

  5. nomax07
    Member
    Posted 1 year ago #

    hlanggo, you from Russia too?

    I did next:
    1) Activate blacklist;
    2) Copy .htaccess file from server;
    3) Edit .htaccess file which have been copied - You should delete next strings:

    # Yandex
    deny from 77.88.0.0/18
    deny from 77.88.22.0/23
    deny from 77.88.24.0/21
    deny from 77.88.24.0/22
    deny from 77.88.28.0/22
    deny from 77.88.36.0/23
    deny from 77.88.42.0/23
    deny from 77.88.44.0/24
    deny from 77.88.50.0/23
    deny from 87.250.224.0/19
    deny from 87.250.230.0/23
    deny from 87.250.252.0/22
    deny from 93.158.128.0/18
    deny from 93.158.137.0/24
    deny from 93.158.144.0/21
    deny from 93.158.144.0/23
    deny from 93.158.146.0/23
    deny from 93.158.148.0/22
    deny from 95.108.128.0/17
    deny from 95.108.128.0/24
    deny from 95.108.152.0/22
    deny from 95.108.216.0/23
    deny from 95.108.240.0/21
    deny from 95.108.248.0/23
    deny from 178.154.128.0/17
    deny from 178.154.160.0/22
    deny from 178.154.164.0/23
    deny from 199.36.240.0/22
    deny from 213.180.192.0/19
    deny from 213.180.204.0/24
    deny from 213.180.206.0/23
    deny from 213.180.209.0/24
    deny from 213.180.218.0/23
    deny from 213.180.220.0/23

    4) Deactivate blacklist in plugin's options;
    5) Upload and replace .htaccess file on server.

    This method contains minus - blacklist not updated by automatic, but all another rules (not including Yandex) working successfully.

    it's temporary fix. :)

  6. hlanggo
    Member
    Posted 1 year ago #

    Not Russian. Just wondering about the inconsistency.

  7. nomax07
    Member
    Posted 1 year ago #

    Ok, I Think that should try write message to Jim Walker. May be he will delete Yandex search engine from ban list himself. :)

  8. You will need to resave your options after the upgrade. My changes only included lines specifically stating "yandex" (they were in the users section). Do you know which IP block they're using that would affect it? The list you gave would, I believe, open up a lot more than the search engine.

  9. hlanggo
    Member
    Posted 1 year ago #

    Deactivate the ban hacklist feature and then reactivate it?

  10. That should do it.

  11. nomax07
    Member
    Posted 1 year ago #

    hi, Bit51.

    Sorry for my late reply, I did write message to Yandex support service and they said next:
    "We have a large number of IP-adresses, from which our search spiders visit sites. Therefore, we unfortunately, we can not specify fixed range of them".

    Yandex have many different search services for web, images and another things, therefore they have a large number of IP-adresses, which working for different tasks.

  12. I'm afraid the only recommendation I can give you in that situation is to disable HAckRepair's list entirely.

  13. nomax07
    Member
    Posted 1 year ago #

    Bit51,

    I found files hackrepair-apache.inc and hackrepair-nginx.inc
    do you change their content manually after every update of plugin, right?
    sources parse from: http://pastebin.com/5Hw9KZnW ?

    You do it all manually?

  14. You can change them manually and then re-save one of the .htaccess features (enable and re-enable the list for example).

Topic Closed

This topic has been closed to new replies.

About this Plugin

About this Topic