WordPress.org

Ready to get started?Download WordPress

Forums

BulletProof Security
[resolved] Do I need to edit .htaccess for this? (5 posts)

  1. Miz.Michele
    Member
    Posted 1 year ago #

    I've had some nasty issues with click bombing. What i did was take the offending IP addy's and ban them like this:

    <Limit GET HEAD POST>
    order deny,allow
    deny from xx.x.x.0/8
    </LIMIT>

    I installed BPS and now the .htaccess is modified so do I need to the add the offending IP addresses back and if so how, to the top of the file?

    Is there anything else I can do to prevent the bombing?

    Thanks

    http://wordpress.org/extend/plugins/bulletproof-security/

  2. AITpro
    Member
    Plugin Author

    Posted 1 year ago #

    I'm not real familiar with click bombing since i am not doing any Adsense stuff. I googled it and i see that click bombing is a dirty way to mess with someone else's Google Adsense Ads. I will look into this some more and see if there is a better way to handle this or protect a site from click bombing.

    You would add your Limit directive coding to the Bottom Custom Code text box on the BPS Custom Code page, save it, then click the AutoMagic buttons on the Security Modes page and then Activate BulletProof Mode for your Root folder.

    Also here is some standard IP and Hostname blocking .htaccess code as another example.

    # Block Repeat Offenders by IP and Hostname
    <Files *>
    Order Allow,Deny
    Allow from all
    Deny from 10.1.3.0/24
    Deny from hidemyass.com
    deny from proxy.com
    deny from anonymouse.com
    deny from proxify.com
    </Files>

    I think a better approach would be to actually limit the number of clicks allowed by IP address instead of trying to block a list of IP addresses. I will play around with this and see if i can figure out something that works effectively.

    it looks there is a WordPress plugin that may do this already, but it is not rated very well - http://wordpress.org/extend/plugins/ad-logger/

    and i came across this possible paid product that may work - Adsense Defender.

  3. Miz.Michele
    Member
    Posted 1 year ago #

    Thanks.

    I've really been under attack. And I had started blocking individually but then when I installed BPS I didn't know what to do with those lines so I just put them back and clicked the auto magic buttons and activated for root - thanks!

    I'm also using 6scan and that has been blocking access attempts too.

    I've heard some not great thing about the ad logger plugin.

    Yes, please if you can think of anything else, please let me know.
    Thanks for the help

  4. AITpro
    Member
    Plugin Author

    Posted 1 year ago #

    It's a shame that there are people that do these types of things - hacking, sabotage and playing dirty in general, but that is just the way it is unfortunately. Ironically I had originally planned on trying to bring back Flash and had a great idea for a new Flash plugin back in 2010, but my own personal websites were hacked back then so since there was not a security plugin back then that could stop the hackers I went on a mission. Had no idea I was going to spend years on that mission when I started it. LOL

    It looks like there are a fair amount of premium plugins that appear to prevent click bombing effectively, but yep I will still research this some more. Thanks.

  5. Miz.Michele
    Member
    Posted 1 year ago #

    Thanks again. I have been reading the premium ones and am going to try one

Topic Closed

This topic has been closed to new replies.

About this Plugin

About this Topic

Tags

No tags yet.