Thread Starter
mrppp
(@mrppp)
OK real pain in but so far as stats go, hopefully ok as far as security goes so i will live with it try and find out more, maybe report site to the hosting company as the site looks iffy to me wanting you to log in with only social log ins
Thread Starter
mrppp
(@mrppp)
Yeah will look into this
Example:
if is not X
load the counter.js file
else
die punk/redirect somewhere else/etc
LOL
Cheers
just odd same referrer, but different ips, different countries and lots of them
Plugin Author
AITpro
(@aitpro)
You still have not told me what X is. if you can tell me that then I can post the code condition/wrap here.
Example:
HTTP_REFERER ?
REQUEST_URI ?
QUERY_STRING ?
Even though the IP address is different all of the URLS are the same correct? What is the common denominater? What field is it? Referer, Request URI or Query String?
Plugin Author
AITpro
(@aitpro)
Do you a log entry in your BPS Security Log that you can post?
Do you have a Server log entry that you can post?
Do you have a Stats log entry that you can post?
Thread Starter
mrppp
(@mrppp)
Can i post all security log ? anything in it i should not or can i mail it?
actually can’t be anything loggin these as nothing with todays date shows in BPS log
Plugin Author
AITpro
(@aitpro)
Where did you get the original info? What field is it that all of those entries have in common?
Thread Starter
mrppp
(@mrppp)
server log just shows http://semalt.com/competitors_review.php?u
Server stats top referrer `
http://semalt.com/competitors_review.php`
Thread Starter
mrppp
(@mrppp)
Originally picked it up from my statcounter Cpanel,
the only thing in common is the referrer. everything else is different, i.e the ip, the country, the browser etc etc
Serra,Espirito Santo, Brazil 177.206.36.95 semalt.com/competitors_review.php?u
and
Barrosas,Porto,Portugal 188.250.101.61 semalt.com/competitors_review.php?u
and so on all different apart from referer
Not to worry taking far to much of your time hopefully it will reduce in visits over time
Plugin Author
AITpro
(@aitpro)
Ok well trying to block by Referer in php code is very iffy and not accurate like .htaccess code so give this code a try, but it may not do a damn thing.
if the Referer is NOT semalt.com then load the counter.js file. I did not bother with doing an “else” since your goal is just to not have these entries logged.
if ( !preg_match('/semalt\.com/', $_SERVER['HTTP_REFERER']) ) {
// your statcounter code goes here
}
Thread Starter
mrppp
(@mrppp)
Ok thank you will give that a bash, will let you know
<!-- Start of StatCounter Code -->
if ( !preg_match('/semalt\.com/', $_SERVER['HTTP_REFERER']) ) {
<script type="text/javascript">
<!--
var sc_project=xxxxxx;
var sc_security="e9exxxxx";
var sc_invisible=1;
//-->
</script>
<script type="text/javascript" src="http://www.statcounter.com/counter/counter_xhtml.js"></script>
<noscript><div class="statcounter"><a title="web analytics" href="http://statcounter.com/"><img class="statcounter" src="http://c.statcounter.com/xxxxxxxx/" alt="web analytics" /></a></div></noscript>
}<!-- End of StatCounter Code -->
Plugin Author
AITpro
(@aitpro)
Since the Stat counter code is javascript you will need to do your PHP code conditional wrap like this:
<?php if ( !preg_match('/semalt\.com/', $_SERVER['HTTP_REFERER']) ) { ?>
// your statcounter code goes here
<?php } ?>
Thread Starter
mrppp
(@mrppp)
<!-- Start of StatCounter Code -->
<?php if ( !preg_match('/semalt\.com/', $_SERVER['HTTP_REFERER']) ) { ?>
<script type="text/javascript">
<!--
var sc_project=<?php echo $sc_project; ?>;
var sc_security="<?php echo $sc_security; ?>";
<?php
if($sc_invisible==1) {
echo " var sc_invisible=1;\n";
}?>
//-->
</script>
<script type="text/javascript" src="http://www.statcounter.com/counter/counter_xhtml.js"></script>
<noscript><div class="statcounter"><a title="web analytics" href="http://statcounter.com/"><img class="statcounter" src="http://c.statcounter.com/<?php echo $sc_project; ?>/0/<?php echo $sc_security; ?>/<?php echo $sc_invisible; ?>/" alt="web analytics" /></a></div></noscript>
<?php } ?><!-- End of StatCounter Code -->
give it a go logs mine so works still lets see if the semalt gets hit then
Plugin Author
AITpro
(@aitpro)
What’s your website URL. I attack it right now as semalt.com. 😉
Thread Starter
mrppp
(@mrppp)
Site removed think you have it
Thread Starter
mrppp
(@mrppp)
`At&t U-verse (108.213.xx.xx) Chrome 32.0
Win7
1600×900
