Support » Plugin: All In One WP Security & Firewall » Blocking Linux

  • Hi,

    Getting lots of bot traffic with Linux (at least that’s what i see in Google Analytics),

    Can i just place user – agent Linux and it will block all User agents that have Linux in it?

    Thank you
    Mark

    The page I need help with: [log in to see the link]

Viewing 15 replies - 1 through 15 (of 16 total)
  • Plugin Contributor mbrsolution

    (@mbrsolution)

    Hi Mark,

    Can i just place user – agent Linux and it will block all User agents that have Linux in it?

    You should be able to use Enter User Agents: field to enter your bot located in Blacklist Manager tab in admin settings.

    Let me know if it works for you.

    Thank you

    • This reply was modified 5 months, 1 week ago by mbrsolution.

    Sorry, didn’t understand.

    what i meant is if i need to place for example “Linux x86_64” or i can just place “Linux” to block all user agents that have Linux in the name.

    I placed both options so now when i check httaccess it looks like here below but a day after – still plenty of Linux bots. Can you suggest what to do?

    <IfModule mod_rewrite.c>
    RewriteEngine On

    RewriteCond %{HTTP_USER_AGENT} ^Linux [NC,OR]
    RewriteCond %{HTTP_USER_AGENT} ^Linux\sx86_64 [NC]
    RewriteRule ^(.*)$ – [F,L]

    </IfModule>

    Plugin Contributor mbrsolution

    (@mbrsolution)

    Hi,

    Have you also enabled the following feature Block Fake Googlebots under Firewall -> Interbots?

    Thank you

    mark8888

    (@mark8888)

    added now.

    Now it should work?

    Plugin Contributor mbrsolution

    (@mbrsolution)

    Hi, let me know if it works or not.

    Thank you

    mark8888

    (@mark8888)

    Hi,

    No, it doesnt work.

    i see this code in httaccess, i marked to block fake google bots – i see exactly the same bots with Linux UA coming without being blocked. Can you please advise how to fix it?

    This is the httaccess code i see:
    <IfModule mod_rewrite.c>
    RewriteEngine On

    RewriteCond %{HTTP_USER_AGENT} ^Linux\sx86_64 [NC]
    RewriteRule ^(.*)$ – [F,L]

    </IfModule>

    Plugin Contributor mbrsolution

    (@mbrsolution)

    Hi,

    Do you have any of the following features enabled? If you don’t can you enable the feature that best suits your needs.

    Completely Block Access To XMLRPC:
    Disable Pingback Functionality From XMLRPC:

    The above features are located in WP Security -> Firewall -> Basic Firewall Rules -> WordPress XMLRPC & Pingback Vulnerability Protection.

    Regards

    mark8888

    (@mark8888)

    Hi,

    it was enabled. But still the block doesn’t work.

    mark8888

    (@mark8888)

    I think the problem is in the way your plugin translates “Linux x86_64” which i placed into this part of the code: ^Linux\sx86_64
    something there not correct. I tried with different plugin and this part was different. like this: Linuxx86_64

    can you please suggest a solution.

    Even better, is it possible to block by using exact match with multiple parameters together – i mean in a same way as doing google search for exact sentence.

    Like blocking “X11; Linux x86_64”

    Plugin Contributor mbrsolution

    (@mbrsolution)

    Hi, I have submitted a message to the developers to investigate further your issue.

    Thank you

    Plugin Author wpsolutions

    (@wpsolutions)

    Hi @mark8888
    Do all of these bots have a user agent string which starts with the word “Linux”?
    Could it be that the user agent strings which contains “Linux” all start with something different? Are you able to check what the exact user agent string is?

    I tried a few tests on my site by simply entering “Linux” in the blacklist “user agents” section and I was able to block requests which had a user agent such as this one:
    Linux x86_64

    mark8888

    (@mark8888)

    Hi,

    I think if you place just Linux it does work. But by doing so you are blocking all Android users. I think the problem is with how Linux x86_64 entered into the code – maybe the space there messes things up.

    The full string is usually: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.100 Safari/537.36

    Plugin Author wpsolutions

    (@wpsolutions)

    I think the problem is with how Linux x86_64 entered into the code – maybe the space there messes things up

    Actually the space should not affect the correct operation of the blocking rules.
    For example, I also tried entering the following in the settings:
    Linux x86_64

    The above appears as follows in my .htacces file:
    RewriteCond %{HTTP_USER_AGENT} ^Linux\sx86_64 [NC]

    The blocking still works as expected except this time blocking only occurs for visitors with user agent string which exactly matches “linux x86_64” (note: it is case insensitive).

    Have you asked your host support people to see if they can help?
    Have you also checked to see if some other .htaccess directives in your file might be conflicting with these rules?

    mark8888

    (@mark8888)

    Yes, i have the same code in httaccess.

    Please explain what you mean exact match. For example – this bot should be blocked “Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.100 Safari/537.36” – but it’s not.

Viewing 15 replies - 1 through 15 (of 16 total)
  • You must be logged in to reply to this topic.