I have added guangxiymcd in the latest version (20200706), so those requests will be blocked. Thank you for the feedback.
Thread Starter
coholm
(@coholm)
guangxiymcd is just an example. I have hundrets of chinese domain names in my search log. they all start with www. and end with .cn
can you add a rule to block all those requests?
I will take a closer look and see what I can do for the next update. Thanks for the feedback and ideas, much appreciated.
Just to follow up with this. I replaced the static pattern guangxiymcd with a dynamic pattern ^www\.(.*)\.cn$ so BBQ should block any request that includes this in the query string:
* Query string begins with www.
* Then any characters or none
* Query string ends with .cn
So it specifically matches/blocks based on those criteria. Plugin update should be available soon. Let me know if it helps cut down on the spam, or if any further refinements are possible.
Thread Starter
coholm
(@coholm)
These are great news.
I’ll let you know how well it works
Thread Starter
coholm
(@coholm)
Just tested it. (Version: 20200811)
When I enter a search ‘www.abcdefg.cn’ it still gets logged and the search is executed.
Thread Starter
coholm
(@coholm)
I also have the following searched in the log, which seem to be malicious:
Home%2F\\think\\app%2Finvokefunction
index%2F\\think\\app%2Finvokefunction
When I enter these in the search bar, the search is also executed as usual.
Does the query string match what you reported:
they all start with www. and end with .cn
That is exactly what I added to the plugin. So look at the query string and compare with your own requirements.
Thread Starter
coholm
(@coholm)
Yes, all the querys only include the url in the format www.whatever.cn
I have just cleared the log, but I can send you a screenshot once it filled up again
-
This reply was modified 5 years, 4 months ago by
coholm.
-
This reply was modified 5 years, 4 months ago by coholm.
What are some examples of the requested URLs you are getting? Paste a few entire URLs so I can take a look. They should look something like this:
https://example.com/path/whatever/?the-query-string=something-blah-blah
Make sure to remove your domain name from the examples before posting.
Thread Starter
coholm
(@coholm)
https://whatever.com/produkte?wpv_post_search=www.whatever.com
https://whatever.com/produkte?wpv_view_count=1187&wpv_post_search=www.whatever.cn&wpv_filter_submit=Suchen
https://whatever.com/produktkategorie/mikrofone?wpv_view_count=1187&wpv_post_search=www.whatever.cn&wpv-product_cat%5B%5D=mikrofone&wpv_filter_submit=Suchen
So that’s why it is not working for you. These are the query strings:
wpv_post_search=www.whatever.com
wpv_view_count=1187&wpv_post_search=www.whatever.cn&wpv_filter_submit=Suchen
wpv_view_count=1187&wpv_post_search=www.whatever.cn&wpv-product_cat%5B%5D=mikrofone&wpv_filter_submit=Suchen
Take a close look at those and tell me if they meet the criteria outlined above.
Thread Starter
coholm
(@coholm)
Oh ok. I thought that the part after the equal sign (=) is the query string.
I’m not sure if you can create a rule that catches all the possibilities after the equal sign that contain www. and .cn
Thread Starter
coholm
(@coholm)
Thread Starter
coholm
(@coholm)
@specialk Thanks for the latest update. Works perfect now
-
This reply was modified 5 years ago by coholm.
