e107help.org Q&A
0 like 0 dislike

I have a problem that Chinese IP's are draining my website, and especially my forum pages. They are (as far as I can see) not trying to get in as I don't have many failed logins. But it is annoying as I don't see the purpose, and it is frustrating my site stats. As there is a pattern I tried to block access by changing header_default.php:

$deny = array("60.8.123", "111.225.149","111.225.148", "110.249.201","220.243.135");
if (in_array ($_SERVER['REMOTE_ADDR'], $deny)) {
   header("location: https://yahoo.com/");
   exit();
}

But this didn't work. Probably I need to modify some other file. Can anybody help. A few elements from the Chinese reports:

08:55:32 China (cn) 110.249.202.153 Android - 375x812 - True Color (24 bit)  Safari 537.36   (mode=js) forum/v1-0-rc-2/1/rc2-build-10...  
07:35:38 China (cn) 111.225.148.15 Android - 375x812 - True Color (24 bit)  Safari 537.36   (mode=js) forum/v1-0-0/17/release-1-0-6-...  
07:25:36 China (cn) 110.249.202.246 Android - 375x812 - True Color (24 bit)  Safari 537.36   (mode=js) forum/v1-0-0/16/release-1-0-5-...  
07:16:03 China (cn) 60.8.123.88 Android - 375x812 - True Color (24 bit)  Safari 537.36   (mode=js) forum/v1-0-0/14/release-1-0-2-...  
05:05:38 China (cn) 111.225.149.218 Android - 375x812 - True Color (24 bit)  Safari 537.36   (mode=js) forum/v1-0-rc-2/2/rc2-build-11...  
04:55:42 China (cn) 220.243.136.34 Android - 375x812 - True Color (24 bit)  Safari 537.36   (mode=js) forum/v1-0-rc-3/4/build-4-rele...  
04:25:33 China (cn) 111.225.148.17 Android - 375x812 - True Color (24 bit)  Safari 537.36   (mode=js) forum/v1-0-rc-3/3/almost-relea...  
04:05:33 China (cn) 60.8.123.233 Android - 375x812 - True Color (24 bit)  Safari 537.36   (mode=js) forum/generic-questions/18/can...  
closed
in Core by (274 points) 9 19 32
closed by

2 Answers

0 like 0 dislike
Best answer

Not sure on this one, but some ip's refer to the crawler of bytedance.
So best to add crawl .bytedance .com to the denu list in robots text.
If they adhere to the robots txt rules, this would likely already give some results.

However, if ip spoofing is in practice (ala vpn or alike) it is undo-able without complete block chains.

User-agent:  Bytespider

Disallow: /

However, you also could use search engines/bots disallow the forum only..

User-agent: * 
Disallow: /cgi-bin/ 
Disallow: /private/ 
Disallow: /tmp/

above is basic example use (bin/private/tmp in this case are disallowed). NOTE !!  the *  means ALL for a specific one, change it to name.
Hope this helps

(ps edited content of first post> markup spoil)

by (3.3k points) 8 9 11
selected by
0 like 0 dislike

You can also use CIDRAM (https://github.com/CIDRAM/CIDRAM), i had it setup in my live sites, and it blocked everything automatically, not only on the forum, but in all the site....

 

No more spammers or crawlers...

 

There's also another script, ZB-BLOCK (https://zb-block.net/zbf), that can be also set up alongside with CIDRAM, since they can live alongside one another.

I've also used ZB-BLOCK, and it's also similar to CIDRAM...

 

by (310 points) 21 38 45
edited by
Welcome to e107 Q&A, where you can ask questions and receive answers from other members of the e107 community.
962 questions
1,362 answers
2,448 comments
2,404 users