Re: Anti Flood Request [Beginner's Corner] - XOOPS Web Application System

11

Re: Anti Flood Request

2007/1/2 7:28
irmtfan
Module Developer
Posts: 3419
Since: 2003/12/7

xoops.ir and the other in my sig.
could you test that offline browsing in xoops.ir? then post your results here ASAP.
Thank you

Ready for Romance
First Persian Harry Potter Site(English added) | Persian Support Site | Xoops Persian Project

12

Re: Anti Flood Request

2007/1/2 14:39
martyboy
Quite a regular
Posts: 256
Since: 2004/5/25

Hi, if its offline browsers and bad bots you want to block try this htaccess file, paste it into notepad name it .htaccess, change anything thats needs to be changed to refere to your domain and upload it inot public_html or XOOPS root, I got this from webmasterworld I use it and have had no major problems with offline downloaders and bad bots, you need to also go through your logs and find out who/what is hogging your bandwidth and ban them by IP and as said before have protector installed to it is a very usefull module.


RewriteEngine On 

RewriteCond %{HTTP_USER_AGENT} ^attach [OR] 

RewriteCond %{HTTP_USER_AGENT} ^BackWeb [OR] 

RewriteCond %{HTTP_USER_AGENT} ^Bandit [OR] 

RewriteCond %{HTTP_USER_AGENT} ^BatchFTP [OR] 

RewriteCond %{HTTP_USER_AGENT} ^Buddy [OR] 

RewriteCond %{HTTP_USER_AGENT} ^ChinaClaw [OR] 

RewriteCond %{HTTP_USER_AGENT} ^Collector [OR] 

RewriteCond %{HTTP_USER_AGENT} ^Copier [OR] 

RewriteCond %{HTTP_USER_AGENT} ^Botmailto:craftbot@yahoo.com [OR] 

RewriteCond %{HTTP_USER_AGENT} ^DA [OR] 

RewriteCond %{HTTP_USER_AGENT} ^DISCoPump [OR] 

RewriteCond %{HTTP_USER_AGENT} ^DownloadDemon [OR] 

RewriteCond %{HTTP_USER_AGENT} ^DownloadWonder [OR] 

RewriteCond %{HTTP_USER_AGENT} ^Downloader [OR] 

RewriteCond %{HTTP_USER_AGENT} ^Drip [OR] 

RewriteCond %{HTTP_USER_AGENT} ^eCatch [OR] 

RewriteCond %{HTTP_USER_AGENT} ^EirGrabber [OR] 

RewriteCond %{HTTP_USER_AGENT} ^ExpressWebPictures [OR] 

RewriteCond %{HTTP_USER_AGENT} ^ExtractorPro [OR] 

RewriteCond %{HTTP_USER_AGENT} ^EyeNetIE [OR] 

RewriteCond %{HTTP_USER_AGENT} ^FileHound [OR] 

RewriteCond %{HTTP_USER_AGENT} ^FlashGet [OR] 

RewriteCond %{HTTP_USER_AGENT} ^GetRight [OR] 

RewriteCond %{HTTP_USER_AGENT} ^GetSmart [OR] 

RewriteCond %{HTTP_USER_AGENT} ^Go!Zilla [OR] 

RewriteCond %{HTTP_USER_AGENT} ^Go-Ahead-Got-It [OR] 

RewriteCond %{HTTP_USER_AGENT} ^gotit [OR] 

RewriteCond %{HTTP_USER_AGENT} ^Grabber [OR] 

RewriteCond %{HTTP_USER_AGENT} ^GrabNet [OR] 

RewriteCond %{HTTP_USER_AGENT} ^Grafula [OR] 

RewriteCond %{HTTP_USER_AGENT} ^HMView [OR] 

RewriteCond %{HTTP_USER_AGENT} ^HTTrack [OR] 

RewriteCond %{HTTP_USER_AGENT} ^InterGET [OR] 

RewriteCond %{HTTP_USER_AGENT} ^InternetNinja [OR] 

RewriteCond %{HTTP_USER_AGENT} ^Iria [OR] 

RewriteCond %{HTTP_USER_AGENT} ^JetCar [OR] 

RewriteCond %{HTTP_USER_AGENT} ^JOC [OR] 

RewriteCond %{HTTP_USER_AGENT} ^JustView [OR] 

RewriteCond %{HTTP_USER_AGENT} ^LeechFTP [OR] 

RewriteCond %{HTTP_USER_AGENT} ^lftp [OR] 

RewriteCond %{HTTP_USER_AGENT} ^likse [OR] 

RewriteCond %{HTTP_USER_AGENT} ^Magnet [OR] 

RewriteCond %{HTTP_USER_AGENT} ^Mag-Net [OR] 

RewriteCond %{HTTP_USER_AGENT} ^MassDownloader [OR] 

RewriteCond %{HTTP_USER_AGENT} ^Memo [OR] 

RewriteCond %{HTTP_USER_AGENT} ^MIDowntool [OR] 

RewriteCond %{HTTP_USER_AGENT} ^Mirror [OR] 

RewriteCond %{HTTP_USER_AGENT} ^MisterPiX [OR] 

RewriteCond %{HTTP_USER_AGENT} ^Navroad [OR] 

RewriteCond %{HTTP_USER_AGENT} ^NearSite [OR] 

RewriteCond %{HTTP_USER_AGENT} ^NetAnts [OR] 

RewriteCond %{HTTP_USER_AGENT} ^NetSpider [OR] 

RewriteCond %{HTTP_USER_AGENT} ^NetVampire [OR] 

RewriteCond %{HTTP_USER_AGENT} ^NetZip [OR] 

RewriteCond %{HTTP_USER_AGENT} ^Ninja [OR] 

RewriteCond %{HTTP_USER_AGENT} ^Octopus [OR] 

RewriteCond %{HTTP_USER_AGENT} ^OfflineExplorer [OR] 

RewriteCond %{HTTP_USER_AGENT} ^PageGrabber [OR] 

RewriteCond %{HTTP_USER_AGENT} ^PapaFoto [OR] 

RewriteCond %{HTTP_USER_AGENT} ^pcBrowser [OR] 

RewriteCond %{HTTP_USER_AGENT} ^Pockey [OR] 

RewriteCond %{HTTP_USER_AGENT} ^Pump [OR] 

RewriteCond %{HTTP_USER_AGENT} ^RealDownload [OR] 

RewriteCond %{HTTP_USER_AGENT} ^Reaper [OR] 

RewriteCond %{HTTP_USER_AGENT} ^Recorder [OR] 

RewriteCond %{HTTP_USER_AGENT} ^ReGet [OR] 

RewriteCond %{HTTP_USER_AGENT} ^Siphon [OR] 

RewriteCond %{HTTP_USER_AGENT} ^SiteSnagger [OR] 

RewriteCond %{HTTP_USER_AGENT} ^SmartDownload [OR] 

RewriteCond %{HTTP_USER_AGENT} ^Snake [OR] 

RewriteCond %{HTTP_USER_AGENT} ^SpaceBison [OR] 

RewriteCond %{HTTP_USER_AGENT} ^Stripper [OR] 

RewriteCond %{HTTP_USER_AGENT} ^Sucker [OR] 

RewriteCond %{HTTP_USER_AGENT} ^SuperBot [OR] 

RewriteCond %{HTTP_USER_AGENT} ^SuperHTTP [OR] 

RewriteCond %{HTTP_USER_AGENT} ^Surfbot [OR] 

RewriteCond %{HTTP_USER_AGENT} ^tAkeOut [OR] 

RewriteCond %{HTTP_USER_AGENT} ^Teleport [OR] 

RewriteCond %{HTTP_USER_AGENT} ^Vacuum [OR] 

RewriteCond %{HTTP_USER_AGENT} ^VoidEYE [OR] 

RewriteCond %{HTTP_USER_AGENT} ^WebImageCollector [OR] 

RewriteCond %{HTTP_USER_AGENT} ^WebSucker [OR] 

RewriteCond %{HTTP_USER_AGENT} ^WebAuto [OR] 

RewriteCond %{HTTP_USER_AGENT} ^WebCopier [OR] 

RewriteCond %{HTTP_USER_AGENT} ^WebFetch [OR] 

RewriteCond %{HTTP_USER_AGENT} ^WebReaper [OR] 

RewriteCond %{HTTP_USER_AGENT} ^WebSauger [OR] 

RewriteCond %{HTTP_USER_AGENT} ^Website [OR] 

RewriteCond %{HTTP_USER_AGENT} ^Webster [OR] 

RewriteCond %{HTTP_USER_AGENT} ^WebStripper [OR] 

RewriteCond %{HTTP_USER_AGENT} ^WebWhacker [OR] 

RewriteCond %{HTTP_USER_AGENT} ^WebZIP [OR] 

RewriteCond %{HTTP_USER_AGENT} ^Wget [OR] 

RewriteCond %{HTTP_USER_AGENT} ^Whacker [OR] 

RewriteCond %{HTTP_USER_AGENT} ^Widow [OR] 

RewriteCond %{HTTP_USER_AGENT} ^Xaldon 

RewriteRule /*$ http://www.yourdomain.com [L,R]

*/

Michael Jackson = King Of Pop

Xoops = King Of CMS

13

Re: Anti Flood Request

2007/1/2 22:15
onasre
Not too shy to talk
Posts: 150
Since: 2006/8/12

Quote:

irmtfan wrote:
xoops.ir and the other in my sig.
could you test that offline browsing in xoops.ir? then post your results here ASAP.
Thank you

I got you Man i could Download the whole website if i wanted
see the image below
Resized Image

Whatever Hits You , Never was to Mess you , and Whatever Messed U , Never Was to Hit You.

14

Re: Anti Flood Request

2007/1/2 22:16
onasre
Not too shy to talk
Posts: 150
Since: 2006/8/12

Quote:

martyboy wrote:
Hi, if its offline browsers and bad bots you want to block try this htaccess file, paste it into notepad name it .htaccess, change anything thats needs to be changed to refere to your domain and upload it inot public_html or XOOPS root, I got this from webmasterworld I use it and have had no major problems with offline downloaders and bad bots, you need to also go through your logs and find out who/what is hogging your bandwidth and ban them by IP and as said before have protector installed to it is a very usefull module.

RewriteEngine On RewriteCond %{HTTP_USER_AGENT} ^attach [OR] RewriteCond %{HTTP_USER_AGENT} ^BackWeb [OR] RewriteCond %{HTTP_USER_AGENT} ^Bandit [OR] RewriteCond %{HTTP_USER_AGENT} ^BatchFTP [OR] RewriteCond %{HTTP_USER_AGENT} ^Buddy [OR] RewriteCond %{HTTP_USER_AGENT} ^ChinaClaw [OR] RewriteCond %{HTTP_USER_AGENT} ^Collector [OR] RewriteCond %{HTTP_USER_AGENT} ^Copier [OR] RewriteCond %{HTTP_USER_AGENT} ^Botmailto:craftbot@yahoo.com [OR] RewriteCond %{HTTP_USER_AGENT} ^DA [OR] RewriteCond %{HTTP_USER_AGENT} ^DISCoPump [OR] RewriteCond %{HTTP_USER_AGENT} ^DownloadDemon [OR] RewriteCond %{HTTP_USER_AGENT} ^DownloadWonder [OR] RewriteCond %{HTTP_USER_AGENT} ^Downloader [OR] RewriteCond %{HTTP_USER_AGENT} ^Drip [OR] RewriteCond %{HTTP_USER_AGENT} ^eCatch [OR] RewriteCond %{HTTP_USER_AGENT} ^EirGrabber [OR] RewriteCond %{HTTP_USER_AGENT} ^ExpressWebPictures [OR] RewriteCond %{HTTP_USER_AGENT} ^ExtractorPro [OR] RewriteCond %{HTTP_USER_AGENT} ^EyeNetIE [OR] RewriteCond %{HTTP_USER_AGENT} ^FileHound [OR] RewriteCond %{HTTP_USER_AGENT} ^FlashGet [OR] RewriteCond %{HTTP_USER_AGENT} ^GetRight [OR] RewriteCond %{HTTP_USER_AGENT} ^GetSmart [OR] RewriteCond %{HTTP_USER_AGENT} ^Go!Zilla [OR] RewriteCond %{HTTP_USER_AGENT} ^Go-Ahead-Got-It [OR] RewriteCond %{HTTP_USER_AGENT} ^gotit [OR] RewriteCond %{HTTP_USER_AGENT} ^Grabber [OR] RewriteCond %{HTTP_USER_AGENT} ^GrabNet [OR] RewriteCond %{HTTP_USER_AGENT} ^Grafula [OR] RewriteCond %{HTTP_USER_AGENT} ^HMView [OR] RewriteCond %{HTTP_USER_AGENT} ^HTTrack [OR] RewriteCond %{HTTP_USER_AGENT} ^InterGET [OR] RewriteCond %{HTTP_USER_AGENT} ^InternetNinja [OR] RewriteCond %{HTTP_USER_AGENT} ^Iria [OR] RewriteCond %{HTTP_USER_AGENT} ^JetCar [OR] RewriteCond %{HTTP_USER_AGENT} ^JOC [OR] RewriteCond %{HTTP_USER_AGENT} ^JustView [OR] RewriteCond %{HTTP_USER_AGENT} ^LeechFTP [OR] RewriteCond %{HTTP_USER_AGENT} ^lftp [OR] RewriteCond %{HTTP_USER_AGENT} ^likse [OR] RewriteCond %{HTTP_USER_AGENT} ^Magnet [OR] RewriteCond %{HTTP_USER_AGENT} ^Mag-Net [OR] RewriteCond %{HTTP_USER_AGENT} ^MassDownloader [OR] RewriteCond %{HTTP_USER_AGENT} ^Memo [OR] RewriteCond %{HTTP_USER_AGENT} ^MIDowntool [OR] RewriteCond %{HTTP_USER_AGENT} ^Mirror [OR] RewriteCond %{HTTP_USER_AGENT} ^MisterPiX [OR] RewriteCond %{HTTP_USER_AGENT} ^Navroad [OR] RewriteCond %{HTTP_USER_AGENT} ^NearSite [OR] RewriteCond %{HTTP_USER_AGENT} ^NetAnts [OR] RewriteCond %{HTTP_USER_AGENT} ^NetSpider [OR] RewriteCond %{HTTP_USER_AGENT} ^NetVampire [OR] RewriteCond %{HTTP_USER_AGENT} ^NetZip [OR] RewriteCond %{HTTP_USER_AGENT} ^Ninja [OR] RewriteCond %{HTTP_USER_AGENT} ^Octopus [OR] RewriteCond %{HTTP_USER_AGENT} ^OfflineExplorer [OR] RewriteCond %{HTTP_USER_AGENT} ^PageGrabber [OR] RewriteCond %{HTTP_USER_AGENT} ^PapaFoto [OR] RewriteCond %{HTTP_USER_AGENT} ^pcBrowser [OR] RewriteCond %{HTTP_USER_AGENT} ^Pockey [OR] RewriteCond %{HTTP_USER_AGENT} ^Pump [OR] RewriteCond %{HTTP_USER_AGENT} ^RealDownload [OR] RewriteCond %{HTTP_USER_AGENT} ^Reaper [OR] RewriteCond %{HTTP_USER_AGENT} ^Recorder [OR] RewriteCond %{HTTP_USER_AGENT} ^ReGet [OR] RewriteCond %{HTTP_USER_AGENT} ^Siphon [OR] RewriteCond %{HTTP_USER_AGENT} ^SiteSnagger [OR] RewriteCond %{HTTP_USER_AGENT} ^SmartDownload [OR] RewriteCond %{HTTP_USER_AGENT} ^Snake [OR] RewriteCond %{HTTP_USER_AGENT} ^SpaceBison [OR] RewriteCond %{HTTP_USER_AGENT} ^Stripper [OR] RewriteCond %{HTTP_USER_AGENT} ^Sucker [OR] RewriteCond %{HTTP_USER_AGENT} ^SuperBot [OR] RewriteCond %{HTTP_USER_AGENT} ^SuperHTTP [OR] RewriteCond %{HTTP_USER_AGENT} ^Surfbot [OR] RewriteCond %{HTTP_USER_AGENT} ^tAkeOut [OR] RewriteCond %{HTTP_USER_AGENT} ^Teleport [OR] RewriteCond %{HTTP_USER_AGENT} ^Vacuum [OR] RewriteCond %{HTTP_USER_AGENT} ^VoidEYE [OR] RewriteCond %{HTTP_USER_AGENT} ^WebImageCollector [OR] RewriteCond %{HTTP_USER_AGENT} ^WebSucker [OR] RewriteCond %{HTTP_USER_AGENT} ^WebAuto [OR] RewriteCond %{HTTP_USER_AGENT} ^WebCopier [OR] RewriteCond %{HTTP_USER_AGENT} ^WebFetch [OR] RewriteCond %{HTTP_USER_AGENT} ^WebReaper [OR] RewriteCond %{HTTP_USER_AGENT} ^WebSauger [OR] RewriteCond %{HTTP_USER_AGENT} ^Website [OR] RewriteCond %{HTTP_USER_AGENT} ^Webster [OR] RewriteCond %{HTTP_USER_AGENT} ^WebStripper [OR] RewriteCond %{HTTP_USER_AGENT} ^WebWhacker [OR] RewriteCond %{HTTP_USER_AGENT} ^WebZIP [OR] RewriteCond %{HTTP_USER_AGENT} ^Wget [OR] RewriteCond %{HTTP_USER_AGENT} ^Whacker [OR] RewriteCond %{HTTP_USER_AGENT} ^Widow [OR] RewriteCond %{HTTP_USER_AGENT} ^Xaldon RewriteRule /*$ http://www.yourdomain.com [L,R]
*/

Still not working ..

thx for supporting any way

Whatever Hits You , Never was to Mess you , and Whatever Messed U , Never Was to Hit You.

15

Re: Anti Flood Request

2007/1/3 16:12
martyboy
Quite a regular
Posts: 256
Since: 2004/5/25

Hi, i am sorry to here that the help did not work, are you still experiancing big problems with the fake hits? From what i read your host is not helping much which is wrong, i guess you are on shared hosting so you prob dont have shell access, if you do it might be worth learning a bit about it can show alot of things like running 'top' can show you processes using most resources which is helpfull if your server load is too high.

It sounds like you could be under some attack, if somethings are abusing your site more than normal human visitors then your host should step in and block the bad traffic if they are not willing to do anything to help and simply suspend your account or whatever then time to move to a new host.

Michael Jackson = King Of Pop

Xoops = King Of CMS

16

Re: Anti Flood Request

2007/1/3 19:37
onasre
Not too shy to talk
Posts: 150
Since: 2006/8/12

Quote:

martyboy wrote:
Hi, i am sorry to here that the help did not work, are you still experiancing big problems with the fake hits? From what i read your host is not helping much which is wrong, i guess you are on shared hosting so you prob dont have shell access, if you do it might be worth learning a bit about it can show alot of things like running 'top' can show you processes using most resources which is helpfull if your server load is too high.

It sounds like you could be under some attack, if somethings are abusing your site more than normal human visitors then your host should step in and block the bad traffic if they are not willing to do anything to help and simply suspend your account or whatever then time to move to a new host.

Hey Marty and thx again

My host suspended my website 3 times becoe the High hits in less time such as Million hits in 30 Seconds ..
they said i got to do somthing with the script i'm running or my server , becose the attacker could do the hit becose XOOPS Portal dont have a module to Fight back and they gave me Wxample to try Phpnuke 8.0 comes with Anti Flood module
i did Run it since then it been a Month and the Attacks Stoped and in my Report File i see how many IP Banned that tried to flood me .
But i want my XOOPS back , I like it beter than Nuke. but each time i run it there somone Waiting with Anti flood program .

the idea is simple .. when somone try to hit you with million hits in 30 second . XOOPS shoud hav somthing say Stop you cant do more than 5 hits in one page in one second
i saw that with phpnuke 8.0 .i hit the indexpage 5 times Fast then i got the mssage that i cant hit any more and i have to wait 3 second. if this in XOOPS that Great and will leave one problem .. that the Offline Browsing or downloading . if u see above that guy gave me his URL and i coud use it with Htrack and download his whole website if i wanted ..i tried your .htaccess code and wont work i have the pretector and xoops2.16 and wont stop that .

Whatever Hits You , Never was to Mess you , and Whatever Messed U , Never Was to Hit You.

17

Re: Anti Flood Request

2007/1/3 19:55
onasre
Not too shy to talk
Posts: 150
Since: 2006/8/12

this new update for the thread i tried to use offline browsing to download from xoops.org and this the resulte

Resized Image

as u can see its allowed and this will kill your site bandwidth ..

Whatever Hits You , Never was to Mess you , and Whatever Messed U , Never Was to Hit You.

18

Re: Anti Flood Request

2007/1/3 21:20
vaughan
Friend of XOOPS
Posts: 680
Since: 2005/11/26

have you tried messing with protector preferences?

Resized Image

also

netquery module.

https://xoops.org/modules/news/article.php?storyid=3490&com_id=33448&com_rootid=33173&com_mode=thread&#comment33448

it has spambot protection which is for this kind issue you are experiencing.

19

Re: Anti Flood Request

2007/1/4 0:37
onasre
Not too shy to talk
Posts: 150
Since: 2006/8/12

Quote:

vaughan wrote:
have you tried messing with protector preferences?

also

netquery module.

https://xoops.org/modules/news/article.php?storyid=3490&com_id=33448&com_rootid=33173&com_mode=thread&#comment33448

it has spambot protection which is for this kind issue you are experiencing.

that did it.. i made it from 10 to 5.. thx that solve it

but did not solve offline browsing

Whatever Hits You , Never was to Mess you , and Whatever Messed U , Never Was to Hit You.

20

Re: Anti Flood Request

2007/1/4 17:22
martyboy
Quite a regular
Posts: 256
Since: 2004/5/25

Hey, glad to see you got some of your problem solved, protector is agreat module for stopping refresh attacks and high loading crawlers.

For the offline downloading you will have to try and ban them using htaccess like i posted above, you need to know the user agent so you can ban by user agent, searching on google might bring up good lists of user agents to ban.

You might also set up some kind of honey pot to catch them, ive never tried this so im not sure how efective it is but you could create a directory within your site which is not puclic and no one knows about name it something like kjsahfj87825jh like really random so no human could guess it put in a few images then wait a week or so, check your access logs and look to see who/what has downloaded that directory and bingo you have your bad bots(dissalow the directory in robots.txt first), and offline downloaders check the ip's and useragents and ban them with htaccess.

This will probably only work if someone is typing your main URL into the downloading software and downloading your entire site, its worth a try the more bad useragents and ips you ban might at least reduce your bandwidth usage a bit.

Michael Jackson = King Of Pop

Xoops = King Of CMS

Stats
Goal:	$100.00
Due Date:	May 31
Gross Amount:	$0.00
Net Balance:	$0.00
Left to go:	$100.00

Re: Anti Flood Request

Re: Anti Flood Request

Re: Anti Flood Request

Re: Anti Flood Request

Re: Anti Flood Request

Re: Anti Flood Request

Re: Anti Flood Request

Re: Anti Flood Request

Re: Anti Flood Request

Re: Anti Flood Request

Login

Search

Recent Posts

Re: Rebuilding and Updating a 20 years old Xoops Website from 2.0.18? to 2.5.11

Rebuilding and Updating a 20 years old Xoops Website from 2.0.18? to 2.5.11

Re: NewBB v 5.1.0 b 6

Re: NewBB v 5.1.0 b 6

NewBB v 5.1.0 b 6

Re: XOOPS 2.5.11 search user is not working

Re: oledrion

Re: oledrion

Re: oledrion

Re: oledrion

Who's Online

Donat-O-Meter

Latest GitHub Commits

{{ record.sha.slice(0, 7) }} - {{ record.commit.message | truncate }}