I have a blog build with PHP/Apach/MySQL: http://www.consultingcase101.com. just found from the log file that a spammer IP 213.5.64.20 attack my blog every 20 mins. I already blocked it from .htaccess file. Is there anyway to complete block this IP so that it won't attack my blog anymore? any suggestions?? [Wed Oct 13 01:09:55 2010] [error] [client 213.5.64.20] client denied by server configuration: [Wed Oct 13 01:09:55 2010] [error] [client 213.5.64.20] client denied by server configuration: [Wed Oct 13 01:32:14 2010] [error] [client 213.5.64.20] client denied by server configuration: [Wed Oct 13 01:32:14 2010] [error] [client 213.5.64.20] client denied by server configuration: [Wed Oct 13 01:54:34 2010] [error] [client 213.5.64.20] client denied by server configuration: [Wed Oct 13 01:54:34 2010] [error] [client 213.5.64.20] client denied by server configuration: [Wed Oct 13 02:16:36 2010] [error] [client 213.5.64.20] client denied by server configuration: [Wed Oct 13 02:16:36 2010] [error] [client 213.5.64.20] client denied by server configuration: [Wed Oct 13 02:40:01 2010] [error] [client 213.5.64.20] client denied by server configuration: [Wed Oct 13 02:40:01 2010] [error] [client 213.5.64.20] client denied by server configuration: [Wed Oct 13 03:04:04 2010] [error] [client 213.5.64.20] client denied by server configuration: [Wed Oct 13 03:04:04 2010] [error] [client 213.5.64.20] client denied by server configuration:
if you have root access to the server you can block it in iptables but why is it bothering you? it does not quite send 100 requests per second to any affect your server load
I see about 2 attempts followed by a long pause repeatedly, likely not an issue that should affect your resources, unless there is more going on behind whats listed in those log entries. As stated above, if you have root access you can block the IP using a firewall (iptables).
Website submit forms are very vulnerable to spammers...i keep getting them even if i have captcha...they also seem to have endless ips...basically the only way is to establish the spammer's text pattern and try to filter it out...but as soon yu get rid of one, another pops out, its like virus :E
maybe I should remove the contact form from my site . . . I didnt' realize they were vulnerable to attacks. What else can we do to defend against hackers? I own a PTC site tha gets hack attempts quite often.
The visitor is not getting into your site and is getting a 403 (access denied) by a server configuration. Denial of access does not prevent requests from appearing in either the raw logs or the error logs. You simply need to disregard the 403's when reviewing your logs.
You can block it with htaccess: http://www.ivankristianto.com/web-d...-visitors-to-your-website-with-htaccess/1524/
If you have cpanel, use its security features it will definitely help you weed out spammers and block them.
I just did a count of my htaccess file: wp -l .htaccess 200 spamming IPs have been blocked, but everyday new spamming IPs keep showing up. I hate spammers!!! why do they have to do that????