1. Advertising
    y u no do it?

    Advertising (learn more)

    Advertise virtually anything here, with CPM banner ads, CPM email ads and CPC contextual links. You can target relevant areas of the site and show ads based on geographical location of the user if you wish.

    Starts at just $1 per CPM or $0.10 per CPC.

How to stop spammer from attacking my site?

Discussion in 'Traffic Analysis' started by case101, Oct 13, 2010.

0
  1. #1
    I have a blog build with PHP/Apach/MySQL: http://www.consultingcase101.com.
    just found from the log file that a spammer IP 213.5.64.20 attack my blog every 20 mins. I already blocked it from .htaccess file. Is there anyway to complete block this IP so that it won't attack my blog anymore? any suggestions??

    [Wed Oct 13 01:09:55 2010] [error] [client 213.5.64.20] client denied by server configuration:
    [Wed Oct 13 01:09:55 2010] [error] [client 213.5.64.20] client denied by server configuration:
    [Wed Oct 13 01:32:14 2010] [error] [client 213.5.64.20] client denied by server configuration:
    [Wed Oct 13 01:32:14 2010] [error] [client 213.5.64.20] client denied by server configuration:
    [Wed Oct 13 01:54:34 2010] [error] [client 213.5.64.20] client denied by server configuration:
    [Wed Oct 13 01:54:34 2010] [error] [client 213.5.64.20] client denied by server configuration:
    [Wed Oct 13 02:16:36 2010] [error] [client 213.5.64.20] client denied by server configuration:
    [Wed Oct 13 02:16:36 2010] [error] [client 213.5.64.20] client denied by server configuration:
    [Wed Oct 13 02:40:01 2010] [error] [client 213.5.64.20] client denied by server configuration:
    [Wed Oct 13 02:40:01 2010] [error] [client 213.5.64.20] client denied by server configuration:
    [Wed Oct 13 03:04:04 2010] [error] [client 213.5.64.20] client denied by server configuration:
    [Wed Oct 13 03:04:04 2010] [error] [client 213.5.64.20] client denied by server configuration:
     
    case101, Oct 13, 2010 IP
  2. atxsurf

    atxsurf Peon

    Messages:
    2,394
    Likes Received:
    21
    Best Answers:
    1
    Trophy Points:
    0
    #2
    if you have root access to the server you can block it in iptables
    but why is it bothering you? it does not quite send 100 requests per second to any affect your server load
     
    atxsurf, Oct 13, 2010 IP
  3. case101

    case101 Peon

    Messages:
    137
    Likes Received:
    0
    Best Answers:
    0
    Trophy Points:
    0
    #3
    i thought this kind of repeated attempt to connect could affect sever load.

     
    case101, Oct 13, 2010 IP
  4. elicitservers

    elicitservers Peon

    Messages:
    714
    Likes Received:
    7
    Best Answers:
    1
    Trophy Points:
    0
    #4
    I see about 2 attempts followed by a long pause repeatedly, likely not an issue that should affect your resources, unless there is more going on behind whats listed in those log entries. As stated above, if you have root access you can block the IP using a firewall (iptables).
     
    elicitservers, Oct 13, 2010 IP
  5. clades

    clades Peon

    Messages:
    579
    Likes Received:
    6
    Best Answers:
    0
    Trophy Points:
    0
    #5
    Website submit forms are very vulnerable to spammers...i keep getting them even if i have captcha...they also seem to have endless ips...basically the only way is to establish the spammer's text pattern and try to filter it out...but as soon yu get rid of one, another pops out, its like virus :E
     
    clades, Oct 23, 2010 IP
  6. Coby Wright

    Coby Wright Peon

    Messages:
    15
    Likes Received:
    0
    Best Answers:
    0
    Trophy Points:
    0
    #6
    maybe I should remove the contact form from my site . . . I didnt' realize they were vulnerable to attacks.

    What else can we do to defend against hackers? I own a PTC site tha gets hack attempts quite often.
     
    Coby Wright, Oct 26, 2010 IP
  7. wilderness

    wilderness Member

    Messages:
    43
    Likes Received:
    2
    Best Answers:
    0
    Trophy Points:
    43
    #7
    The visitor is not getting into your site and is getting a 403 (access denied) by a server configuration.

    Denial of access does not prevent requests from appearing in either the raw logs or the error logs. You simply need to disregard the 403's when reviewing your logs.
     
    wilderness, Oct 26, 2010 IP
  8. ivan.kristianto

    ivan.kristianto Active Member

    Messages:
    136
    Likes Received:
    0
    Best Answers:
    0
    Trophy Points:
    51
    #8
    ivan.kristianto, Nov 4, 2010 IP
  9. Hosterbox

    Hosterbox Active Member

    Messages:
    222
    Likes Received:
    3
    Best Answers:
    0
    Trophy Points:
    60
    #9
    If you have cpanel, use its security features it will definitely help you weed out spammers and block them.
     
    Hosterbox, Nov 11, 2010 IP
  10. bonjour123

    bonjour123 Peon

    Messages:
    203
    Likes Received:
    1
    Best Answers:
    0
    Trophy Points:
    0
    #10
    block their IP, from cpane;
     
    bonjour123, Nov 11, 2010 IP
  11. case101

    case101 Peon

    Messages:
    137
    Likes Received:
    0
    Best Answers:
    0
    Trophy Points:
    0
    #11
    I just did a count of my htaccess file: wp -l .htaccess

    200 spamming IPs have been blocked,
    but everyday new spamming IPs keep showing up.
    I hate spammers!!! why do they have to do that????


     
    case101, Nov 11, 2010 IP
  12. Newweddingrings

    Newweddingrings Peon

    Messages:
    54
    Likes Received:
    0
    Best Answers:
    0
    Trophy Points:
    0
    #12
    I hope spammers would do something productive with their time!
     
    Newweddingrings, Nov 15, 2010 IP