What does MSIE 7 stand for?
What about Mozilla/4.0?

Is there a list somewhere that explains the meaning?

Microsoft Internet Explorer
Mozilla is firefox, use google to find out what these terms are if you are unsure, there's not a list that I know of or have even searched for but you can use the tools I've shown in the first post to help you find some info around these :)

That's the main point really.

Do NOT enter the term "Mozilla" into this mod! You will be blocking just about every windows computer on the planet if you do!

Here's a fairly typical Windows computer user agent string:

Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/6.0; SLCC2; .NET CLR 2.0.50727

ALL windows computer user agent strings are going to have the word "Mozilla" in them no matter what browser the computer actually uses.

Entering Mozilla/4.0 is different than entering Mozilla correct? If so, is blocking Mozilla/4.0 unreasonable? All the Russian IPs are using it and no one else.

NO Mozilla AT ALL!

Most ALL windows computers gonna have that "Mozilla4.0" yours probably does too! Have you studied your OWN user agent string?

But Simon's original list of UA that comes with the mod contains:

Mozilla.*Indy
Mozilla.*NEWT
Mozilla*MSIECrawler

And my understanding is that will only block those particular strings? It looks like this is true because they're on my list and there are plenty of Mozilla/5.0 and Mozilla/4.0 in my forum.

So if I understand correctly; adding Mozilla/4.0 (which I will not do as per your recommendation) will not affect Mozilla /5.0?

I never saw that on his list or any other list, but yes as long as "mozilla" isn't on a line by itself you got no problems.

But what i am telling you is, blocking "Mozilla/4.0" gonna block billions of computers, not just the Russian ones.

Find something unique in their strings to block, if you want to use this to block them. You might not find any such.

Understood, thanks.

Max, you may be interested in this. I had a legit user blocked out of my forum. I checked and rechecked his UA and could not figure out why he was blocked Of course turning off the mod unblocked him, so I knew it had to be something.

On a hunch I looked at the MSIE entries I copied from your old post:

MSIE 1
MSIE 2
MSIE 3
MSIE 4
MSIE 5
MSIE 6

I realized that MSIE 1 is the culprit being the first part of MSIE 10.0;

Have you since removed MSIE 1 from your list?

Is there another way to make MSIE 1 work without affecting MSIE 10? As well as the other MSIE, like MSIE 2 for when IE gets to version 20 :)?

I doubt there's a pc on the planet that still uses MSIE 1,2 or 3 :)

Remember this mod was built to ban spiders or bots which usually display their bot name in their UA, using the mod outside of that scope is bound to take you in to some grey areas, make sure you use the tools shown in the original post of this thread to check new UA's before you ban them.

Is there a way to block MSIE 1 without affecting MSIE 10?

All you can do is add a space after it, but again all it will do is look for MSIE 1_ where _ is the space (it doesn't physically look like _ that was for illustration purposes), but if it doesn't appear in the UA with a space after it, it wont ban it.

Thanks.

Another general question. I understand that malicious bots can fake the UA. Why don't they all fake it to display as Google? This way anybody would be hesitant to block them? BTW I do use your IP ban mod also.

Yes this was covered earlier in the thread, and have since removed MSIE 1 from my list. This was months ago. Like Simon said, the number of surviving computers on the planet still using MSIE1 is so tiny, it's not worth blocking.

Some of them do so, but it's very easy to spot those fakes since Google only uses one or two IP addresses. I am pretty sure there's a Mod for blocking spoofed google UA's somewhere.

I found this information about verifying Google bot. And used this tool http://ipadmin.junkemailfilter.com/rdns.php. Is this the best way? Or is there a list of the IP addresses google uses?

I'd appreciate a link to the mod you mentioned, I searched and can't find it.

Hi Simon,

Hope you got your forum problems sorted :)

I noticed that the mod will not create new threads on private forums, where only admins can post/read.
I am using my admin account as thread creator, so it has permissions to create threads. The threads are created only on public forums where other members and guests can see them, which of course isn't nice.

The output.txt file writing is also not logging anything.

But from my server logs, I see this mod has been doing incredibly well in blocking some nasty spiders (mainly Magpie and Spinn3r).

For those who don't check their server logs, I would advise to check them and see if Magpie is sucking up to 40% of bandwidth as it was until recently in one of my sites.

I only vaguely remember seeing such, and it was sometime back. And I might even be wrong.

Glad it's working for you, on my forum I simply added a forum where only staf had permissions to view and made the threads there, I also had no issue with logging.

I did get my forum issues sorted, turns out it was a half assed script kiddie attempt to kill it but got it sorted (one of my forums allowed html in the post environment....really bad idea!). When I get chance (which will be after Thursday as my wife is having an op) I will retest the mod from scratch and post specifics here.

i suppose it shld be pretty safe to use the default list of spider list to ban on this plugin? i've no idea which to prune.....

There are quite a few lists posted throughout this thread, take a look at them, if you use the built in one then

See if the default one helps the issue you're having, first. Is my suggestion. The default list is a good list.

Is there a mod for vb 4.x.x

Found on the developer's profile:

https://vborg.vbsupport.ru/showthread.php?t=268208

Really love this mod a lot and works great on 4.2.1

Finally Baidu is not showing up anymore in my "online users" list.

I saw another bot recently searching my forum and from some research it seems to be a bad one also: AhrefsBot http://blocklistpro.com/content-scra...o-spybots.html

I added this to my list:
Mozilla/5.0 (compatible; AhrefsBot/2.0; +http://ahrefs.com/robot/)
and
Mozilla*Ahref

Was this the correct way to do it?

NO!!!



Including "Mozilla" and "compatible" in this list blocks just about the entire world!

Get rid of that entry and simply put: "AhrefsBot" in instead!

Thank you for the quick reply.
I was reading post #127 and 128 and thought as long there is something behind the "mozilla" in the same line there wouldn't be an issue. My mistake I guess

You might be right but 1.) I wouldn't risk it, and 2.) it's not necessary.

When banning whatever you add to the list will be looked for in its entirety, so if you enter "today" then it will ban:
Today
thisdayistoday
wheretodayis
one day today

if you entered "here today" then it will not ban:
one day today
thisdaytoday
today....etc

but it will ban:
we were here today
allhere todayagain....etc

When banning bots make sure you go to WOL and check out their UA as it may not contain their name in the UA.

Had this mod for a while now, forgot to mark installed..

Cheers, does the trick...

Thanks for the feedback! :)

ok not sure what i am missing here but i dont see the screenshots that others are showing where it lists the area of setting the spiders to block etc... where do i go in the admin to manage this mod?

Go to ban spiders by user agent in vbulletin options :)

And the pic was way back in the thread https://vborg.vbsupport.ru/attachmen...7&d=1329854992

thanks i saw the pic and i expanded the entire menu on the left search for ban or spider and it doesnt show up anywhere?

then i installed spam hammer which does show a menu item and shows a link for options and I ended up finding it there.

thanks

it would have been found in vbulletin options, if you've added spam hammer uninstall my mod as spam hammer has added pretty much what this mod does to its code, you don't need both.

Had a legitimate user blocked, removed mod and user still gets redirected.

If you've removed the mod then its not this mods fault!, it doesn't keep any database....etc on which UA strings are blocked, if it blocked a legitimate user it's down to what and how you entered the string to ban.

EDIT: You've never downloaded this mod!!!!!

Yes I did and I have a user who was blocked after installing this mod, and was redirected to the website that is in there by default.

Was hoping for help solving the issue.

Just because someone is asking for help with your Mod does not mean that that are accusing you of wrong doing. Chill.