The Arcive of Official vBulletin Modifications Site.It is not a VB3 engine, just a parsed copy! |
|
#1
|
||||
|
||||
Ubuntu Server Firewall blocking
I've got my server all set up, and today I found the need to enable the firewall. I have spam-o-matic installed, i have configured my htaccess to
Code:
RewriteEngine on RewriteCond %{HTTP_REFERER} ^http://*.vhoster\.org [NC,OR] RewriteCond %{HTTP_REFERER} ^http://*vhoster\.org [NC,OR] RewriteCond %{HTTP_REFERER} ^http://.*vhoster\.org [NC] RewriteCond %{REMOTE_ADDR} ^91\. RewriteRule .* - [F] order allow,deny deny from 91. deny from vhoster.org deny from *vhoster.org allow from all nothing is blocking this damn auto reg/post bot. well spam-o-matic's doing a good job keeping it from registering but, occasionally one slips through. its just annoying, and the problem is, the IP keeps changing. so i enabled UFW and got that all set up but i cant figure out how to block "IPs begining with" i have tried the following commands Code:
ufw deny from 91* Code:
ufw deny from 91/24 Code:
ufw deny from 91.* Code:
ufw deny from 91 Code:
ufw deny from 91. --------------- Added [DATE]1461080252[/DATE] at [TIME]1461080252[/TIME] --------------- I think this may have done it Code:
ufw deny OUT from any to 91.200.12.64/32 ufw deny OUT from any to 91.200.12.0/22 ufw deny from 91.200.12.64/32 ufw deny from 91.200.12.0/22 htaccess: Code:
RewriteEngine on RewriteCond %{REMOTE_ADDR} ^91\.200\.12\.64$ [NC] RewriteCond %{REMOTE_ADDR} ^91\.200\.(0*1+[2-5]+)\.([0-2]+[0-5]+[0-5]+)$ RewriteRule .* - [F,L] order allow,deny deny from 91.200.12.0/24 allow from all https://github.com/pushinginertia/ip...blacklist.conf and added the ip ranges there too anyone else got any more tips? |
#2
|
|||
|
|||
I would suggest to improve your addons to protect your forum from spambots instead of blocking IP ranges.
|
#3
|
||||
|
||||
Quote:
It was a good tactic back when Static IP addresses were common. Now a days almost everyone is on a dynamic IP address. Not to mention that spoofing an IP address isn't difficult at all. I personally use a honeypot in conjunction with vB Bad Behavior. There is a section in there called "http:BL API Key" If you host your own server, you can set up a honeypot on it and then you'll receive your own API Key. In addition, if you're willing to, you can hide a link to my honeypot in your site (I generate you a quicklink or something) and then I'll let you use my API key. I'll need to look over Project Honeypots EULA to make sure this is alright, but I believe it should be. Regardless, I have very little spam. |
Thread Tools | |
Display Modes | |
|
|
X vBulletin 3.8.12 by vBS Debug Information | |
---|---|
|
|
More Information | |
Template Usage:
Phrase Groups Available:
|
Included Files:
Hooks Called:
|