The Arcive of Official vBulletin Modifications Site.

the one · #1 08-28-2017, 06:57 AM

I am aware that Amazon now make available a complete list of their IP address blocks in JSON format here https://ip-ranges.amazonaws.com/ip-ranges.json

I have been told that you can use that to create rules to block all of those addresses.Now i am not really any good at this so this is my question.

What would i do with that would i copy it and add it in my CSF in WHM and if so can someone tell me where i put that or how do i create the rules block.

Many thanks.

Malc

Simon Lloyd · #2 08-28-2017, 09:50 AM

You could ban their useragent string using this https://vborg.vbsupport.ru/showthread.php?t=268208 or Ban IPs using this https://vborg.vbsupport.ru/showthread.php?t=268147 no rules needed

the one · #3 08-29-2017, 05:10 AM

I dont fancy banning the ip individually that would take forever and i would do that at the server end.

I also have that plugin for bots installed on my forum and it bans most bots but for some reason it does not work on amazonaws.

Anyway thanks for the advice.I did do a thread here https://vborg.vbsupport.ru/showthread.php?t=323511 but only a few work arounds

cheers

Simon Lloyd · #4 08-29-2017, 05:25 AM

The bot blocker does do the Amazonaws but you need to find the correct useragent, so you'd need to block amazonaws.com, ia_archiver, alexa.com (unless you use Alexa for your web analysis), softlayer.com, scaleway.com and there are a few more, but the best way is to view your Who's Online page with useragent showing and copy the amazonaws strings in to the list in the mod then they are gone forever

--------------- Added [DATE]1503992005[/DATE] at [TIME]1503992005[/TIME] ---------------

As an added, use the tools I provide links to in the ban spider mod page and analyse the user agent string as it may turn out that that they have other associated and the one displaying is just a fa?ade.

the one · #5 08-29-2017, 04:56 PM

Thanks simon so if i see this

ec2-52-89-87-158.us-west-2.compute.amazonaws.com

Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2228.0 Safari/537.36

Do i put this Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2228.0 Safari/537.36 in the ban spider

Many thanks

Simon Lloyd · #6 08-30-2017, 03:56 PM

Yes exactly that, you have to remember that Amazonaws isn't actually amazon but just rented space to others by them.

This part ec2-52-89-87-158.us-west-2.compute.amazonaws.com is just what the IP address resolves to and you see it as admin.

Hope that helps

the one · #7 09-02-2017, 10:56 AM

Quote:

Originally Posted by Simon Lloyd

Yes exactly that, you have to remember that Amazonaws isn't actually amazon but just rented space to others by them.

This part ec2-52-89-87-158.us-west-2.compute.amazonaws.com is just what the IP address resolves to and you see it as admin.

Hope that helps

Thanks buddy

So this agent Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2228.0 Safari/537.36

If i put that in the ban list it wont stop normal members viewing the forum.

Cheers once again

Dave · #8 09-02-2017, 11:24 AM

People who still use version 41.0.2228.0 of Chrome will not be able to use the forum if you ban that useragent.
It's very unlikely people still use that version since we're at version 60 now though.

Stratis · #9 09-06-2017, 02:50 PM

This I use in a file .htaccess

Code:

# compute-1.amazonaws.com #
Deny from 23.23.10.62
Deny from 23.20.
Deny from 23.22.
Deny from 35.156.
Deny from 35.157.
Deny from 35.158.
Deny from 35.160.161.231
Deny from 35.162.174.19
Deny from 35.163.83.33
Deny from 35.165.187.125
Deny from 35.166.
Deny from 35.167.
Deny from 46.137.98.159
Deny from 50.16.
Deny from 50.17.
Deny from 50.19.
Deny from 50.112.
Deny from 52.3.127.144
Deny from 52.10.44.67
Deny from 52.18.13.221
Deny from 52.20.100.201
Deny from 52.23.
Deny from 52.27.19.41
Deny from 52.28.
Deny from 52.29.194.141
Deny from 52.33.108.21
Deny from 52.37.156.71
Deny from 52.48.74.52
Deny from 52.57.
Deny from 52.58.
Deny from 52.59.166.170
Deny from 52.67.149.151
Deny from 52.91.
Deny from 52.207.224.143
Deny from 52.221.222.65
Deny from 54.22.67.76
Deny from 54.80.
Deny from 54.81.203.79
Deny from 54.82.
Deny from 54.83.
Deny from 54.85.11.157
Deny from 54.87.
Deny from 54.89.
Deny from 54.90.186.245
Deny from 54.92.150.95
Deny from 54.93.55.9
Deny from 54.145.254.249
Deny from 54.146.
Deny from 54.147.134.218
Deny from 54.152.162.237
Deny from 54.154.
Deny from 54.157.218.181
Deny from 54.158.
Deny from 54.159.111.114
Deny from 54.161.124.79
Deny from 54.163.
Deny from 54.165.
Deny from 54.166.
Deny from 54.167.219.248
Deny from 54.169.219.126
Deny from 54.172.
Deny from 54.173.172.60
Deny from 54.174.46.230
Deny from 54.175.
Deny from 54.189.154.220
Deny from 54.196.
Deny from 54.197.
Deny from 54.198.
Deny from 54.203.205.196
Deny from 54.204.165.156
Deny from 54.221.194.61
Deny from 54.205.
Deny from 54.208.63.4
Deny from 54.209.60.63
Deny from 54.211.
Deny from 54.224.4.183
Deny from 54.225.
Deny from 54.226.67.76
Deny from 54.227.
Deny from 54.229.59.37
Deny from 54.232.100.158
Deny from 54.234.
Deny from 54.235.132.136
Deny from 54.236.
Deny from 54.237.
Deny from 54.242.
Deny from 54.249.240.15
Deny from 54.252.97.95
Deny from 54.251.45.250
Deny from 67.202.63.69
Deny from 75.101.
Deny from 107.21.
Deny from 107.22.154.72
Deny from 107.23.45.196
Deny from 174.129.
Deny from 184.73.
Deny from 204.236.235.245

When I see some new IP, I put that in the file. I have many months to see them again.

Simon Lloyd · #10 09-07-2017, 04:00 PM

Quote:

Originally Posted by Dave

People who still use version 41.0.2228.0 of Chrome will not be able to use the forum if you ban that useragent.
It's very unlikely people still use that version since we're at version 60 now though.

Hi Dave, it wont ban just that version of Chrome, it will only ban any user with that entire user agent string, so no worries if there are some dinosaurs still using that version of Chrome

--------------- Added [DATE]1504807286[/DATE] at [TIME]1504807286[/TIME] ---------------

Quote:

Originally Posted by Stratis

This I use in a file .htaccess

Code:

# compute-1.amazonaws.com #
Deny from 23.23.10.62
Deny from 23.20.
....................................

When I see some new IP, I put that in the file. I have many months to see them again.

You shouldn't have a large .htaccess file as it can lead to a greater use of resources which in turn could slow the experience for real users.

--------------- Added [DATE]1504807350[/DATE] at [TIME]1504807350[/TIME] ---------------

Quote:

Originally Posted by the one

Thanks buddy

So this agent Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2228.0 Safari/537.36

If i put that in the ban list it wont stop normal members viewing the forum.

Cheers once again

No it wont, it will prevent users that have that exact user agent string (which appears to be a modified one) from entering your site.

X vBulletin 3.8.12 by vBS Debug Information
Page Generation 0.05136 seconds Memory Usage 2,267KB Queries Executed 13 (?)
More Information
Template Usage: (1)SHOWTHREAD (1)ad_footer_end (1)ad_footer_start (1)ad_header_end (1)ad_header_logo (1)ad_navbar_below (1)ad_showthread_beforeqr (1)ad_showthread_firstpost (1)ad_showthread_firstpost_sig (1)ad_showthread_firstpost_start (2)bbcode_code (4)bbcode_quote (1)footer (1)forumjump (1)forumrules (1)gobutton (1)header (1)headinclude (1)navbar (3)navbar_link (120)option (1)pagenav (1)pagenav_curpage (1)pagenav_pagelink (10)post_thanks_box (2)post_thanks_box_bit (10)post_thanks_button (1)post_thanks_javascript (1)post_thanks_navbar_search (1)post_thanks_postbit (10)post_thanks_postbit_info (10)postbit (10)postbit_onlinestatus (10)postbit_wrapper (1)spacer_close (1)spacer_open (1)tagbit_wrapper Phrase Groups Available: global inlinemod postbit posting reputationlevel showthread	Included Files: ./showthread.php ./global.php ./includes/init.php ./includes/class_core.php ./includes/config.php ./includes/functions.php ./includes/class_hook.php ./includes/modsystem_functions.php ./includes/functions_bigthree.php ./includes/class_postbit.php ./includes/class_bbcode.php ./includes/functions_reputation.php ./includes/functions_post_thanks.php Hooks Called: init_startup init_startup_session_setup_start init_startup_session_setup_complete cache_permissions fetch_postinfo_query fetch_postinfo fetch_threadinfo_query fetch_threadinfo fetch_foruminfo style_fetch cache_templates global_start parse_templates global_setup_complete showthread_start showthread_getinfo forumjump showthread_post_start showthread_query_postids showthread_query bbcode_fetch_tags bbcode_create showthread_postbit_create postbit_factory postbit_display_start post_thanks_function_post_thanks_off_start post_thanks_function_post_thanks_off_end post_thanks_function_fetch_thanks_start fetch_musername post_thanks_function_fetch_thanks_end post_thanks_function_thanked_already_start post_thanks_function_thanked_already_end postbit_imicons bbcode_parse_start bbcode_parse_complete_precache bbcode_parse_complete postbit_display_complete post_thanks_function_can_thank_this_post_start post_thanks_function_fetch_thanks_bit_start post_thanks_function_show_thanks_date_start post_thanks_function_show_thanks_date_end post_thanks_function_fetch_thanks_bit_end post_thanks_function_fetch_post_thanks_template_start post_thanks_function_fetch_post_thanks_template_end pagenav_page pagenav_complete tag_fetchbit_complete forumrules navbits navbits_complete showthread_complete
Messages:

2 благодарности(ей) от:
CAG CheechDogg, the one

The Arcive of Official vBulletin Modifications Site.

It is not a VB3 engine, just a parsed copy!