Website Under Attack
I just recently took a look at my “Blog Info” stats page and saw the following:
I opened the hits table page of the FireStats WordPress plugin and saw a lot of traffic coming from the IPs starting with 83.190.___.___ (click here to see a screenshot from that “hits table” which grew really large because of those IP hit entries).
My access.log from yesterday (May 8th, 2008) shows:
6.218 hits from 83.190.158.162
4.428 hits from 83.190.187.154
4.012 hits from 83.190.186.37
3.282 hits from 83.190.222.58
1.038 hits from 83.190.165.173
First, I tried to ban them via .htaccess:
...
# END WordPress
#
## USER IP BANNING
<Limit GET POST>
order allow,deny
deny from 83.190.158.162
deny from 83.190.187.154
deny from 83.190.186.37
deny from 83.190.222.58
deny from 83.190.165.173
allow from all
</Limit>Thanks to a clue from my provider (all-inkl.com) I changed this by using ModRewrite - this way, I do not have to look up every IP, I just use the requested URI:
#
# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
# Against recent attacks with /tag/.../&/archiveform...
RewriteCond %{REQUEST_URI} (.*)/tag/(.*)/&/archiveform(.*) [NC]
RewriteRule ^(.*) - [F]
# Go on with WordPress
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
# END WordPress
#It’s good to have FireStats… 
Next post: 260,257 Kilometers
Previous post: About A Dawn
Trackback URI | Comments RSS | Permalink
No votes yet, be the first!
Loading ...
Welcome! Did you know you can subscribe to my blog via 
Loading ...
