Recent content by ES Dev Team

Interesting. How do you accomplish this? do you have a custom log format? I'm still in the middle of building my thing, but i thought about this a lot and it turned me off from this plugin. It's interesting otherwise. I have a little script now that can write all the data for a web hit to PHP...

I don't expect any UA identification to work in the future. The majority of bots i see are randomizing theirs. The way i would configure anubis: users submit 5 seconds of CPU time we retain the 'user passed the check' for 30 days so a real user only needs to pass it rarely rework the anubis UI...

I'm a big fan of hetzner lately for my server hosting clients. Product to cost ratio is excellent. However there's lots of sticky things to cut one's hands on with their backend administration, so i would only recommend it to someone else if they're willing to get very geeky.

Damn, you had to ban linux users huh :( If they are using real browsers, then yes, they can get around almost anything. The more people who use anubis, the higher the cpu tax will be on these bot farms and we could theoretically make the job too expensive if tons of people use something like...

Worked for me. Thanks! Interesting, 2.2.x doesn't have this problem, the ideal setting is the opposite

for me port 587 is also broken in 2.3.x. and my provider is blocking port 465 :(

Interesting. I think a lot of scrapers are using real browsers via something like chromedriver. The chinese bot farms tend to use mobile phones because they're cheap. I wonder how effective it is.

About 90% of today's bots pretend to be regular users and use real web browsers. Neither google analytics nor xenforo can differentiate them between Every website of any sufficient size has this problem Check this thread for more info on solutions...

Yep, cloudflare, fail2ban, or something equivalent is now a prerequisite for running a website now. Not a single one of the 32 servers i manage does not have this problem, in addition to lots of people proving for vulnerabilities and trying to break passwords. So is it the case that everyone...

I'm just happy to see development continuing!

If you click on that URL you can tell that the SQL injection is not working since you don't get a 15 second wait. This person is testing your system for vulnerabilities, and in this case it looks the test is being failed. Strange, this returns a 400 code which may not be tracked by existing...

@truonglv I wanted to buy this plugin but i see it is marked unmaintained.. Is there any chance you will maintain it in the future?

I like to refer to this as a free vulnerability scan, provided by independent and state sponsored hackers. They always go after wordpress first because that's like 60% of the internet. I have seen scans such as these try to pick up database/file backups in the root folder, which i see most...

That's what i'm experiencing too. But it's slower to tail off. It might be because my 'members online timeout' is set higher than theirs. Wonder if other cloudflare users also experience this periodic blast.

Wish i didn't run an international forum at this point 🥲 Looks like Xenforo.com is getting hit. This reminds me of my last night.