• This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn more.

XF 1.4 I'm getting attacked how to block forum for visitors but not robots please it's urgent

#7
Here the attacks this morning I put some lines, but that does y'en then telement how to block wordpress? I already put his

Deny from .wordpress
Deny from Wordpress

but does not work please?

 
#9
You need to block based on user agent. This is discussed here: http://www.webmasterworld.com/apache/4660863.htm The first post by "wilderness" should give you code options for your .htaccess.
Thank you for your reply friend if I understand what I should put in the htacess you give me an example stp like her I just had to thank you copy and paste a toi

Order Deny,Allow
# IF User Agent "contains WordPress"
SetEnvIf User-Agent WordPress keep_out
Deny from env=keep_out

OR

RewriteEngine on
# IF User Agent "contains WordPress"
RewriteCond %{HTTP_USER_AGENT} WordPress
RewriteRule .* - [F]
 

Mike

XenForo developer
Staff member
#10
Put:
Code:
RewriteEngine on 
# IF User Agent "contains WordPress" 
RewriteCond %{HTTP_USER_AGENT} WordPress 
RewriteRule .* - [F]
At the top of your .htaccess.

If it worked properly, the logs will start showing a code of (I believe) 403 instead of 200 (after the "GET / HTTP/1.1" part) and the users won't appear as online in XF.
 

Tracy Perry

Well-known member
#11
And for those using nginx, this should work
Code:
## Deny certain User-Agents (case insensitive)
## The ~* makes it case insensitive as opposed to just a ~
     if ($http_user_agent ~* (AHrefs|Wordpress|Baidu|Morfeus|ZmEu|Baiduspider|Jullo|Yandex|Sogou|Baidu) ) {
        return 444;
     }
and what it does is simply drop the connection if it detects one of those user agents listed.
 
#12
but all that I following the .htaccess? like her?

# Mod_security can interfere with uploading of content such as attachments. If you
# cannot attach files, remove the "#" from the lines below.
#<IfModule mod_security.c>
# SecFilterEngine Off
# SecFilterScanPOST Off
#</IfModule>

ErrorDocument 401 default
ErrorDocument 403 default
ErrorDocument 404 default
ErrorDocument 500 default

<IfModule mod_rewrite.c>
RewriteEngine On

RewriteCond %{HTTP_HOST} ^worldaide\.fr$ [NC]
RewriteRule ^(.*)$ http://www.worldaide.fr/$1 [R=301,L]

RewriteCond %{REQUEST_FILENAME} -f [OR]
RewriteCond %{REQUEST_FILENAME} -l [OR]
RewriteCond %{REQUEST_FILENAME} -d
RewriteRule ^.*$ - [NC,L]
RewriteRule ^(data|js|styles|install) - [NC,L]
RewriteRule ^.*$ index.php [NC,L]
</IfModule>

## Deny certain User-Agents (case insensitive)
## The ~* makes it case insensitive as opposed to just a ~
if ($http_user_agent ~* (AHrefs|Wordpress|Baidu|Morfeus|ZmEu|Baiduspider|Jullo|Yandex|Sogou|Baidu) ) {
return 444;
}



????
 

Tracy Perry

Well-known member
#15
but all that I following the .htaccess? like her?



## Deny certain User-Agents (case insensitive)
## The ~* makes it case insensitive as opposed to just a ~
if ($http_user_agent ~* (AHrefs|Wordpress|Baidu|Morfeus|ZmEu|Baiduspider|Jullo|Yandex|Sogou|Baidu) ) {
return 444;
}


????
Unless you are using NGINX (and I don't think you are, you appear to be using Apache), this won't work for it. It's specific to nginx (an much superior HTTP server compared to Apache).

You can block blank referrers in your .htaccess, but that will cause other problems.
You may want to look at (if you are on your own VPS) installing CSF and limiting the number of concurrent connections from one IP. If you are on shared hosting, then you don't have that ability.

You are under what appears to be a DDOS attack - which is very common in the community that your forum is a participant of.