Blocking Unwanted Visitors

Yesterday I happened to notice unusual web activity coming from a set of Hong Kong addresses. A half dozen ip addresses were walking my site, following every link.

I don't really get too upset by that sort of activity. I know that people around the world do that, sometimes to steal content but sometimes just so they can have a local cache. Sometimes it may be a previously unknown search engine collecting information. That's fine.. except..

Legitimate spidering programs should honor my robots.txt which asks them NOT to follow cgi links. This idiot program was using multiple ips and following all the "Comment" and "Printer Friendly" cgi links at a very rapid pace, slowing down the server for everyone else. I can't have that, so I added him to my "bad ip" list.

Most cgi scripts here have a section in them that looks like this:

while (<BADRIP>) {
 if ($rip =~ /^$_/) {
print <<EOF;
Content-type: text/html

<script language="javascript"><!--
exit 0;
close BADRIP;

The idea is to redirect him to something that won't resolve, thereby slowing him down. I could do the same thing with pages (and if he keeps on being annoying I will).

I don't leave the ip's in the "badrip" file for more than a few hours - these are almost always DHCP addresses that will recycle to someone else soon enough. Most of the time the "badrip" is empty; it's only when someone becomes really annoying that I use this.

We've talked about blocking by country before:
More ssh ideas

I don't want to arbitrarily block by country. Yes, an awful lot of "problem" access comes from Asian countries, but I don't see that as reason to lock out everyone from those ip blocks. There is a lot of Asian access because there are a lot of Asian people, and while some of the spidering may be for theft, it can also be for legitimate reasons (though legitimate spiders should be honoring my robots.txt). I'll just continue to handle it on a case by case basis.

You can also block IP's with .htaccess. Add this to your .htaccess file:

Order Allow,Deny

Deny from
Deny from 128.345.67.89

Allow from all

Those block specific IP's; block entire ranges by leaving off the specific octets:

Order Allow,Deny

Deny from 211.13

Allow from all

That blocks a lot of Japan.

Got something to add? Send me email.

(OLDER) <- More Stuff -> (NEWER)    (NEWEST)   

Printer Friendly Version

-> -> Blocking unwanted visitors

Increase ad revenue 50-250% with Ezoic

More Articles by

Find me on Google+

© Anthony Lawrence

Kerio Samepage

Have you tried Searching this site?

Support Rates

This is a Unix/Linux resource website. It contains technical articles about Unix, Linux and general computing related subjects, opinion, news, help files, how-to's, tutorials and more.

Contact us

If debugging is the process of removing bugs, then programming must be the process of putting them in. (Edsger W. Dijkstra)

This post tagged: