itfitz Posted January 13, 2005 Posted January 13, 2005 I have a "customer" that never logs on, has never created an account, likes to linger on my site for about 10 hours at a shot, then they log off, come back and do it again, fill their shopping cart to the gills and then disappear.....until the next day, then it starts all over again. We havent decided if we want to block their IP address as of yet, but it is kind of making me wonder if it is a spy, or some one playing games, or what. Anyway, if I can block the IP, that will help tremendously. thanks, Shawn If it was easy, anyone could do it!
Guest Posted January 13, 2005 Posted January 13, 2005 I have a "customer" that never logs on, has never created an account, likes to linger on my site for about 10 hours at a shot, then they log off, come back and do it again, fill their shopping cart to the gills and then disappear.....until the next day, then it starts all over again. We havent decided if we want to block their IP address as of yet, but it is kind of making me wonder if it is a spy, or some one playing games, or what. Anyway, if I can block the IP, that will help tremendously. thanks, Shawn <{POST_SNAPBACK}> If you're sure it's not a spider, there is a contribution that will let you block IP addresses with an admin interface. You can also use .htaccess.
itfitz Posted January 13, 2005 Author Posted January 13, 2005 no, its not a spider, I did a reverse lookup on the IP address and found it to come from become.com. And the last time I checked, spiders dont fill up their shopping cart with $2000 worth of product. We are going to hold out and wait a while and see what happens. Thanks, shawn If it was easy, anyone could do it!
itfitz Posted January 13, 2005 Author Posted January 13, 2005 by the way, what is .htaccess? If it was easy, anyone could do it!
Guest Posted January 13, 2005 Posted January 13, 2005 by the way, what is .htaccess? <{POST_SNAPBACK}> See .htaccess guide and this contribution
Guest Posted January 14, 2005 Posted January 14, 2005 looks like a spider to me (become.com/about.html) It just is not listed in your spider.txt file yet
itfitz Posted January 14, 2005 Author Posted January 14, 2005 See .htaccess guide and this contribution <{POST_SNAPBACK}> Thanks, I'll check it out and install it, I am sure I will have this problem in the future with someone. God Knows there will be some one. I just dont understand while someone would go thought he trouble to fill a shopping cart every day, get my hope all up, thinking I might be able to take a day off and go fishing, just to crush them at the end of the day. :( But since we have pinpointed the person adn seen the trend, we have gotten over it. and are now just going to wathc and see what transpires for a few days. Thanks for the help, Shawn If it was easy, anyone could do it!
Guest Posted January 14, 2005 Posted January 14, 2005 ...Anyway, if I can block the IP, that will help tremendously. This is best done at the firewall or, at a push, by using somethng like mod_securuty in apache. The firewall is the way to go though. Rich.
boxtel Posted January 14, 2005 Posted January 14, 2005 no, its not a spider, I did a reverse lookup on the IP address and found it to come from become.com. And the last time I checked, spiders dont fill up their shopping cart with $2000 worth of product. We are going to hold out and wait a while and see what happens. Thanks, shawn <{POST_SNAPBACK}> if the spider is not in your spiders.txt file, they will get session id's and will ad to the cart. Unless all your links for adding are of a form nature. Treasurer MFC
Guest Posted January 14, 2005 Posted January 14, 2005 This is best done at the firewall or, at a push, by using somethng like mod_securuty in apache. The firewall is the way to go though. Rich. <{POST_SNAPBACK}> This particular site is hosted by Start Logic. How would you go about implementing the block at the firewall?
Guest Posted January 14, 2005 Posted January 14, 2005 This particular site is hosted by Start Logic. How would you go about implementing the block at the firewall? <{POST_SNAPBACK}> Assuming 'Start Logic' is some hosting company over which you have no control then you are, not wishing to be too technical about it, stuffed ! I suppose you could write something into osc that checks the IP address (this information should be readily available from the web server global data that is passed into the PHP environment - in fact I think OSC can optionally log the IP addresses anyway using this very same data, can't it ?) and use this to output some dummy page (or nothing at all). This would probably be best/easiest done in application_top.php I suppose. Would be very easy to do. Rich.
Guest Posted January 14, 2005 Posted January 14, 2005 Assuming 'Start Logic' is some hosting company over which you have no control then you are, not wishing to be too technical about it, stuffed ! I suppose you could write something into osc that checks the IP address (this information should be readily available from the web server global data that is passed into the PHP environment - in fact I think OSC can optionally log the IP addresses anyway using this very same data, can't it ?) and use this to output some dummy page (or nothing at all). This would probably be best/easiest done in application_top.php I suppose. Would be very easy to do. Rich. <{POST_SNAPBACK}> I think that's the approach taken in the contribution discussed above. Using .htaccess also works. Furthermore, Start Logic provides an IP banning interface on its Control Panel, so at least with this particular hosting company one is not totally stuffed.
Guest Posted January 14, 2005 Posted January 14, 2005 ...Furthermore, Start Logic provides an IP banning interface on its Control Panel Ah well, use that then - that will interface to their firewall and will be the most efficient way of achieving what you want. Thing is, if it is someone messing about then blocking them at the firewall will stop them getting access to anything else that you might be running; not just OSC, which is (I suspect) probably what you want. I certainly would. As an aside, if you were (say) in the uK, and you only ship to the UK, then you could consider blocking all non-UK addresses. Probably safer (so you don't accidentally cut off any of your customers) would be to block all non-RIPE addresses (RIPE is the body that handles all european IP address allocation). This IP information is readily available. If you are non-european, then you'll have to look-up the IP range for the country you are in. Rich.
Guest Posted January 14, 2005 Posted January 14, 2005 Ah well, use that then - that will interface to their firewall and will be the most efficient way of achieving what you want. Thing is, if it is someone messing about then blocking them at the firewall will stop them getting access to anything else that you might be running; not just OSC, which is (I suspect) probably what you want. I certainly would. As an aside, if you were (say) in the uK, and you only ship to the UK, then you could consider blocking all non-UK addresses. Probably safer (so you don't accidentally cut off any of your customers) would be to block all non-RIPE addresses (RIPE is the body that handles all european IP address allocation). This IP information is readily available. If you are non-european, then you'll have to look-up the IP range for the country you are in. Rich. <{POST_SNAPBACK}> The main reason I prefer the contribution or .htaccess approach is that I can send the blocked user to this page so they can contact me if they have been blocked by mistake or are ready to confess their sins and behave.
boxtel Posted January 14, 2005 Posted January 14, 2005 The main reason I prefer the contribution or .htaccess approach is that I can send the blocked user to this page so they can contact me if they have been blocked by mistake or are ready to confess their sins and behave. <{POST_SNAPBACK}> very inviting for people with a dynamic IP address. Treasurer MFC
Guest Posted January 14, 2005 Posted January 14, 2005 very inviting for people with a dynamic IP address. <{POST_SNAPBACK}> Which is one reason (but not the only reason) I prefer not to simply block an IP altogether without giving them some way of finding out what is going on and contacting me. I'm more concerned about making sure I let the good guys in than I am with keeping the bad guys out. BTW, with .htaccess, I can also ban by domain name or country (or an entire block of IP addresses).
boxtel Posted January 14, 2005 Posted January 14, 2005 Which is one reason (but not the only reason) I prefer not to simply block an IP altogether without giving them some way of finding out what is going on and contacting me. I'm more concerned about making sure I let the good guys in than I am with keeping the bad guys out. BTW, with .htaccess, I can also ban by domain name or country (or an entire block of IP addresses). <{POST_SNAPBACK}> understood, but realize that there are many people out there who don't have a clue as to what an ip address is. Treasurer MFC
Guest Posted January 14, 2005 Posted January 14, 2005 The main reason I prefer the contribution or .htaccess approach is that I can send the blocked user to this page so they can contact me if they have been blocked by mistake or are ready to confess their sins and behave. A very good idea. This can still be very readily achieved more efficiently at the firewall though (in combiation with the web server, of course), rather than by the application. The thing is, doing this at the web server only is fine for catching web page access, but it doesn't hep if someone is also trying to break into your SMTP server etc. Rich.
Guest Posted January 14, 2005 Posted January 14, 2005 A very good idea. This can still be very readily achieved more efficiently at the firewall though (in combiation with the web server, of course), rather than by the application. Rich. <{POST_SNAPBACK}> How? The only option you are given on the Control Panel is to enter the IP to be blocked. There is no option that I can see for sending blocked IP's to a particular page (unless you redefine the 403 page, which would then come up regardless of whether the attempt to access was blocked because the IP was blocked or for some other reason). Using the Start Logic Control Panel, how would you go about doing this?
Guest Posted January 14, 2005 Posted January 14, 2005 How?... In your case, the minimal control that you have via your host's control panel will almost certainly not let you implement the 'blocked IP' warning page idea - you need a firewall that you have full access to to do something like that. ...so if you want to implement such an error page then you are probably back to fiddling with the osc application and redirecting the IP address at that level. Not ideal of course, but it would work, and if you don't have any other servers running (like SMTP for example) then I don't suppose you would have much of a disadvantage over the firewall technique - it'll give you mist of what you want (but obviously it won't keep the bad guys away from the web server altogether) Rich.
itfitz Posted January 14, 2005 Author Posted January 14, 2005 In your case, the minimal control that you have via your host's control panel will almost certainly not let you implement the 'blocked IP' warning page idea - you need a firewall that you have full access to to do something like that. ...so if you want to implement such an error page then you are probably back to fiddling with the osc application and redirecting the IP address at that level. Not ideal of course, but it would work, and if you don't have any other servers running (like SMTP for example) then I don't suppose you would have much of a disadvantage over the firewall technique - it'll give you mist of what you want (but obviously it won't keep the bad guys away from the web server altogether) Rich. <{POST_SNAPBACK}> A new and intersting problem. Witht his particualar contrib, "throw_em_out" when I go to add the IP address and it gives me the error above, it creates the .htaccess file and then throws the server into a state of "server error 500" on all pages both internal and external. Anymore ideas? If it was easy, anyone could do it!
Guest Posted January 14, 2005 Posted January 14, 2005 ...it creates the .htaccess file... <{POST_SNAPBACK}> It does WHAT ?!?!?!?! That is HIDEOUS !!!! And VERY VERY dangerous. You should not have the web server writing to ANY files (they should all be read-only). Writing to something like .htaccess is more dangerous by a factor of several thousand !!! Some might even call it "bloody stupid" ! Rich.
itfitz Posted January 14, 2005 Author Posted January 14, 2005 It does WHAT ?!?!?!?! That is HIDEOUS !!!! And VERY VERY dangerous. You should not have the web server writing to ANY files (they should all be read-only). Writing to something like .htaccess is more dangerous by a factor of several thousand !!! Some might even call it "bloody stupid" ! Rich. <{POST_SNAPBACK}> Well, it has henced been removed I am looking at another contrib in between watching "Die antoher Day" Gotta love bond If it was easy, anyone could do it!
New 
Recommended Posts
Archived
This topic is now archived and is closed to further replies.