Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

Chinese IP Addresses


trier

Recommended Posts

Hi,

 

This question relates to Chinese IP addresses, it may show naivety but -

 

Our site gets regular visits from persistent Chinese spiders that only seem to be stopped by adding the IPA to htaccess

The vast majority of instances of IPAs looking for scripts that they shouldn’t be looking for are Chinese

The vast majority of dubious/malicious emails are from Chinese IPAs

We already have quite a number of denied IPAs in htaccess and the list would grow every day if constantly updated. We could use a modified ‘IP trap’ addon but again, the list would grow quite quickly.

 

The IPA is checked application.top, would it be possible to redirect anything from China (or any other country we chose) to a ‘nothing’ script, or, better still, redirect to google.com or something similar? Is there any benefit in this?

 

If relying on a list of IPAs is there an issue in that they are not fixed, an IPA may point to a particular country one day and a different country another time?

 

A drawback with relying on IPAs seems to the reliability of the lookup function. For example, checking an IPA on Maxmind can give a totally different result to ip2location, they may even show different countries?

 

Many thanks

Link to comment
Share on other sites

@@DunWeb. Thanks for the reply, the link will be useful. I was hoping a redirect would get away from the need to maintain a big list of IP addresses in htaccess but don't know if it would have any adverse impact.,

Link to comment
Share on other sites

See this as an alternative. There is also a block country module, by MaxMind I think, that can be installed on the server that will allow blocking of a country by just entering its name. Some hosts won't do that, or will charge for it, so you have to check with your host.

Support Links:

For Hire: Contact me for anything you need help with for your shop: upgrading, hosting, repairs, code written, etc.

All of My Addons

Get the latest versions of my addons

Recommended SEO Addons

Link to comment
Share on other sites

@@Jack_mcs

Thank you, I think I already have something similar in place. ‘tep_get_ip_address’ is used in application_top to get the IPA followed by (the MaxMind?) ‘geoip.inc’ to get the IPA country. This info is displayed on cart/checkout/account pages and also recorded with orders. A count is also kept of any IPA changes within a session.

 

As the information is already available I was questioning its reliability and the possibility of using it to halt the progress of unwanted visitors. Is a redirect to google (or something similar) wise/unwise, is it a suitable option, or is there a better alternative?

Link to comment
Share on other sites

Redirect them to nsa.gov. They'll get a big kick out of it. Seriously, China is a hotbed of industrial espionage and cyber warfare conducted by the Peoples Liberation Army. Anything nasty you can do to them is fair play.

Link to comment
Share on other sites

  • 3 months later...

There are some very helpful tips above. However, identifying unwelcome country sources using processing available in existing scripts (e.g. application_top) is appealing, it seems more acceptable than having an enormous .htaccess that has to be regularly maintained.

Without knowing how these things work, when a visitor from an unwelcome country is identified is it better to

a) direct them to a 'nothing' page on the site. This keeps them "on site", does it matter?

or

B) direct them off-site (e.g. google.com?). This takes them "off site", does it help? Would it have any negative impact when the site is crawled?

Obviously none of this will stop anyone with seriously malicious intent but keeping the masses away would be pleasantly helpful.

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...