Ban ip from site ?

[GsmCorner]

hi all, well i got someone messing around on my site, adding Loads to his cart and leaving the site and then coming back and doing the same etc.. looks like his trying to waste my bandwidth or something.

 

i've tried the ban ip Contribution but his still on my site ? with the same ip.

 

what else can i do ?

 

 

any help would be great

 

 

Regards

Tom

[241]

have you checked the ip to see if it is a robot spider for a search engine.

[♥yesudo]

What is the ip address ?

 

Was this the contrib ?

 

http://www.oscommerce.com/community/contri...l/search,ban+ip

[♥yesudo]

What is the ip address ?

 

Was this the contrib ?

 

http://www.oscommerce.com/community/contri...l/search,ban+ip

With this contrib the user can still look at pages on your site that are not part of index.php/default.php.

 

So add:

 

<?php require(DIR_FS_CATALOG . '_banned.php'); ?>

 

in your header file also.

[GsmCorner]

Hi, not sure if i should post the ip address but ill give u some of it, 65.54.164.6*

 

yep yesudo, thats the thing im using, so if i put that code in my header file, that will stop him/her ?

 

not sure if its a rebot as i dont see how they can add stuff to there cart ??

 

 

thanks for your help, sure it will help alot, its probably just someone with nothing better to do

 

 

Thanks

Tom

[GsmCorner]

oops forgot to ask where abouts the code goes in the header file ?

 

 

 

regards

Tom

[♥yesudo]

you CAN post the whole IP addy in the forum.

 

This post may help: http://www.oscommerce.com/forums/index.php?showtopic=89451&hl=

 

 

 

Add here

 

<?php

/*

$Id: header.php,v 1.42 2003/06/10 18:20:38 hpdl Exp $

 

osCommerce, Open Source E-Commerce Solutions

http://www.oscommerce.com

 

Copyright ? 2003 osCommerce

 

Released under the GNU General Public License

*/

?>

 

<?php require(DIR_FS_CATALOG . '_banned.php'); ?>

 

 

<?php

 

//end outer table

// check if the 'install' directory exists, and warn of its existence

[GsmCorner]

Thanks and the full ip is 65.54.164.61, still on my site

[vasttech]

You can also block the ip through your host. Most hosts have a feature in their control panels that will allow you to do this. In CPanel you can use IP Deny Manager. I believe there is also a way through .htaccess to block an IP, but I am not exactly sure.

[♥yesudo]

Tom - I have PM'd you some details on DNS lookup.

[GsmCorner]

Thanks for all your help, looks like him/her/it is off my site now :)

 

 

 

Tom

[♥yesudo]

You are best to still follow up that IP address - with regard to what Steve says.

[GsmCorner]

hi, looked on iplists.com but i dont see the same ip on there...

 

 

 

Tom

[GsmCorner]

bad news, looks like him/her/its back on my site :o not on the index but >> /catalog/shopping_cart.php

[Databuilder]

Have you set "Prevent Spider Sessions" to true?

[GsmCorner]

Hi, just checked, its on false, is this meant to be on true ?

[Databuilder]

Setting it to true may prevent the spider from establishing a session (not sure exactly how it determines it is a spider) and prevent it from adding products to shopping cart. I haven't looked into it much, but that is how I understand it works.

 

Jason

[♥yesudo]

Re your PM Tom - Add:

 

<Limit GET>

order deny,allow

deny from 65.54.164.61

</Limit>

 

to the .htaccess field in your store root directory.

[241]

what happened to your powered by oscommerce your site aint that different to the original.

[GsmCorner]

getting confused now.. Databuilder, if i set it to true, will that stop like google spiders etc.. ?

 

yesudo, will this code ban it ? as this ip address is really flooding my site, my bandwidth aint doing too good :(

[GsmCorner]

oops not sure, will sort that tomorrow..

[♥yesudo]

getting confused now.. Databuilder, if i set it to true, will that stop like google spiders etc.. ?

 

yesudo, will this code ban it ? as this ip address is really flooding my site, my bandwidth aint doing too good :(

Setting it to True will stop the spiders picking up session ids - which is better - so set it to true.

 

And the .htaccess should stop the IP full stop.

[GsmCorner]

something is really wrong here guys, my site has stopped working all together or some reason ?

 

Internal Server Error

The server encountered an internal error or misconfiguration and was unable to complete your request.

Please contact the server administrator, [email protected] and inform them of the time the error occurred, and anything you might have done that may have caused the error.

 

More information about this error may be available in the server error log.

 

 

:o getting me abit worried now

[Noutje]

This is what i found in WHOIS for the ip address you gave earlier:

 

 

65.54.164.61

 

Whois History: 5 records stored

Record Type: IP Address

IP Location: United States - Washington - Redmond - Microsoft Corp

Reverse IP: No websites hosted using this IP address

 

 

--------------------------------------------------------------------------------

 

OrgName: Microsoft Corp

OrgID: MSFT

Address: One Microsoft Way

City: Redmond

StateProv: WA

PostalCode: 98052

Country: US

 

NetRange: 65.52.0.0 - 65.55.255.255

CIDR: 65.52.0.0/14

NetName: MICROSOFT-1BLK

NetHandle: NET-65-52-0-0-1

Parent: NET-65-0-0-0-0

NetType: Direct Assignment

NameServer: DNS1.CP.MSFT.NET

NameServer: DNS2.CP.MSFT.NET

NameServer: DNS1.TK.MSFT.NET

NameServer: DNS1.DC.MSFT.NET

NameServer: DNS1.SJ.MSFT.NET

Comment:

RegDate: 2001-02-14

Updated: 2002-12-05

 

TechHandle: ZM23-ARIN

TechName: Microsoft Corporation

TechPhone: +1-425-882-8080

TechEmail:

 

OrgAbuseHandle: HOTMA-ARIN

OrgAbuseName: Hotmail Abuse

OrgAbusePhone: +1-425-882-8080

OrgAbuseEmail:

 

OrgAbuseHandle: MSNAB-ARIN

OrgAbuseName: MSN ABUSE

OrgAbusePhone: +1-425-882-8080

OrgAbuseEmail:

 

OrgAbuseHandle: ABUSE231-ARIN

OrgAbuseName: Abuse

OrgAbusePhone: +1-425-882-8080

OrgAbuseEmail:

 

OrgNOCHandle: ZM23-ARIN

OrgNOCName: Microsoft Corporation

OrgNOCPhone: +1-425-882-8080

OrgNOCEmail:

 

OrgTechHandle: MSFTP-ARIN

OrgTechName: MSFT-POC

OrgTechPhone: +1-425-882-8080

OrgTechEmail:

 

# ARIN WHOIS database, last updated 2004-05-23 19:15

# Enter ? for additional hints on searching ARIN's WHOIS database.

 

 

answer section

name type result

61.164.54.65.IN-ADDR.ARPA.

PTR

msnbot64061.search.msn.com.

 

 

authority section

name type result

54.65.IN-ADDR.ARPA.

NS

DNS2.CP.MSFT.NET.

 

54.65.IN-ADDR.ARPA.

NS

DNS1.TK.MSFT.NET.

 

54.65.IN-ADDR.ARPA.

NS

DNS1.SJ.MSFT.NET.

 

54.65.IN-ADDR.ARPA.

NS

DNS1.DC.MSFT.NET.

 

54.65.IN-ADDR.ARPA.

NS

DNS1.CP.MSFT.NET.

 

 

additional section

name type result

DNS2.CP.MSFT.NET.

A

21.138.46.207.IN-ADDR.ARPA.

 

DNS1.TK.MSFT.NET.

A

230.245.46.207.IN-ADDR.ARPA.

 

DNS1.SJ.MSFT.NET.

A

30.25.4.64.IN-ADDR.ARPA.

 

DNS1.DC.MSFT.NET.

A

30.25.4.64.IN-ADDR.ARPA.

 

DNS1.CP.MSFT.NET.

A

20.138.46.207.IN-ADDR.ARPA.

 

 

Seems to be microsoft MSNBOT is spidering your site?