We have a strange issue. Hoping someone has a modsecurity rule or something to stop this on our shared hosting servers. We already implemented a Captcha on the site on the login page but does not seem to stop this.
We tried three different modsecurity ruleset, OWASP , Comodo and even Atomic (PAID) and none seem to stop this attack on /admin folder.
I assume we may have to use some reg expression but my knowledge is not so good at that.
Unless someone can recommend a technique or way to stop this accross multiple websites on a server?
180.252.180.250 - - [08/Jan/2021:10:15:43 +0200] "POST /admin/ HTTP/1.1" 406 455 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
122.173.51.255 - - [08/Jan/2021:10:15:46 +0200] "POST /admin/ HTTP/1.1" 406 418 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
106.201.153.52 - - [08/Jan/2021:10:15:46 +0200] "POST /admin/ HTTP/1.1" 406 418 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
82.213.229.161 - - [08/Jan/2021:10:15:49 +0200] "POST /admin/ HTTP/1.1" 406 418 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
Is creating a allow list of IP addresses and denying access to IP addresses not on that list an option?
Is renaming the admin folder an option?
Also see.
https://github.com/opencart/opencart/issues/8710
Is renaming the admin folder an option?
Also see.
https://github.com/opencart/opencart/issues/8710
Create an 'admin/.htaccess' file with this in it:
where xxx.xxx.xxx.xxx is your IP-address from where to access your OpenCart admin backend. Nobody else will be able to access you OpenCart admin, they get 403s instead!
Code: Select all
order deny,allow
deny from all
allow from xxx.xxx.xxx.xxx
Override Engine * Integrated VQMod * Unused Images Manager * Instant Option Price Calculator * Number Option * Google Rich Snippets * Google Tag Manager * Export/Import Tool * SpamBot Buster * Survey Plus
By returning a 403 response, invaders are also let known that there's an implicit deny in the mean time, however.JNeuhoff wrote: ↑Fri Jan 08, 2021 9:45 pmCreate an 'admin/.htaccess' file with this in it:
where xxx.xxx.xxx.xxx is your IP-address from where to access your OpenCart admin backend. Nobody else will be able to access you OpenCart admin, they get 403s instead!Code: Select all
order deny,allow deny from all allow from xxx.xxx.xxx.xxx
The most generated errors being found on Opencart forum originates from contributed programming. The increased post counters are caused by redundancies of the same solutions that were already provided prior.
Regards,
Straightlight
Programmer / Opencart Tester
Or use something like this, it's a relatively simple, but very efficient way,
to keep 'em from giving you a hard time. I use a similar Mod for years ...
(OCMOD) Secure Admin URL
Set the Key and additional value to protect your Admin URL preventing unauthorized entry.
https://www.opencart.com/index.php?rout ... n_id=40693
to keep 'em from giving you a hard time. I use a similar Mod for years ...
(OCMOD) Secure Admin URL
Set the Key and additional value to protect your Admin URL preventing unauthorized entry.
https://www.opencart.com/index.php?rout ... n_id=40693
I am no longer active at the Forum. Please do NOT send me Personal Mails,
they will no longer be replied to.
My Github OC Site: https://github.com/IP-CAM
3'030+ FREE OC Extensions, on the World's largest Github OC Repository Archive Site.
Stick the free version of Ninja Firewall on. I use it on all my OC sites.
https://nintechnet.com/ninjafirewall/pro-edition/
https://nintechnet.com/ninjafirewall/pro-edition/
Opencart 1.5.6.5/OC Bootstrap Pro/VQMOD 2.6.1 lover, user and geek.
Affordable Service £££ - Opencart Installs, Fixing, Development and Upgrades
Plus Ecommerce, Marketing, Mailing List Management and More
FREE Guidance and Advice at https://www.ecommerce-help.co.uk
Well, I tried their Test Site, but despite of adding their 'robots' content,
it told me, not to be able, to find their 'entry' in my robots file.
I still rely on my .htaccess file, blocking about 750'000 IP-Addresses so
far, to keep my Sites work. I again had an attack-attempt last night,
mainly from russian and some south-american IP's, with no Site errors,
exept for leaving their IP's in my Logs. It just resulted in adding about
45 IP-Blocks, like 3.133.99 (= 11'475 IP's) more to the .htaccess file. In
addition to 'redirect' every single 'link', to avoid such, to ever access
the site again, wherever it might come from ...
It's just one of the daily Job's, if one really cares, to keep a Site alive ...
---
I am no longer active at the Forum. Please do NOT send me Personal Mails,
they will no longer be replied to.
My Github OC Site: https://github.com/IP-CAM
3'030+ FREE OC Extensions, on the World's largest Github OC Repository Archive Site.
I wouldn't be without it Ernie. Download the free one and give it a try. It's very good. 
Opencart 1.5.6.5/OC Bootstrap Pro/VQMOD 2.6.1 lover, user and geek.
Affordable Service £££ - Opencart Installs, Fixing, Development and Upgrades
Plus Ecommerce, Marketing, Mailing List Management and More
FREE Guidance and Advice at https://www.ecommerce-help.co.uk
Astra is another great option if you're willing to pay for a license. Going to suggest that everyone stays clear of Comodo.
50% Off SSD Shared Hosting w/ cPanel
Detailed guide on how to install Opencart
Active Member
They do seem to have pretty good ratings on Google, so far. However, their plans seem to be per-process pretty much instead of offering these plans by recurring packages.EvolveWebHosting wrote: ↑Sat Jan 09, 2021 7:05 amAstra is another great option if you're willing to pay for a license. Going to suggest that everyone stays clear of Comodo.
The most generated errors being found on Opencart forum originates from contributed programming. The increased post counters are caused by redundancies of the same solutions that were already provided prior.
Regards,
Straightlight
Programmer / Opencart Tester
Same to me, I found that czar_astra_oc1.5.xml on the OC ExtensionI must be blind because I don't see a free version...
Site, but that's good for nothing, as it looks ....
I am no longer active at the Forum. Please do NOT send me Personal Mails,
they will no longer be replied to.
My Github OC Site: https://github.com/IP-CAM
3'030+ FREE OC Extensions, on the World's largest Github OC Repository Archive Site.
Visit the page below. There's a download link at the bottom of the comparison table.
https://nintechnet.com/ninjafirewall/pro-edition
If anyone needs it I've got a zip file of the free one and can share if you PM me.
https://nintechnet.com/ninjafirewall/pro-edition
If anyone needs it I've got a zip file of the free one and can share if you PM me.
Opencart 1.5.6.5/OC Bootstrap Pro/VQMOD 2.6.1 lover, user and geek.
Affordable Service £££ - Opencart Installs, Fixing, Development and Upgrades
Plus Ecommerce, Marketing, Mailing List Management and More
FREE Guidance and Advice at https://www.ecommerce-help.co.uk
I am not sure what you mean by this. It's a monthly or annual license, per domain. Unlimited scans and cleanups. Our pricing is actually a little bit lower than you can get directly from them and anyone can purchase it through us, even if you aren't hosting your site with us.straightlight wrote: ↑Sat Jan 09, 2021 7:14 amThey do seem to have pretty good ratings on Google, so far. However, their plans seem to be per-process pretty much instead of offering these plans by recurring packages.EvolveWebHosting wrote: ↑Sat Jan 09, 2021 7:05 amAstra is another great option if you're willing to pay for a license. Going to suggest that everyone stays clear of Comodo.
50% Off SSD Shared Hosting w/ cPanel
Detailed guide on how to install Opencart
Active Member
On my OC sites I always use Cidram to block traffic from bad sources and Ninja Firewall to block SQL injections etc. Yes they're not officially supported by Opencart but they work for me and so far I've not had a site hacked or slowed down with them on. My clients aren't bothered about what I use. They just want their sites up and secure. Each to their own but that's my approach.
Opencart 1.5.6.5/OC Bootstrap Pro/VQMOD 2.6.1 lover, user and geek.
Affordable Service £££ - Opencart Installs, Fixing, Development and Upgrades
Plus Ecommerce, Marketing, Mailing List Management and More
FREE Guidance and Advice at https://www.ecommerce-help.co.uk
Hi,
Into one of my .htaccess I have this:
And you may also want to be protected with bad bots, in this case copy and paste this:
If you need a complete .htaccess, do ask me, I will be very happy to send it by email
Have a nice day
Yan
Into one of my .htaccess I have this:
Code: Select all
<Files *>
<RequireAll>
Require all granted
# Cambodia (KH)
Require not ip 114.134.184.0/21
# Chinese (CN) IP addresses follow (split into two lines on 7/6/17 to avoid possible Server 500 due to excess line length):
Require not ip 1.24.0.0/13 1.48.0.0/15 1.50.0.0/16 1.56.0.0/13 1.68.0.0/14 1.80.0.0/13 1.92.0.0/14 1.180.0.0/14 1.188.0.0/14 1.192.0.0/13 1.202.0.0/15 1.204.0.0/14 14.16.0.0/12 14.104.0.0/13 14.112.0.0/12 14.134.0.0/15 14.144.0.0/12 14.204.0.0/15 14.208.0.0/12 23.80.54.0/24 23.104.141.0/24 23.105.14.0/24 23.226.208.0/24 27.8.0.0/13 27.16.0.0/12 27.36.0.0/14 27.40.0.0/13 27.50.128.0/17 27.54.192.0/18 27.106.128.0/18 27.115.0.0/17 27.148.0.0/14 27.152.0.0/13 27.184.0.0/13 27.192.0.0/11 27.224.0.0/14 36.1.0.0/16 36.4.0.0/14 36.26.0.0/16 36.32.0.0/14 36.36.0.0/16 36.40.0.0/13 36.48.0.0/15 36.56.0.0/13 36.96.0.0/11 36.128.0.0/11 36.248.0.0/14 39.64.0.0/11 39.96.0.0/13 39.128.0.0/10 42.4.0.0/14 42.48.0.0/13 42.56.0.0/14 42.84.0.0/14 42.88.0.0/13 42.96.128.0/17 42.100.0.0/14 42.120.0.0/14 42.156.0.0/16 42.176.0.0/13 42.185.0.0/16 42.202.0.0/15 42.224.0.0/12 42.240.0.0/16 42.242.0.0/15 42.248.0.0/15 43.226.64.0/20 43.255.0.0/20 43.255.16.0/22 43.255.48.0/22 43.255.60.0/22 43.255.64.0/20 43.255.96.0/20 43.255.144.0/22 43.255.168.0/22 43.255.176.0/22 43.255.184.0/22 43.255.192.0/22 43.255.200.0/21 43.255.208.0/21 43.255.224.0/21 43.255.232.0/22 43.255.244.0/22 47.74.0.0/15 47.76.0.0/14 47.80.0.0/13 47.88.0.0/14 47.92.0.0/14 49.5.0.0/16 49.64.0.0/11 49.112.0.0/13 54.222.0.0/15 58.16.0.0/14 58.20.0.0/16 58.21.0.0/16 58.22.0.0/15 58.34.0.0/16 58.37.0.0/16 58.38.0.0/16 58.40.0.0/16 58.42.0.0/16 58.44.0.0/14 58.48.0.0/13 58.56.0.0/14 58.60.0.0/14 58.68.128.0/17 58.82.0.0/15 58.100.0.0/15 58.116.0.0/14 58.128.0.0/13 58.208.0.0/12 58.240.0.0/13 58.248.0.0/13 59.32.0.0/12 59.48.0.0/14 59.52.0.0/14 59.56.0.0/13 59.72.0.0/16 59.108.0.0/15 59.172.0.0/14 60.0.0.0/12 60.11.0.0/16 60.12.0.0/14 60.16.0.0/13 60.24.0.0/13 60.160.0.0/11 60.194.0.0/15 60.205.0.0/16 60.208.0.0/12 60.253.128.0/17 61.4.64.0/20 61.4.80.0/22 61.4.176.0/20 61.48.0.0/13 61.128.0.0/10 61.135.0.0/16 61.136.0.0/18 61.139.0.0/16 61.145.73.208/28 61.147.0.0/16 61.150.0.0/16 61.152.0.0/16 61.154.0.0/16 61.158.0.0/16 61.160.0.0/16 61.162.0.0/15 61.164.0.0/16 61.172.0.0/15 61.175.0.0/16 61.177.0.0/16 61.179.0.0/16 61.183.0.0/16 61.184.0.0/16 61.185.219.232/29 61.187.0.0/16 61.188.0.0/16 61.232.0.0/14 61.236.0.0/15 61.240.0.0/14 94.191.0.0/17
Require not ip 101.16.0.0/12 101.37.0.0/16 101.64.0.0/13 101.72.0.0/14 101.76.0.0/15 101.80.0.0/12 101.132.0.0/15 101.200.0.0/15 101.224.0.0/13 101.248.0.0/15 101.254.0.0/16 103.211.164.0/22 103.253.4.0/22 106.4.0.0/14 106.8.0.0/15 106.12.0.0/14 106.16.0.0/12 106.32.0.0/12 106.43.0.0/16 106.56.0.0/13 106.74.0.0/15 106.80.0.0/12 106.108.0.0/14 106.112.0.0/13 106.120.0.0/13 110.6.0.0/15 110.16.0.0/14 110.51.0.0/16 110.52.0.0/15 110.80.0.0/13 110.88.0.0/14 110.96.0.0/11 110.152.0.0/14 110.156.0.0/15 110.166.0.0/15 110.173.0.0/19 110.173.32.0/20 110.173.64.0/18 110.176.0.0/14 110.184.0.0/13 110.192.0.0/11 110.228.0.0/14 110.240.0.0/12 111.0.0.0/10 111.72.0.0/13 111.85.0.0/16 111.112.0.0/15 111.120.0.0/14 111.124.0.0/16 111.126.0.0/15 111.128.0.0/11 111.160.0.0/13 111.172.0.0/14 111.176.0.0/13 111.192.0.0/12 111.224.0.0/14 111.228.0.0/14 112.0.0.0/10 112.64.0.0/14 112.73.0.0/16 112.74.0.0/16 112.80.0.0/12 112.98.0.0/15 112.100.0.0/14 112.109.128.0/17 112.111.0.0/16 112.112.0.0/14 112.116.0.0/15 112.122.0.0/15 112.192.0.0/14 112.224.0.0/11 113.0.0.0/13 113.8.0.0/15 113.12.0.0/14 113.16.0.0/15 113.18.0.0/16 113.54.0.0/15 113.56.0.0/15 113.58.0.0/16 113.59.0.0/17 113.62.0.0/15 113.64.0.0/10 113.120.0.0/13 113.128.0.0/15 113.132.0.0/14 113.136.0.0/13 113.194.0.0/15 113.200.0.0/15 113.204.0.0/14 113.218.0.0/15 113.220.0.0/14 113.224.0.0/12 113.240.0.0/13 113.248.0.0/14 114.28.0.0/16 114.54.0.0/15 114.64.0.0/14 114.80.0.0/12 114.96.0.0/13 114.104.0.0/14 114.112.0.0/14 114.135.0.0/16 114.138.0.0/15 114.215.0.0/16 114.216.0.0/13 114.224.0.0/11 115.24.0.0/15 115.28.0.0/15 115.32.0.0/14 115.48.0.0/12 115.84.0.0/18 115.100.0.0/14 115.148.0.0/14 115.152.0.0/15 115.159.0.0/16 115.166.64.0/19 115.168.0.0/14 115.192.0.0/11 115.224.0.0/12 116.1.0.0/16 116.2.0.0/15 116.4.0.0/14 116.8.0.0/14 116.16.0.0/12 116.52.0.0/14 116.56.0.0/15 116.60.0.0/14 116.76.0.0/15 116.85.0.0/16 116.90.80.0/20 116.95.0.0/16 116.112.0.0/14 116.116.0.0/15 116.128.0.0/10 116.204.0.0/15 116.207.0.0/16 116.208.0.0/14 116.213.64.0/18 116.213.128.0/17 116.224.0.0/12 116.248.0.0/15 116.252.0.0/15 116.254.128.0/18 117.8.0.0/13 117.21.0.0/16 117.22.0.0/15 117.24.0.0/13 117.32.0.0/13 117.40.0.0/14 117.44.0.0/15 117.50.0.0/16 117.51.0.0/16 117.57.0.0/16 117.60.0.0/14 117.64.0.0/13 117.79.224.0/20 117.80.0.0/12 117.106.0.0/15 117.112.0.0/13 117.128.0.0/10 118.24.0.0/15 118.26.0.0/16 118.72.0.0/13 118.80.0.0/15 118.89.0.0/16 118.112.0.0/13 118.120.0.0/14 118.124.0.0/15 118.132.0.0/14 118.144.0.0/14 118.180.0.0/14 118.186.0.0/15 118.192.0.0/15 118.194.0.0/16 118.213.0.0/16 118.244.0.0/16 118.248.0.0/13 119.0.0.0/13 119.8.0.0/16 119.10.0.0/17 119.18.192.0/20 119.23.0.0/16 119.28.0.0/15 119.32.0.0/14 119.36.0.0/16 119.39.0.0/16 119.44.0.0/16 119.48.0.0/13 119.57.0.0/16 119.60.0.0/15 119.62.0.0/16 119.84.0.0/14 119.88.0.0/14 119.96.0.0/13 119.108.0.0/15 119.112.0.0/13 119.120.0.0/13 119.128.0.0/12 119.144.0.0/14 119.162.0.0/15 119.164.0.0/14 119.176.0.0/12 119.233.0.0/16 119.248.0.0/14 120.0.0.0/12 120.24.0.0/14 120.30.0.0/15 120.32.0.0/13 120.40.0.0/14 120.68.0.0/14 120.76.0.0/14 120.80.0.0/13 120.92.0.0/16 120.192.0.0/10 121.0.16.0/20 121.4.0.0/15 121.8.0.0/13 121.16.0.0/12 121.32.0.0/14 121.40.0.0/14 121.52.208.0/20 121.52.224.0/19 121.56.0.0/15 121.60.0.0/14 121.68.0.0/14 121.76.0.0/15 121.100.128.0/17 121.196.0.0/14 121.201.0.0/16 121.204.0.0/14 121.224.0.0/12 122.4.0.0/14 122.8.0.0/16 122.10.128.0/17 122.51.128.0/17 122.64.0.0/11 122.96.0.0/15 122.119.0.0/16 122.136.0.0/13 122.156.0.0/14 122.188.0.0/14 122.192.0.0/14 122.198.0.0/16 122.200.64.0/18 122.224.0.0/12 122.240.0.0/13 123.4.0.0/14 123.8.0.0/13 123.52.0.0/14 123.56.0.0/14 123.64.0.0/11 123.97.128.0/17 123.100.0.0/19 123.112.0.0/12 123.128.0.0/13 123.138.0.0/15 123.144.0.0/14 123.148.0.0/15 123.150.0.0/15 123.152.0.0/13 123.160.0.0/14 123.164.0.0/14 123.172.0.0/15 123.178.0.0/15 123.180.0.0/14 123.184.0.0/13 123.196.0.0/15 123.206.0.0/15 123.232.0.0/14 123.244.0.0/14 123.249.0.0/16 124.42.0.0/16 124.64.0.0/15 124.66.0.0/17 124.67.0.0/16 124.72.0.0/13 124.88.0.0/15 124.92.0.0/14 124.112.0.0/15 124.114.0.0/15 124.117.0.0/16 124.118.0.0/15 124.126.0.0/15 124.128.0.0/13 124.152.0.0/16 124.160.0.0/13 124.192.0.0/15 124.200.0.0/13 124.224.0.0/16 124.226.0.0/15 124.228.0.0/14 124.234.0.0/15 124.236.0.0/14 124.240.0.0/17 124.240.128.0/18 124.248.0.0/17 125.32.0.0/14 125.36.0.0/14 125.40.0.0/13 125.64.0.0/12 125.79.0.0/16 125.80.0.0/13 125.88.0.0/13 125.104.0.0/13 125.112.0.0/12 125.210.0.0/15 125.216.0.0/13 132.232.0.0/16 134.175.0.0/16 139.129.0.0/16 139.170.0.0/16 139.189.0.0/16 139.199.0.0/16 139.206.0.0/16 139.208.0.0/13 139.217.0.0/16 139.224.0.0/16 139.226.0.0/15 140.143.0.0/16 140.206.0.0/15 140.224.0.0/16 140.237.0.0/16 140.240.0.0/16 140.246.0.0/16 140.249.0.0/16 140.255.0.0/16 142.4.117.0/30 144.0.0.0/16 144.12.0.0/16 144.52.0.0/16 144.123.0.0/16 144.255.0.0/16 150.109.0.0/16 150.138.0.0/15 150.242.152.0/21 150.242.160.0/21 150.242.168.0/22 153.0.0.0/16 153.99.0.0/16 159.226.0.0/16 162.209.168.0/24 171.8.0.0/13 171.34.0.0/15 171.36.0.0/14 171.40.0.0/13 171.80.0.0/14 171.88.0.0/13 171.104.0.0/13 171.112.0.0/14 171.116.0.0/14 171.120.0.0/13 171.208.0.0/12 175.0.0.0/12 175.16.0.0/13 175.24.0.0/14 175.30.0.0/15 175.42.0.0/15 175.44.0.0/16 175.46.0.0/15 175.48.0.0/12 175.64.0.0/11 175.102.0.0/16 175.106.128.0/17 175.146.0.0/15 175.148.0.0/14 175.152.0.0/14 175.160.0.0/12 175.178.0.0/16 175.184.128.0/18 175.185.0.0/16 175.186.0.0/15 175.188.0.0/14 180.76.0.0/16 180.95.128.0/17 180.96.0.0/11 180.136.0.0/13 180.152.0.0/13 180.160.0.0/12 180.208.0.0/15 180.212.0.0/15 182.18.0.0/17 182.32.0.0/12 182.50.112.0/20 182.61.0.0/16 182.84.0.0/14 182.88.0.0/14 182.96.0.0/12 182.112.0.0/12 182.128.0.0/12 182.144.0.0/13 182.200.0.0/13 182.240.0.0/13 183.0.0.0/10 183.64.0.0/13 183.92.0.0/14 183.128.0.0/11 183.160.0.0/12 183.184.0.0/13 183.192.0.0/10 192.34.109.224/28 198.2.203.64/28 198.2.212.160/28 198.15.171.64/26
Require not ip 202.43.144.0/22 202.46.32.0/19 202.65.96.0/20 202.66.0.0/16 202.75.208.0/20 202.96.0.0/12 202.111.160.0/19 202.112.0.0/14 202.117.0.0/16 202.127.112.0/20 202.165.176.0/20 202.196.80.0/20 203.69.0.0/16 203.81.16.0/20 203.86.0.0/18 203.86.64.0/19 203.93.0.0/16 203.169.160.0/19 203.171.224.0/20 203.195.160.0/23 210.5.0.0/19 210.12.0.0/16 210.14.128.0/19 210.21.0.0/16 210.22.0.0/16 210.32.0.0/14 210.51.0.0/16 210.52.0.0/15 210.75.0.0/16 210.77.0.0/16 210.79.64.0/18 210.192.96.0/19 211.76.96.0/20 211.78.208.0/20 211.80.0.0/13 211.86.144.0/20 211.90.0.0/15 211.92.0.0/14 211.96.0.0/13 211.136.0.0/13 211.144.0.0/12 211.160.0.0/13 211.233.70.0/24 212.64.0.0/17 218.0.0.0/11 218.56.0.0/13 218.64.0.0/11 218.84.0.0/14 218.88.0.0/13 218.96.0.0/14 218.102.0.0/16 218.104.0.0/14 218.108.0.0/15 218.194.80.0/20 218.200.0.0/13 218.240.0.0/13 218.249.0.0/16 219.128.0.0/11 219.154.0.0/15 219.223.192.0/18 219.232.0.0/16 219.234.80.0/20 219.235.0.0/16 219.238.0.0/15 220.112.0.0/16 220.154.0.0/15 220.160.0.0/11 220.181.0.0/16 220.191.0.0/16 220.192.0.0/12 220.228.70.0/24 220.242.0.0/15 220.248.0.0/14 220.250.0.0/19 220.252.0.0/16 221.0.0.0/12 221.122.0.0/15 221.130.0.0/15 221.136.0.0/15 221.172.0.0/14 221.176.0.0/13 221.192.0.0/14 221.196.0.0/15 221.198.0.0/16 221.199.0.0/17 221.200.0.0/14 221.204.0.0/15 221.206.0.0/16 221.207.0.0/16 221.208.0.0/12 221.212.0.0/15 221.214.0.0/15 221.216.0.0/13 221.224.0.0/13 221.228.0.0/14 221.232.0.0/13 222.32.0.0/11 222.64.0.0/12 222.80.0.0/12 222.128.0.0/14 222.132.0.0/14 222.136.0.0/13 222.160.0.0/14 222.168.0.0/13 222.172.222.0/24 222.176.0.0/13 222.184.0.0/13 222.200.0.0/16 222.208.0.0/13 222.216.0.0/14 222.220.0.0/15 222.222.0.0/15 222.240.0.0/13 222.249.0.0/16 223.4.0.0/14 223.8.0.0/13 223.64.0.0/11 223.96.0.0/12 223.112.0.0/14 223.144.0.0/12 223.198.0.0/15 223.214.0.0/15 223.223.176.0/20 223.223.192.0/20 223.255.0.0/17 223.240.0.0/13
# India (IN), Bangladesh (BD) and Pakistan (PK)
Require not ip 1.39.0.0/16 1.186.38.0/24 14.96.0.0/14 14.139.0.0/16 14.140.0.0/14 14.192.52.0/22 14.194.0.0/15 27.4.0.0/14 27.97.0.0/16 27.248.0.0/14 27.255.0.0/18 27.255.128.0/24 39.32.0.0/11 43.246.140.0/24 49.14.0.0/15 49.200.0.0/14 49.248.0.0/17 58.65.128.0/18 59.88.0.0/13 59.96.0.0/14 59.160.0.0/14 59.164.0.0/15 59.176.0.0/13 59.184.0.0/15 61.0.0.0/14 61.247.238.0/24 101.50.64.0/18 101.56.0.0/13 101.212.0.0/16 101.216.0.0/16 103.48.16.0/24 103.56.220.0/22 103.103.56.0/24 103.194.12.0/22 103.194.20.0/22 103.194.24.0/21 103.194.32.0/22 103.214.124.0/22 103.214.128.0/21 103.214.136.0/22 103.240.204.0/22 103.240.208.0/21 103.240.216.0/22 103.243.52.0/22 103.243.56.0/21 106.51.0.0/16 106.76.0.0/14 106.192.0.0/11 110.224.0.0/16 110.227.0.0/16 110.232.248.0/24 111.68.96.0/20 112.110.0.0/16 113.19.0.0/16 113.212.64.0/19 114.31.224.0/20 115.96.0.0/14 115.108.0.0/14 115.112.0.0/13 115.166.128.0/20 115.167.24.0/24 115.240.0.0/12 116.72.0.0/14 116.202.12.0/22 116.203.0.0/16 117.96.0.0/14 117.192.0.0/10 118.151.209.0/24 119.152.0.0/13 119.160.0.0/17 120.56.0.0/13 120.138.98.0/24 121.240.0.0/13 122.15.0.0/16 122.160.0.0/12 122.176.0.0/13 122.184.0.0/14 123.49.0.0/18 123.236.0.0/14 124.123.0.0/16 124.124.0.0/15 124.247.235.0/24 124.253.0.0/16 125.209.64.0/18 139.190.0.0/16 150.242.148.0/22 150.242.172.0/22 171.48.0.0/12 171.76.0.0/14 175.101.0.0/16 180.215.0.0/16 182.18.128.0/18 182.64.0.0/12 182.176.0.0/12 183.82.0.0/15 193.53.87.0/24 202.54.0.0/16 202.63.160.0/19 202.87.240.0/20 202.137.232.0/21 202.142.64.0/18 202.149.192.0/19 202.154.224.0/24 203.76.176.0/20 203.92.47.0/24 203.100.64.0/20 203.115.80.0/20 203.135.62.0/24 203.153.44.0/24 203.188.247.0/24 203.192.192.0/18 203.197.0.0/16 210.211.128.0/17 210.212.0.0/16 218.248.0.0/20 223.30.0.0/15 223.130.4.0/22 223.220.0.0/15 223.223.128.0/19 223.223.176.0/20 223.223.192.0/20 223.224.0.0/12
# Indonesia (ID)
Require not ip 23.247.80.0/23 36.64.0.0/11 49.50.4.0/22 49.50.8.0/22 103.87.16.0/24 103.253.0.0/22 110.136.176.0/20 110.139.0.0/16 111.95.0.0/16 112.109.19.0/24 114.57.238.0/23 114.79.18.0/24 115.166.96.0/19 116.12.40.0/21 116.66.200.0/21 116.254.96.0/21 118.96.0.0/15 118.99.64.0/18 118.137.96.0/19 119.18.152.0/21 119.110.68.0/24 119.235.16.0/20 119.252.162.0/24 120.160.0.0/11 122.200.144.0/21 124.6.36.0/22 124.81.0.0/16 124.195.124.0/24 125.160.0.0/14 125.164.64.0/19 125.165.128.0/18 139.192.0.0/14 139.255.0.0/16 175.184.232.0/21 180.241.128.0/17 180.242.0.0/16 180.245.0.0/16 180.246.0.0/16 180.248.128.0/18 180.249.0.0/16 180.251.0.0/18 182.253.0.0/16 202.57.0.0/19 202.158.32.0/19 202.162.192.0/20 202.162.208.0/24 203.130.192.0/18 203.215.48.0/24 222.124.168.0/24
# Japan (JP) (hacking, scraping, or spamming)
Require not ip 27.50.96.0/19 36.52.0.0/14 42.83.0.0/18 43.224.32.0/22 58.188.0.0/14 59.146.0.0/15 60.236.0.0/14 61.112.0.0/12 118.0.0.0/12 118.16.0.0/13 118.86.0.0/15 118.106.0.0/16 122.16.0.0/12 122.200.192.0/18 122.208.0.0/12 122.248.128.0/18 123.216.0.0/13 124.84.0.0/14 126.0.0.0/8 150.70.84.41 153.128.0.0/9 182.48.0.0/18 202.210.128.0/18 210.198.6.0/23 210.248.0.0/13 211.19.0.0/16 218.216.0.0/13 218.224.0.0/13 219.94.128.0/17 219.96.0.0/11 220.104.0.0/13 220.208.0.0/12 221.121.160.0/20 222.0.0.0/12 222.231.64.0/18 222.231.128.0/17 222.144.0.0/13 223.216.0.0/14
# Korea (KR) (including North Korea) IP addresses follow:
Require not ip 1.208.0.0/12 1.224.0.0/11 14.32.0.0/11 14.64.0.0/11 27.115.128.0/17 27.255.64.0/18 58.72.0.0/13 58.120.0.0/13 58.140.0.0/14 58.148.0.0/14 58.180.40.0/21 58.224.0.0/12 59.0.0.0/11 59.86.192.0/18 59.186.0.0/15 61.32.0.0/13 61.40.0.0/14 61.72.0.0/13 61.80.0.0/15 61.96.0.0/12 61.110.16.0/20 61.248.0.0/13 101.79.0.0/16 110.8.0.0/13 110.45.0.0/16 112.144.0.0/12 112.160.0.0/11 112.216.0.0/13 113.30.64.0/18 114.29.0.0/17 114.108.0.0/17 114.108.128.0/18 114.200.0.0/13 115.0.0.0/12 115.16.0.0/13 115.40.0.0/15 115.68.0.0/16 115.88.0.0/13 115.144.0.0/15 116.40.0.0/16 116.45.176.0/20 116.93.192.0/19 116.120.0.0/13 117.110.0.0/15 118.32.0.0/11 118.128.0.0/14 118.216.0.0/13 119.64.0.0/13 119.192.0.0/11 120.50.64.0/18 121.78.0.0/16 121.88.0.0/16 121.101.224.0/19 121.127.64.0/18 121.127.128.0/18 121.128.0.0/10 121.254.0.0/16 122.32.0.0/13 122.44.112.0/20 122.99.128.0/17 122.252.64.0/18 123.111.0.0/16 123.140.0.0/14 123.212.0.0/14 123.248.0.0/16 124.0.0.0/15 124.50.87.161 124.136.0.0/14 124.217.192.0/19 125.128.0.0/11 125.176.0.0/12 125.240.0.0/13 125.248.0.0/14 143.248.0.0/16 166.104.0.0/16 168.126.0.0/16 168.188.0.0/16 175.45.176.0/22 175.112.0.0/12 175.192.0.0/10 180.64.0.0/13 180.224.0.0/13 182.224.0.0/14 183.96.0.0/11 202.30.0.0/15 202.133.16.0/20 202.179.176.0/21 203.226.0.0/15 203.228.0.0/14 203.244.0.0/14 203.248.0.0/13 210.93.0.0/16 210.94.0.0/15 210.108.0.0/14 210.112.0.0/14 210.117.128.0/18 210.118.216.192/26 210.123.0.0/16 210.124.0.0/14 210.178.0.0/15 210.180.0.0/15 210.204.0.0/15 210.210.192.0/18 210.219.0.0/16 210.220.0.0/14 211.32.0.0/12 211.48.0.0/15 211.50.0.0/15 211.52.0.0/15 211.54.0.0/15 211.56.0.0/14 211.62.35.0/24 211.104.0.0/13 211.112.0.0/13 211.168.0.0/13 211.176.0.0/12 211.192.0.0/12 211.208.0.0/14 211.216.0.0/13 211.224.0.0/13 211.232.0.0/13 211.240.0.0/12 218.36.0.0/14 218.48.0.0/13 218.144.0.0/12 218.209.0.0/16 218.232.0.0/14 218.236.0.0/14 219.240.0.0/15 219.248.0.0/13 219.250.88.0/21 220.72.0.0/13 220.80.0.0/13 220.95.88.0/24 220.118.0.0/16 220.119.0.0/16 221.128.0.0/12 221.140.0.0/14 221.144.0.0/12 221.160.0.0/13 221.168.0.0/16 221.163.46.0/24 222.96.0.0/12 222.112.0.0/13 222.120.0.0/15 222.122.0.0/16 222.231.0.0/18 222.232.0.0/13
# Yahoo-Korea (provides free email services used by some spammers)
Require not ip 123.0.0.0/20
# Neighboring Asian countries:
# Malaysia (MY)
Require not ip 27.131.32.0/24 60.48.0.0/14 60.52.0.0/15 60.54.0.0/16 110.159.0.0/16 112.137.160.0/20 113.23.128.0/17 115.132.0.0/14 116.197.0.0/17 116.206.0.0/16 118.100.0.0/15 119.110.96.0/20 120.50.48.0/20 120.140.0.0/15 124.82.0.0/16 124.217.224.0/19 161.139.0.0/16 175.136.0.0/13 180.72.0.0/14 182.54.192.0/19 202.58.80.0/20 202.71.96.0/20 202.75.32.0/19 202.188.0.0/18 202.190.0.0/16 203.106.0.0/16 203.217.176.0/22 203.223.128.0/19 210.187.49.0/25 218.111.0.0/16 218.208.12.64/27
# Philippines (PH)
Require not ip 27.110.144.0/20 37.0.120.0/21 85.92.152.0/21 110.5.64.0/21 111.235.80.0/20 112.201.128.0/17 112.202.0.0/16 120.28.64.0/18 122.54.125.73 125.60.128.0/17 125.212.52.0/22 125.212.56.0/22 180.193.64.0/19 202.52.54.0/23 202.133.192.0/24 202.146.184.0/23 222.127.32.0/19 222.127.64.0/19
# Singapore (SG)
Require not ip 47.88.128.0/17 58.185.18.0/28 59.189.0.0/16 116.12.48.0/21 116.14.0.0/15 116.251.223.0/24 121.6.0.0/15 165.21.0.0/16 180.210.200.0/21 182.23.147.0/24 192.169.40.0/23 203.92.64.0/18 203.117.0.0/24 218.186.0.0/16 218.212.0.0/16 219.74.0.0/15 219.75.0.0/17
# Taiwan (TW)
Require not ip 1.160.0.0/12 1.200.0.0/16 36.224.0.0/12 59.112.0.0/12 60.198.0.0/15 60.249.0.0/16 60.250.0.0/15 61.31.0.0/16 61.56.0.0/16 61.58.0.0/15 61.63.0.0/16 61.67.128.0/17 61.216.0.0/14 61.220.0.0/14 61.224.0.0/14 61.228.0.0/14 110.24.0.0/13 110.50.128.0/18 111.240.0.0/12 112.213.48.0/20 114.24.0.0/14 114.32.0.0/12 115.80.0.0/14 115.85.144.0/20 117.19.0.0/16 118.160.0.0/13 122.116.0.0/15 122.118.0.0/16 122.120.0.0/13 122.254.0.0/18 123.51.128.0/17 123.240.0.0/15 124.8.0.0/14 125.224.0.0/13 140.109.0.0/16 140.110.0.0/15 140.112.0.0/12 140.128.0.0/13 140.136.0.0/15 140.138.0.0/16 163.13.0.0/16 163.14.0.0/15 163.16.0.0/12 163.24.0.0/16 163.32.0.0/16 175.96.0.0/14 175.180.0.0/14 203.64.0.0/14 203.71.0.0/16 203.72.0.0/16 210.59.0.0/16 210.200.0.0/15 210.240.0.0/16 211.20.0.0/15 211.23.0.0/16 211.72.0.0/16 211.75.0.0/16 211.76.160.0/20 211.79.32.0/20 211.23.0.0/16 218.160.0.0/12 219.84.0.0/15 219.90.3.0/24 220.128.0.0/12
# Thailand (TH)
Require not ip 1.20.0.0/16 1.46.0.0/15 1.179.128.0/18 14.207.0.0/16 49.0.64.0/18 49.230.0.0/16 58.8.0.0/16 58.9.0.0/16 58.10.0.0/16 58.137.0.0/16 61.19.0.0/16 61.47.0.0/17 110.34.128.0/17 110.168.0.0/16 113.53.0.0/17 114.131.0.0/16 115.87.128.0/17 117.47.0.0/16 118.172.0.0/14 119.59.96.0/19 119.76.0.0/16 122.154.0.0/15 123.242.128.0/18 124.120.0.0/16 124.121.0.0/16 124.122.0.0/16 125.25.0.0/19 171.97.128.0/17 202.28.0.0/15 202.44.135.0/24 202.133.128.0/18 202.142.192.0/19 202.143.128.0/18 203.107.142.0/24 203.113.0.0/17 203.130.149.0/24 203.144.128.0/17 203.146.0.0/16 203.148.128.0/17 203.149.0.0/18 203.150.128.0/17 203.151.38.0/24 203.155.0.0/16 203.158.96.0/19 203.158.128.0/17 203.170.193.0/24 203.172.128.0/17 203.185.128.0/19 210.213.0.0/18 222.123.0.0/16 223.205.0.0/16 223.207.0.0/16
# Vietnam (VN)
Require not ip 1.52.0.0/14 14.160.0.0/11 14.224.0.0/11 27.64.0.0/12 42.112.0.0/13 58.186.0.0/15 64.188.12.0/23 64.188.25.128/26 67.215.225.128/26 103.48.188.0/22 103.48.192.0/22 103.79.140.0/22 103.207.32.0/21 112.78.0.0/20 112.197.0.0/16 112.213.80.0/20 113.22.0.0/16 113.23.0.0/17 113.160.0.0/11 115.72.0.0/13 115.84.176.0/22 115.146.120.0/21 116.96.0.0/12 116.118.0.0/17 117.0.0.0/13 118.68.0.0/14 118.99.13.0/24 123.16.0.0/12 125.234.0.0/15 171.224.0.0/11 175.100.64.0/20 180.93.0.0/16 183.80.0.0/16 183.81.0.0/17 183.91.0.0/19 202.78.227.0/24 203.113.128.0/18 203.162.0.0/16 203.205.0.0/18 203.210.192.0/18 210.211.96.0/19 210.245.0.0/17 220.231.124.0/22 222.252.0.0/14
# End Chinese-Korean blocklist
</RequireAll>
</Files>If you need a complete .htaccess, do ask me, I will be very happy to send it by email
Have a nice day
Yan
Opencart 3.0.3.6
PHP 7.3.26 FPM served by NGINX 1.16.1.3
Linux Centos 7.9.2009 / Plesk 17.8.11
Dedicated Servers
Who is online
Users browsing this forum: No registered users and 5 guests
