OC 3.0.3.2. Errors recently started, never seen them before in years of OC development.
Keep getting these 44 lines of errors multiple times a day and can't figure out who or what is doing it. I am assuming some kinda BOT is hitting my site but I personally can't replicate these errors so it frustrates me
~ Is there any way to know who/what is doing this? Maybe setup something to see what IP address it's coming from?
~ Also anyway to figure out how to replicate this and perhaps prevent it for happening in the future?
1:35:08 - PHP Notice: Undefined index: enquiry in /home/MySite/public_html/catalog/controller/information/contact.php on line 160
1:35:10 - PHP Notice: Undefined index: name in /home/MySite/public_html/catalog/controller/information/contact.php on line 152
1:35:10 - PHP Notice: Undefined index: email in /home/MySite/public_html/catalog/controller/information/contact.php on line 156
1:35:10 - PHP Notice: Undefined index: enquiry in /home/MySite/public_html/catalog/controller/information/contact.php on line 160
1:35:14 - PHP Notice: Undefined index: email in /home/MySite/storage/modification/catalog/controller/account/login.php on line 213
1:35:14 - PHP Notice: Undefined index: email in /home/MySite/storage/modification/catalog/controller/account/login.php on line 220
1:35:14 - PHP Notice: Undefined index: email in /home/MySite/storage/modification/catalog/controller/account/login.php on line 227
1:35:14 - PHP Notice: Undefined index: password in /home/MySite/storage/modification/catalog/controller/account/login.php on line 227
1:35:14 - PHP Notice: Undefined index: email in /home/MySite/storage/modification/catalog/controller/account/login.php on line 230
1:35:20 - PHP Notice: Undefined index: email in /home/MySite/public_html/catalog/controller/account/forgotten.php on line 75
1:35:24 - PHP Notice: Undefined index: firstname in /home/MySite/storage/modification/catalog/controller/account/register.php on line 230
1:35:24 - PHP Notice: Undefined index: lastname in /home/MySite/storage/modification/catalog/controller/account/register.php on line 234
1:35:24 - PHP Notice: Undefined index: email in /home/MySite/storage/modification/catalog/controller/account/register.php on line 238
1:35:24 - PHP Notice: Undefined index: email in /home/MySite/storage/modification/catalog/controller/account/register.php on line 238
1:35:24 - PHP Notice: Undefined index: email in /home/MySite/storage/modification/catalog/controller/account/register.php on line 242
1:35:24 - PHP Notice: Undefined index:telephone in /home/MySite/storage/modification/catalog/controller/account/register.php on line 246
1:35:24 - PHP Notice: Undefined index: password in /home/MySite/storage/modification/catalog/controller/account/register.php on line 272
1:35:24 - PHP Notice: Undefined index: confirm in /home/MySite/storage/modification/catalog/controller/account/register.php on line 276
1:35:24 - PHP Notice: Undefined index: password in /home/MySite/storage/modification/catalog/controller/account/register.php on line 276
1:35:28 - PHP Notice: Undefined index: email in /home/MySite/storage/modification/catalog/controller/account/login.php on line 213
1:35:28 - PHP Notice: Undefined index: email in /home/MySite/storage/modification/catalog/controller/account/login.php on line 220
1:35:28 - PHP Notice: Undefined index: email in /home/MySite/storage/modification/catalog/controller/account/login.php on line 227
1:35:28 - PHP Notice: Undefined index: password in /home/MySite/storage/modification/catalog/controller/account/login.php on line 227
1:35:28 - PHP Notice: Undefined index: email in /home/MySite/storage/modification/catalog/controller/account/login.php on line 230
1:35:39 - PHP Notice: Undefined index: order_id in /home/MySite/public_html/catalog/controller/account/return.php on line 452
1:35:39 - PHP Notice: Undefined index: firstname in /home/MySite/public_html/catalog/controller/account/return.php on line 456
1:35:39 - PHP Notice: Undefined index: lastname in /home/MySite/public_html/catalog/controller/account/return.php on line 460
1:35:39 - PHP Notice: Undefined index: email in /home/MySite/public_html/catalog/controller/account/return.php on line 464
1:35:39 - PHP Notice: Undefined index: email in /home/MySite/public_html/catalog/controller/account/return.php on line 464
1:35:39 - PHP Notice: Undefined index: telephone in /home/MySite/public_html/catalog/controller/account/return.php on line 468
1:35:39 - PHP Notice: Undefined index: product in /home/MySite/public_html/catalog/controller/account/return.php on line 472
1:35:39 - PHP Notice: Undefined index: model in /home/MySite/public_html/catalog/controller/account/return.php on line 476
1:35:50 - PHP Notice: Undefined index: firstname in /home/MySite/public_html/catalog/controller/affiliate/register.php on line 310
1:35:50 - PHP Notice: Undefined index: lastname in /home/MySite/public_html/catalog/controller/affiliate/register.php on line 314
1:35:50 - PHP Notice: Undefined index: email in /home/MySite/public_html/catalog/controller/affiliate/register.php on line 318
1:35:50 - PHP Notice: Undefined index: email in /home/MySite/public_html/catalog/controller/affiliate/register.php on line 318
1:35:50 - PHP Notice: Undefined index: email in /home/MySite/public_html/catalog/controller/affiliate/register.php on line 322
1:35:50 - PHP Notice: Undefined index: telephone in /home/MySite/public_html/catalog/controller/affiliate/register.php on line 326
1:35:50 - PHP Notice: Undefined index: password in /home/MySite/public_html/catalog/controller/affiliate/register.php on line 350
1:35:50 - PHP Notice: Undefined index: confirm in /home/MySite/public_html/catalog/controller/affiliate/register.php on line 354
1:35:50 - PHP Notice: Undefined index: password in /home/MySite/public_html/catalog/controller/affiliate/register.php on line 354
1:35:50 - PHP Notice: Undefined index: payment in /home/MySite/public_html/catalog/controller/affiliate/register.php on line 358
1:35:50 - PHP Notice: Undefined index: payment in /home/MySite/public_html/catalog/controller/affiliate/register.php on line 360
1:35:50 - PHP Notice: Undefined index: payment in /home/MySite/public_html/catalog/controller/affiliate/register.php on line 362
Could be spambots. Try our Spambot Buster.
Export/Import Tool * SpamBot Buster * Unused Images Manager * Instant Option Price Calculator * Number Option * Google Tag Manager * Survey Plus * OpenTwig
You can look in your web access logs at the time of the errors to see what requests are causing them. It's probably just a bot posting without the correct form fields.
If you want to stop your logs filling up, you could modify the validate functions and add an test to each field.
If you want to stop your logs filling up, you could modify the validate functions and add an test to each field.
Code: Select all
if ((utf8_strlen($this->request->post['name']) < 3) || (utf8_strlen($this->request->post['name']) > 32)) {Code: Select all
if (!isset($this->request->post['name']) || (utf8_strlen($this->request->post['name']) < 3) || (utf8_strlen($this->request->post['name']) > 32)) {You should probably install this before your site crashes: https://www.opencart.com/index.php?rout ... n_id=25968
UK OpenCart Hosting | OpenCart Audits | OpenCart Support - please email info@antropy.co.uk
Legendary Member
I keep an eye on my log files so they never really get large so I don't really need the extension. Although it is a very useful extension, I didn't even know about it.paulfeakins wrote: ↑Fri Dec 13, 2024 8:28 pmYou should probably install this before your site crashes: https://www.opencart.com/index.php?rout ... n_id=25968
I guess I'll keep track of my web access logs and try to compare the time of the errors and see if I can figure it out.
~ OC 3.0.3.2 and OCmods only ~
All of them? And it is free.
UK OpenCart Hosting | OpenCart Audits | OpenCart Support - please email info@antropy.co.uk
Legendary Member
Better take care of the errors, warnings and notices than the symptoms.
Ok so I was able to figure out what visitor/bot was causing these annoying errors..
Comparing the time of the errors to my cPanel Raw Access logs (time wasn't same, it was 1 hours off) I found a bot that keeps causing those errors. Luckily for me the BOT keeps using the same weird/odd user_agent (Chrome/120.0.0.0). I don't see anyone else using it so I just went and blocked it in .htaccess
I would rather block the IP addresses it was coming from, but after tracking the bot for a few days I realized it was always switching IP's
Comparing the time of the errors to my cPanel Raw Access logs (time wasn't same, it was 1 hours off) I found a bot that keeps causing those errors. Luckily for me the BOT keeps using the same weird/odd user_agent (Chrome/120.0.0.0). I don't see anyone else using it so I just went and blocked it in .htaccess
I would rather block the IP addresses it was coming from, but after tracking the bot for a few days I realized it was always switching IP's
~ OC 3.0.3.2 and OCmods only ~
If you don't mind, msg me the list of IP that the bot used, I'm coding something that may have defended against something like this and would like to see if it would have worked for you.
v3.0.4.0 php 8.1
I'm here for a reason, if your response is contact a/the developer, just don't reply.
I don't have the IP's off that particular bot that was causing all my errors from post #1. But I do still get hit by bots that are fishing to exploits. They search for specific files that are knows to have vulnerability.
What I did for these horrible bots is as soon as a bot looks for one of these vulnerable files it gives it self away and its IP address. I instantly take their IP address and save it directly to my .htaccess file as "Deny from $ip" with a small PHP script I wrote.
Here is the list of keywords I look for so far (it keeps expanding):
Here are some of the IP's I gathered to block and the file or keyword the BOT was looking for:
What I did for these horrible bots is as soon as a bot looks for one of these vulnerable files it gives it self away and its IP address. I instantly take their IP address and save it directly to my .htaccess file as "Deny from $ip" with a small PHP script I wrote.
Here is the list of keywords I look for so far (it keeps expanding):
Code: Select all
$spamwords = [
'.docker',
'.env',
'.ftpconfig',
'.git',
'.hg',
'.svn',
'.tmb',
'.wp-cli',
'0x.php',
'01.php',
'1index.php',
'02.php',
'2index.php',
'3index.php',
'4price.php',
'007licenseplate.sql',
'007plate.sql',
'13.php',
'098.php',
'1234.php',
'2021wp',
'_ignition',
'_profiler',
'abe.php',
'acme-challenge',
'adm.php',
'adminer.php',
'ae.php',
'ajax-actions.php',
'ak.php',
'aks.php',
'alfa.php',
'alfa-rex.php7',
'alfa-rex2.php7',
'ALFA_DATA',
'alfacgiapi',
'alfanew.php',
'alfanew2.php7',
'archives.php',
'as.php',
'asset',
'asus.php',
'atomlib.php',
'auto-seo.php',
'autoload_classmap.php',
'autoload_classmap',
'avaa.php',
'aws.yml',
'backup',
'baxa1.ph',
'bckp',
'berlin.php',
'bkp',
'bkup',
'bless.php',
'blocks',
'blog.php',
'bs1.php',
'buy.php',
'byp.php',
'bypass.php',
'c.php',
'cc.php',
'certificates',
'cgi-bin',
'chosen',
'citrix',
'ckeditor',
'class.api.php',
'class.php',
'class-php',
'classsmtps.php',
'classwithtostring.php',
'click.php',
'cljntmcz.php',
'cloud.php',
'cnzcsfwm.php',
'colors.php',
'colour.php',
'components',
'conf_upload.php',
'config.php7',
'config',
'cong.php',
'content.php',
'contentloader1.php',
'cookie.php',
'core',
'crack_self_restore.php',
'cron.php',
'csv.php',
'ctc_admin',
'curl.php',
'data',
'database',
'default.php',
'defaults.php',
'delpaths.php',
'demo',
'depotcv.php',
'developer',
'disagraeed.php',
'disagraeosc.php',
'disagraep.php',
'disagreed.php',
'disagrsod.php',
'do_not',
'doc.php',
'donot',
'downloader',
'dropdown.php',
'dump',
'dup-installer',
'ebs.php7',
'edit.php',
'elfinder',
'erin1.PhP7',
'ern.PhP7',
'ern1.PhP7',
'error',
'ethan.php',
'ewebeditor',
'file.php',
'filemanager',
'flower.php',
'framework',
'fresh:',
'frontend',
'function.php',
'fw.php',
'gawean.PhP7',
'gif.php',
'goat1.php',
'good.php',
'hidelicenseplate.sql',
'hideplate.sql',
'includ',
'include',
'indoxploit.php',
'info.php',
'inputs.php',
'installer.php',
'installer-backup.php',
'ioxi001.PhP7',
'ioxi002.PhP7',
'item.php',
'jp.php',
'karma.conf',
'kcfinder',
'KodExplorer',
'koko.PhP7',
'langs',
'laravel',
'legion.php',
'license.php',
'license.txt',
'link.php',
'local.php',
'locally',
'lock.php',
'log.php',
'logs',
'lufix.php',
'lv.php',
'magento',
'main',
'makeasmtp.php',
'marijuana.php',
'matomo',
'media.php',
'media-admin.php',
'menu.php',
'mini',
'moodle',
'moon.php',
'mycommand.php',
'mysql',
'network.php',
'no.php',
'nologin.php',
'options.php',
'options-discussion.php',
'ova-tools.php',
'panel',
'pgs.phP7',
'pki-validation',
'platform',
'plugins-dist.php',
'pomo',
'portal',
'post.php',
'praxismanagement',
'print',
'public',
'radio.php',
'randkeyword',
'rdweb',
'README.md',
'readme.php',
'repeater.php',
'report',
'rest-api',
'root',
'rsd.xml',
'RxR.php',
'rxr.php',
'saka.phP7',
'sandbox',
'secret',
'security.txt',
'server',
'session.php',
'shell',
'shells.php',
'sidwsi.php',
'simple.php',
'site1.com',
'site2.com',
'sitio',
'sito',
'sleepster',
'soso',
'sql',
'stag',
'static',
'style.php',
'temp',
'ticket',
'tiny.php',
'tinyfilemanager',
'trydeal.sql',
'ueditor',
'UEditor',
'up.php',
'upall.php',
'UpdateChecker.exe',
'upel.php',
'upfile.php',
'upgrade.php',
'upload',
'ups.php',
'used:',
'userarea',
'utchiha.php',
'utility',
'Utility',
'v3.php',
'v5.php',
'vendor',
'vqmod',
'widgets.php',
'wikindex.php',
'wordpress',
'worksec.php',
'worm0.PhP7',
'worm3.PhP7',
'wp-',
'ws.php',
'WSOEnigma.php',
'xl2023.php',
'xleet.php',
'xmlrpc',
'xx.php',
'xxx.php',
'yanz.php',
'.aws',
'zencart'
// DONT USE - script, prod, .php, auth,
];Code: Select all
Deny from 13.76.244.185 //radio.php
Deny from 3.120.186.2 //.env
Deny from 84.239.16.8 //.env
Deny from 3.106.167.75 //.env
Deny from 15.156.74.184 //.env
Deny from 3.107.187.199 //.env
Deny from 34.216.138.85 //.env
Deny from 3.76.252.132 //.env
Deny from 54.159.209.4 //.env
Deny from 13.76.244.125 //lock.php
Deny from 15.188.62.166 //wordpress
Deny from 3.140.245.206 //main
Deny from 3.12.73.7 //backup
Deny from 172.172.130.74 //disagraeosc.php
Deny from 13.58.216.29 //main
Deny from 15.152.112.203 //.env
Deny from 3.15.190.168 //main
Deny from 103.194.184.194 //includ
Deny from 18.118.50.130 //main
Deny from 52.187.27.127 //cljntmcz.php
Deny from 116.213.38.242 //includ
Deny from 103.194.185.42 //static
Deny from 52.163.76.196 //autoload_classmap.php
Deny from 35.180.252.16 //wordpress
Deny from 13.38.120.183 //wordpress
Deny from 119.42.147.194 //static
Deny from 52.163.71.87 //cloud.php
Deny from 103.194.185.58 //includ
Deny from 20.169.232.142 //autoload_classmap.php
Deny from 198.23.136.133 //public
Last edited by supak111 on Tue Dec 17, 2024 11:40 pm, edited 1 time in total.
~ OC 3.0.3.2 and OCmods only ~
Kind of a waste of time and resources to manage ips requesting assets you do not have, unless you want to run a honeypot instead of an e-commerce site.supak111 wrote: ↑Tue Dec 17, 2024 11:28 pmI don't have the IP's off that particular bot that was causing all my errors from post #1. But I do still get hit by bots that are fishing to exploits. They search for specific files that are knows to have vulnerability.
What I did for these horrible bots is as soon as a bot looks for one of these vulnerable files it gives it self away and its IP address. I instantly take their IP address and save it directly to my .htaccess file as "Deny from $ip" with a small PHP script I wrote.
Here is the list of keywords I look for so far (it keeps expanding):
Here are some of the IP's I gathered to block and the file or keyword the BOT was looking for:Code: Select all
$spamwords = [ '.docker', '.env', '.ftpconfig', '.git', '.hg', '.svn', '.tmb', '.wp-cli', '0x.php', '01.php', '1index.php', '02.php', '2index.php', '3index.php', '4price.php', '007licenseplate.sql', '007plate.sql', '13.php', '098.php', '1234.php', '2021wp', '_ignition', '_profiler', 'abe.php', 'acme-challenge', 'adm.php', 'adminer.php', 'ae.php', 'ajax-actions.php', 'ak.php', 'aks.php', 'alfa.php', 'alfa-rex.php7', 'alfa-rex2.php7', 'ALFA_DATA', 'alfacgiapi', 'alfanew.php', 'alfanew2.php7', 'archives.php', 'as.php', 'asset', 'asus.php', 'atomlib.php', 'auto-seo.php', 'autoload_classmap.php', 'autoload_classmap', 'avaa.php', 'aws.yml', 'backup', 'baxa1.ph', 'bckp', 'berlin.php', 'bkp', 'bkup', 'bless.php', 'blocks', 'blog.php', 'bs1.php', 'buy.php', 'byp.php', 'bypass.php', 'c.php', 'cc.php', 'certificates', 'cgi-bin', 'chosen', 'citrix', 'ckeditor', 'class.api.php', 'class.php', 'class-php', 'classsmtps.php', 'classwithtostring.php', 'click.php', 'cljntmcz.php', 'cloud.php', 'cnzcsfwm.php', 'colors.php', 'colour.php', 'components', 'conf_upload.php', 'config.php7', 'config', 'cong.php', 'content.php', 'contentloader1.php', 'cookie.php', 'core', 'crack_self_restore.php', 'cron.php', 'csv.php', 'ctc_admin', 'curl.php', 'data', 'database', 'default.php', 'defaults.php', 'delpaths.php', 'demo', 'depotcv.php', 'developer', 'disagraeed.php', 'disagraeosc.php', 'disagraep.php', 'disagreed.php', 'disagrsod.php', 'do_not', 'doc.php', 'donot', 'downloader', 'dropdown.php', 'dump', 'dup-installer', 'ebs.php7', 'edit.php', 'elfinder', 'erin1.PhP7', 'ern.PhP7', 'ern1.PhP7', 'error', 'ethan.php', 'ewebeditor', 'file.php', 'filemanager', 'flower.php', 'framework', 'fresh:', 'frontend', 'function.php', 'fw.php', 'gawean.PhP7', 'gif.php', 'goat1.php', 'good.php', 'hidelicenseplate.sql', 'hideplate.sql', 'includ', 'include', 'indoxploit.php', 'info.php', 'inputs.php', 'installer.php', 'installer-backup.php', 'ioxi001.PhP7', 'ioxi002.PhP7', 'item.php', 'jp.php', 'karma.conf', 'kcfinder', 'KodExplorer', 'koko.PhP7', 'langs', 'laravel', 'legion.php', 'license.php', 'license.txt', 'link.php', 'local.php', 'locally', 'lock.php', 'log.php', 'logs', 'lufix.php', 'lv.php', 'magento', 'main', 'makeasmtp.php', 'marijuana.php', 'matomo', 'media.php', 'media-admin.php', 'menu.php', 'mini', 'moodle', 'moon.php', 'mycommand.php', 'mysql', 'network.php', 'no.php', 'nologin.php', 'options.php', 'options-discussion.php', 'ova-tools.php', 'panel', 'pgs.phP7', 'pki-validation', 'platform', 'plugins-dist.php', 'pomo', 'portal', 'post.php', 'praxismanagement', 'print', 'public', 'radio.php', 'randkeyword', 'rdweb', 'README.md', 'readme.php', 'repeater.php', 'report', 'rest-api', 'root', 'rsd.xml', 'RxR.php', 'rxr.php', 'saka.phP7', 'sandbox', 'secret', 'security.txt', 'server', 'session.php', 'shell', 'shells.php', 'sidwsi.php', 'simple.php', 'site1.com', 'site2.com', 'sitio', 'sito', 'sleepster', 'soso', 'sql', 'stag', 'static', 'style.php', 'temp', 'ticket', 'tiny.php', 'tinyfilemanager', 'trydeal.sql', 'ueditor', 'UEditor', 'up.php', 'upall.php', 'UpdateChecker.exe', 'upel.php', 'upfile.php', 'upgrade.php', 'upload', 'ups.php', 'used:', 'userarea', 'utchiha.php', 'utility', 'Utility', 'v3.php', 'v5.php', 'vendor', 'vqmod', 'widgets.php', 'wikindex.php', 'wordpress', 'worksec.php', 'worm0.PhP7', 'worm3.PhP7', 'wp-', 'ws.php', 'WSOEnigma.php', 'xl2023.php', 'xleet.php', 'xmlrpc', 'xx.php', 'xxx.php', 'yanz.php', '.aws', 'zencart' // DONT USE - script, prod, .php, auth, ];Code: Select all
Deny from 13.76.244.185 //radio.php Deny from 3.120.186.2 //.env Deny from 84.239.16.8 //.env Deny from 3.106.167.75 //.env Deny from 15.156.74.184 //.env Deny from 3.107.187.199 //.env Deny from 34.216.138.85 //.env Deny from 3.76.252.132 //.env Deny from 54.159.209.4 //.env Deny from 13.76.244.125 //lock.php Deny from 15.188.62.166 //wordpress Deny from 3.140.245.206 //main Deny from 3.12.73.7 //backup Deny from 172.172.130.74 //disagraeosc.php Deny from 13.58.216.29 //main Deny from 15.152.112.203 //.env Deny from 3.15.190.168 //main Deny from 103.194.184.194 //includ Deny from 18.118.50.130 //main Deny from 52.187.27.127 //cljntmcz.php Deny from 116.213.38.242 //includ Deny from 103.194.185.42 //static Deny from 52.163.76.196 //autoload_classmap.php Deny from 35.180.252.16 //wordpress Deny from 13.38.120.183 //wordpress Deny from 119.42.147.194 //static Deny from 52.163.71.87 //cloud.php Deny from 103.194.185.58 //includ Deny from 20.169.232.142 //autoload_classmap.php Deny from 198.23.136.133 //public
A bot thats visiting various URL's on my site 30-60 times in 10 seconds is worse IMO... Portably slows down everyone that on the site at the time of the bot attack.
With the solution above, it can hit once and it automatically goes on the "Deny from" list.
I have iSenseLabs BotBlocker that looks up IP addresses and compares them to reported BOTs, I'm sure that slows down the site too? No?
With the solution above, it can hit once and it automatically goes on the "Deny from" list.
I have iSenseLabs BotBlocker that looks up IP addresses and compares them to reported BOTs, I'm sure that slows down the site too? No?
~ OC 3.0.3.2 and OCmods only ~
"A bot thats visiting various URL's on my site 30-60 times in 10 seconds is worse IMO", not really, a normal page request itself initiates numerous requests by design, just issue a 404 or 410 and move on. There are countless urls which probes request and you do not have and there are countless ips issueing them, good luck managing them all.supak111 wrote: ↑Wed Dec 18, 2024 4:00 amA bot thats visiting various URL's on my site 30-60 times in 10 seconds is worse IMO... Portably slows down everyone that on the site at the time of the bot attack.
With the solution above, it can hit once and it automatically goes on the "Deny from" list.
I have iSenseLabs BotBlocker that looks up IP addresses and compares them to reported BOTs, I'm sure that slows down the site too? No?
If you use seo urls and make sure your seo urls do not contain a dot, you can use this in your htaccess instead of the original seo url handling code.
Code: Select all
# give straight 410 for non existing files/directories with a dot
RewriteCond %{REQUEST_URI} \.
RewriteCond %{REQUEST_FILENAME} !-s
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^.*$ - [G,L]
# any virtual url not containing a dot, let OC handle them
RewriteCond %{REQUEST_URI} !\.
RewriteCond %{REQUEST_FILENAME} !-s
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^([^?]*) /index.php?_route_=$1 [PT,QSA,L]
PS. Making external lookups of any kind will always slow you down.
TL;DR Blocking ip addresses other than for (D)DOS attacks is futile.
Sampling from your list:
13.76.244.185 = Azure cloud
3.*.*.* = all Amazon AWS
84.239.16.8 = Datacamp vpn
54.*.*.* = all Amazon AWS
etc, etc, etc.
As an appetizer, AWS owns the following publically published subnet quantities:
4x /11, 14x /12, 30x /13, 78x /14, 184x /15, 278x /16
That translates into 101,579,624 potential ip addresses.
Long gone are the days when hackers, probers and spammers operated their own little desktops from their basement in Ukraine, Russia, PRC, Nigeria and the seychelles, these days these guys rent a cloud instance for an hour, do their thing and then rent another with a different ip address.
Amazon AWS has 100 million+ ipv4 addresses alone, add azure cloud, OVH SAS, DigitalOcean, Akamai, Hetzner Online GmbH, Google LLC, Oracle Cloud and all the other cloud services great and small and ....... get the picture?
Sampling from your list:
13.76.244.185 = Azure cloud
3.*.*.* = all Amazon AWS
84.239.16.8 = Datacamp vpn
54.*.*.* = all Amazon AWS
etc, etc, etc.
As an appetizer, AWS owns the following publically published subnet quantities:
4x /11, 14x /12, 30x /13, 78x /14, 184x /15, 278x /16
That translates into 101,579,624 potential ip addresses.
Long gone are the days when hackers, probers and spammers operated their own little desktops from their basement in Ukraine, Russia, PRC, Nigeria and the seychelles, these days these guys rent a cloud instance for an hour, do their thing and then rent another with a different ip address.
Amazon AWS has 100 million+ ipv4 addresses alone, add azure cloud, OVH SAS, DigitalOcean, Akamai, Hetzner Online GmbH, Google LLC, Oracle Cloud and all the other cloud services great and small and ....... get the picture?
This is nice but problem is that contact page... actually most of the links in the footer are NOT seo urls so they do contains a dot/periodnonnedelectari wrote: ↑Wed Dec 18, 2024 8:36 amIf you use seo urls and make sure your seo urls do not contain a dot, you can use this in your htaccess instead of the original seo url handling code.Code: Select all
# give straight 410 for non existing files/directories with a dot RewriteCond %{REQUEST_URI} \. RewriteCond %{REQUEST_FILENAME} !-s RewriteCond %{REQUEST_FILENAME} !-d RewriteRule ^.*$ - [G,L] # any virtual url not containing a dot, let OC handle them RewriteCond %{REQUEST_URI} !\. RewriteCond %{REQUEST_FILENAME} !-s RewriteCond %{REQUEST_FILENAME} !-d RewriteRule ^([^?]*) /index.php?_route_=$1 [PT,QSA,L]
.
~ OC 3.0.3.2 and OCmods only ~
So the requests for resources you do not have are not a problem then?This is nice but problem is that contact page...
Then why block ip addresses based on those requests instead of just returning a 404 or 410?
Besides, you already have the solution for the contact page error log problem.
I specifically put in bold (resources you do not have) for those who do not grasp how the seo url part of htaccess works.actually most of the links in the footer are NOT seo urls so they do contains a dot/period
That part tells the webserver to pass any url for resources which do not exist (like seo urls) to index.php for seu url handling instead of returning a 404 directly.
Since all non-seo OC urls target index.php (which does exist) directly, non-seo OC urls are not affected by this directive, neither are existing static assests like .css, .js, etc. The addition of the dot check just necessitates that your (non existing) seo urls do not contain a dot.
Who is online
Users browsing this forum: Semrush [Bot] and 14 guests
