OpenCart Community

ver 3.0.3.3

in the htaccess file i tried blocking all russia ip addresses using "https://www.countryipblocks.net/acl.php"

for some reason it doesnt allow me here in the U.S. to access the admin or web site.

but if i just block a few specific i addresses all works well.

issue I am having is knowing what ip addresses to block

had a registration last night from russia on the CUSTOMER page IP showed as 176.106.246.67

BUT then when i went to the actual database and looked at logged in IP addresses, this persons IP in the DB shows as 109.248.13.193

So I double checked a couple others, and this same situation occurs???

What exactly are you trying to accomplish? These days it's quite easy to bypass IP-address blocking, by using e.g. a VPN. Are you trying to prevent fake customer registrations or spam messages via your Contact Us page?

And what do you mean when saying:

it doesnt allow me here in the U.S. to access the admin or web site.

?
Which website?

I went to that IP addresses site added all IP addresses from Russia to the htaccess file, made sure my own address for some reason wasnt listed (just in case), uploaded the file, after that I was no longer able to access my own site or my own admin panel.

Yes I agree about the VPN issue, I am trying to stop fake contact us messages and customer registrations.

I am already using the Google Captcha, dont think that is doing much, I see online there is software people use to bypass that as well.

JNeuhoff wrote: ↑

Sun Jan 02, 2022 8:41 pm

What exactly are you trying to accomplish? These days it's quite easy to bypass IP-address blocking, by using e.g. a VPN. Are you trying to prevent fake customer registrations or spam messages via your Contact Us page?

And what do you mean when saying:

it doesnt allow me here in the U.S. to access the admin or web site.

?
Which website?

That would result in a huge list of IP-addresses in your '.htaccess'!

If it is just for preventing spambots for doing fake account registrations or sending spam messages via your Contact Us then we recommend using the SpamBot Buster. The latter is capable of distinguishing between genuine human users and spambots pretty reliable, much better than captchas, and there is no need for a captcha.

Blocking ip country ranges (and individual ips for that matter) is futile as ip ranges are bought and sold across country lines faster than you can manage them. As above, the list would be huge. Besides, real hackers and fake customers use cloud services, amazon, etc. from your own country, only cheap amateurs still use russia, ukraine, nigeria, the known culprits. So if you are into managing ACLs and such, go ahead, otherwise, don't bother yourself.

The only exception is dynamic ip blocking via a firewall when dealing with a DOS or a DDOS attack but even then you would only keep that block for the duration.
There is however nobody who would DDOS an OC site, you might encounter a very radical bot sometimes which requests 50+ requests per second but even that would not be a DOS attack.

On different recorded ip addresses:
The customer_login table records failed login attempts.
However, a customer can register from ip xxx.xxx.xxx.xxx and later login from ip yyy.yyy.yyy.yyy, ips change, on mobile networks many times in transit during a session actually.
So there is nothing suspicious there.

belowcost wrote: ↑

Sun Jan 02, 2022 1:48 am

in the htaccess file i tried blocking all russia ip addresses using "https://www.countryipblocks.net/acl.php"

This isn't OpenCart specific so you're better off on StackOverflow.

It is best to use a firewall like https://www.getastra.com/ to block malicious bots and certain countries from accessing your website.

fegdeed wrote: ↑

Wed Jan 05, 2022 1:41 am

It is best to use a firewall like https://www.getastra.com/features?refer ... ource=copy to block malicious bots and certain countries from accessing your website.

I agree Astra is the way to go. Our Astra licenses are less expensive than Astra direct and we provide you with support along with the Astra team.