If you haven't already blocked it:
71.134.251.13
ST spam protection caught it trying to send over 4000 "clicks" through st.php on one of my sites.
Block this IP
If you haven't already blocked it:
71.134.251.13
ST spam protection caught it trying to send over 4000 "clicks" through st.php on one of my sites.
Looks like an AT&T DSL IP in San Jose, CA.
I wonder what is the fastest way to block IP on, for example, 50 domains...
POWERED BY REPLICATORS
If all your domains are on the same server, then you can block an IP server-wide with this...Originally Posted by PinkFloyd
Also, you can check to see how many concurrent connections are opening port 80(your webserver) with this command:Code:iptables -I INPUT -s 71.134.251.13 -j DROP
Example output:Code:netstat -na |grep ":80" |awk '{print $5}'|cut -d: -f 1 |sort | uniq -c | sort -nk 1
(in this case "91.192.115.xx" was a Russian bot with 38 concurrent connections open... No soup for you, Comrade! [permaban]Code:1 0.0.0.0 1 65.55.106.xxx 1 67.195.37.xxx 1 72.232.199.xxx 1 75.23.45.xx 1 84.31.174.xxx 2 194.8.75.x 2 65.13.182.xx 3 194.126.180.xxx 4 59.95.192.xx 38 91.192.115.xx)
mod_evasive is a great Apache module for auto-banning abusive IPs as well.
Last edited by NoMercy; July 4th, 2009 at 01:07 AM. Reason: added quote
Big deal,there is tons of such ip which goes crazy on daily bases.I can send you list with tons of ip addresses which doing same.
Please do.
Anyways, I might not have caught this one if I didn't turn on spam protection in ST after all the talk of link spamming in the Google penalty thread.
Posting Permissions
Reply With Quote