Some info about IP bans requested

Shambles · June 15, 2014, 04:01:25 PM

Good.

Be aware that 37.58.100.0/16 will actually prohibit the range 37.58.*.* and not just 37.58.100.*

Ditto 184.173.183.0/16 will apply the prohibition to 184.173.*.*

Ninja ZX-10RR · June 15, 2014, 04:31:18 PM

Not good then, how could I ban only the 37.58.100.*.* range with that method?

Shambles · June 15, 2014, 04:40:05 PM

37.58.100.0/24

Ninja ZX-10RR · June 15, 2014, 05:02:22 PM

As attached
47879 polygons in 3D
Total time: around 3 minutes (most of them for managing the screenshot

)

Shambles · June 15, 2014, 05:05:13 PM

Lol.

Arantor · June 15, 2014, 05:05:23 PM

Yeah, those S curves needs lotsa polys.

Ninja ZX-10RR · June 15, 2014, 05:12:13 PM

Yeah indeed they are pretty heavy xD the weapons I make are faraway lower in polys, it's kinda funny

Oh by the way I'll mark this as solved once more xD (I think it's the 3rd time or something like that lol)

Ninja ZX-10RR · June 16, 2014, 01:34:50 AM

I swear to god i am not trolling but this IP 37.58.100.167 managed to connect and it shouldn't have been possible as I have set deny from 37.58.100.0/24, so didn't really work even as it seemed to... It sounds damn crazy as if I try to defy from that IP it fails to connect but I did have this IP connected D: I attached a screenshot so you see that I'm not trolling you because it would seem so but really isn't

*marks again as not solved and tries to kill his ht access file making it suffering painfully*

My htaccess again:

Code Select

##
# @version		$Id: htaccess.txt 21101 2011-04-07 15:47:33Z dextercowley $
# @package		Joomla
# @copyright	Copyright (C) 2005 - 2011 Open Source Matters. All rights reserved.
# @license		GNU General Public License version 2 or later; see LICENSE.txt
##

##
# READ THIS COMPLETELY IF YOU CHOOSE TO USE THIS FILE!
#
# The line just below this section: 'Options +FollowSymLinks' may cause problems
# with some server configurations.  It is required for use of mod_rewrite, but may already
# be set by your server administrator in a way that dissallows changing it in
# your .htaccess file.  If using it causes your server to error out, comment it out (add # to
# beginning of line), reload your site in your browser and test your sef url's.  If they work,
# it has been set by your server administrator and you do not need it set here.
##

## Can be commented out if causes errors, see notes above.
Options +FollowSymLinks

## Mod_rewrite in use.

RewriteEngine On

## Begin - Rewrite rules to block out some common exploits.
# If you experience problems on your site block out the operations listed below
# This attempts to block the most common type of exploit `attempts` to Joomla!
#
# Block out any script trying to base64_encode data within the URL.
RewriteCond %{QUERY_STRING} base64_encode[^(]*\([^)]*\) [OR]
# Block out any script that includes a <script> tag in URL.
RewriteCond %{QUERY_STRING} (<|%3C)([^s]*s)+cript.*(>|%3E) [NC,OR]
# Block out any script trying to set a PHP GLOBALS variable via URL.
RewriteCond %{QUERY_STRING} GLOBALS(=|\[|\%[0-9A-Z]{0,2}) [OR]
# Block out any script trying to modify a _REQUEST variable via URL.
RewriteCond %{QUERY_STRING} _REQUEST(=|\[|\%[0-9A-Z]{0,2})
# Return 403 Forbidden header and show the content of the root homepage
RewriteRule .* index.php [F]
#
#Set the timezone
SetEnv TZ Europe/Rome
## End - Rewrite rules to block out some common exploits.

## Begin - Custom redirects
#
# If you need to redirect some pages, or set a canonical non-www to
# www redirect (or vice versa), place that code here. Ensure those
# redirects use the correct RewriteRule syntax and the [R=301,L] flags.
#
## End - Custom redirects

##
# Uncomment following line if your webserver's URL
# is not directly related to physical file paths.
# Update Your Joomla! Directory (just / for root).
##

# /* modifica */
RewriteBase /
# /* fine */

## Begin - Joomla! core SEF Section.
#
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
#
# If the requested path and file is not /index.php and the request
# has not already been internally rewritten to the index.php script
RewriteCond %{REQUEST_URI} !^/index\.php
# and the request is for something within the component folder,
# or for the site root, or for an extensionless URL, or the
# requested URL ends with one of the listed extensions
RewriteCond %{REQUEST_URI} /component/|(/[^.]*|\.(php|html?|feed|pdf|vcf|raw))$ [NC]
# and the requested path and file doesn't directly match a physical file
RewriteCond %{REQUEST_FILENAME} !-f
# and the requested path and file doesn't directly match a physical folder
RewriteCond %{REQUEST_FILENAME} !-d
# internally rewrite the request to the index.php script
RewriteRule .* index.php [L]
#
## End - Joomla! core SEF Section.

# /* modifica */
# # av:php5-engine
AddHandler av-php5 .php
# /* fine */

#Block bad IP
#######################################################################################
order allow,deny
deny from  24.91.97.152 
deny from  114.130.28.154 
deny from  91.207.7.182 
deny from  91.207.4.14 
deny from  37.58.100.0/24
deny from  46.118. 46.119 
deny from  192.99. 31.41 
deny from  5.255.253.164 
deny from  213.87.123.232 
deny from  184.173.183.0/24
allow from all

Ninja ZX-10RR · June 16, 2014, 11:50:49 PM

Marking as solved again, and this is the last time, for reference --> http://www.simplemachines.org/community/index.php?topic=523925.0 many thanks to Lou69, Arantor, CoreISP, Shambles, Antechinus, Kindred and a10.

Useful links regarding the question:
http://httpd.apache.org/docs/2.2/mod/mod_authz_host.html#order
http://httpd.apache.org/docs/current/mod/mod_access_compat.html#allow

a10 · June 20, 2014, 01:01:40 PM

Just a note about deny's, took htaccess away for a day (14.06) to check the bot activity, see attachment.

gogotha · June 22, 2014, 12:15:11 PM

Thanks Flavio93Zena for bringing this up. I am starting to ban countries that are hammering our forum. Cant really tell what they are doing since our site is private but they are landing on the registration page by the hundreds.

SMF, is running IP bans in SMF on a dedicated power edge 1750, 2.4ghz, 2 Dual xeon cpu's, 4gig ram with 1 forum and 1 ftp cause a slow down?

I am running IIS, putting the banned CIDR in ->IIS ->SMF Website ->Directory Security ->IP address and Domain name restrictions suffice?

Kindred · June 22, 2014, 12:21:14 PM

yes. Using the SMF ban system in that way will indeed have performance consequences

Ninja ZX-10RR · June 22, 2014, 12:30:53 PM

No problem I suggest you to read this guide it explains everything in details

Still no one has moved it to tips and tricks but it's still good --> http://www.simplemachines.org/community/index.php?topic=524146.0

gogotha · June 22, 2014, 02:51:31 PM

Well pooh, I am running SMF on M$ Server. Since .htaccess is Apache, I will see how M$ IIS "IP address and Domain name restrictions" in Directory Security works and remove IP bans from SMF Forum. I have apache on Server but I am running experimental SugarCRM on it.

I thought about putting CDIR block in my smoothwall but damn-it, linux not strong suite, need GUI!

Thanks for replies!

Ninja ZX-10RR · June 22, 2014, 03:00:44 PM

Well you're welcome I hope you can sort it out somehow. I know that htaccess stuff but I can't tell you how to find a workaround for that... Maybe posting a topic in here (http://www.simplemachines.org/community/index.php?board=60.0) would be more helpful

News:

Some info about IP bans requested