BotBanish Firewall Client

[Starbuck501]

All sorted now.
Googlebot is now showing.
Thank you for your time, It really is appreciated.

[Randem]

You are very welcome! Glad to help. 

[Starbuck501]

Back again I'm afraid.

One of my Site Admins is having problems logging in.
Only started recently.
Last 2 days she has only been getting a white page when signing in.

I pulled these from the access log.... why are there 2 different codes:
301 616
200 3899

pool-71-162-193-227.phlapa.fios.verizon.net - - [03/Mar/2018:00:00:05 +0100] "GET /forums/index.php HTTP/1.1" 200 3899 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.36 Edge/16.16299"
pool-71-162-193-227.phlapa.fios.verizon.net - - [03/Mar/2018:00:01:20 +0100] "GET /forums/index.php HTTP/1.1" 200 3899 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.36 Edge/16.16299"
pool-71-162-193-227.phlapa.fios.verizon.net - - [03/Mar/2018:18:14:08 +0100] "GET /forums/index.php HTTP/1.1" 301 616 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.36 Edge/16.16299"
pool-71-162-193-227.phlapa.fios.verizon.net - - [03/Mar/2018:18:14:09 +0100] "GET /forums/index.php HTTP/1.1" 200 3899 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.36 Edge/16.16299"
pool-71-162-193-227.phlapa.fios.verizon.net - - [03/Mar/2018:17:41:37 +0100] "GET /forums/index.php HTTP/1.1" 301 616 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.36 Edge/16.16299"
pool-71-162-193-227.phlapa.fios.verizon.net - - [03/Mar/2018:17:41:38 +0100] "GET /forums/index.php HTTP/1.1" 200 3899 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.36 Edge/16.16299"

-------
I can't see the IP listed in the .htaccess file.

[Starbuck501]

Took a chance and added the IP to the BotBanishClient_ip_dnb table.
It seems to have cured the problem.
Site Admin is now back online.

[Randem]

Aloha,
Ok, good glad you used the override.
I was replying when I got your new post.
I don't see anything in the information that you posted that would suggest any blocking.
BotBanish is not blocking that IP so it must be somewhere in the user-agent blocking that you have.
I will research more...

Those are Apache codes. You can see a list of them here - http://www.bignosebird.com/apache/a5.shtml
Which would seem to signify that another part of your .htaccess files has taken over.

This can also help you decipher the error log - https://httpd.apache.org/docs/1.3/logs.html

If BotBanish does something with an IP or User-Agent you should get a 403 Error in the log.

[Randem]

I just attempted to access your site and got a white screen. My IP is definitely not being blocked by Botbanish. Could you send me your .htaccess file from your root folder. There must be something in it that is blocking requests.

[Starbuck501]

Luckily I downloaded a copy earlier, so I have it to hand.

# -FrontPage-

IndexIgnore .htaccess */.??* *~ *

# */HEADER* */README* */_vti*

SetEnv TZ Europe/Amsterdam

Options All -Indexes

Options +FollowSymlinks

AuthName smokey-services.eu
AuthUserFile /var/www/vhosts/smokey-services.eu/httpdocs/_vti_pvt/service.pwd
AuthGroupFile /var/www/vhosts/smokey-services.eu/httpdocs/_vti_pvt/service.grp

Redirect 301 /index.html http://www.smokey-services.eu/forums/
Redirect 301 /index.php http://www.smokey-services.eu/forums/
RewriteRule ^forum/(.*) http://www.smokey-services.eu/ [R=301,L]

#
#
#

RewriteEngine on

SetEnvIfNoCase User-Agent "^HTTrack" bad_bot
SetEnvIfNoCase User-Agent "^Bandit" bad_bot
SetEnvIfNoCase User-Agent "^BatchFTP" bad_bot
SetEnvIfNoCase User-Agent "^Bigfoot" bad_bot
SetEnvIfNoCase User-Agent "^Black.Hole" bad_bot
SetEnvIfNoCase User-Agent "^Black Hole" bad_bot
SetEnvIfNoCase User-Agent "^Titan" bad_bot
SetEnvIfNoCase User-Agent "^WebStripper" bad_bot
SetEnvIfNoCase User-Agent "^NetMechanic" bad_bot
SetEnvIfNoCase User-Agent "^CherryPicker" bad_bot
SetEnvIfNoCase User-Agent "^EmailCollector" bad_bot
SetEnvIfNoCase User-Agent "^EmailSiphon" bad_bot
SetEnvIfNoCase User-Agent "^WebBandit" bad_bot
SetEnvIfNoCase User-Agent "^EmailWolf" bad_bot
SetEnvIfNoCase User-Agent "^ExtractorPro" bad_bot
SetEnvIfNoCase User-Agent "^CopyRightCheck" bad_bot
SetEnvIfNoCase User-Agent "^Crescent" bad_bot
SetEnvIfNoCase User-Agent "^Wget" bad_bot
SetEnvIfNoCase User-Agent "^SiteSnagger" bad_bot
SetEnvIfNoCase User-Agent "^ProWebWalker" bad_bot
SetEnvIfNoCase User-Agent "^CheeseBot" bad_bot
SetEnvIfNoCase User-Agent "^Teleport" bad_bot
SetEnvIfNoCase User-Agent "^TeleportPro" bad_bot
SetEnvIfNoCase User-Agent "^MIIxpc" bad_bot
SetEnvIfNoCase User-Agent "^Telesoft" bad_bot
SetEnvIfNoCase User-Agent "^Website Quester" bad_bot
SetEnvIfNoCase User-Agent "^WebZip" bad_bot
SetEnvIfNoCase User-Agent "^moget/2.1" bad_bot
SetEnvIfNoCase User-Agent "^WebZip/4.0" bad_bot
SetEnvIfNoCase User-Agent "^WebSauger" bad_bot
SetEnvIfNoCase User-Agent "^WebCopier" bad_bot
SetEnvIfNoCase User-Agent "^NetAnts" bad_bot
SetEnvIfNoCase User-Agent "^Mister PiX" bad_bot
SetEnvIfNoCase User-Agent "^WebAuto" bad_bot
SetEnvIfNoCase User-Agent "^TheNomad" bad_bot
SetEnvIfNoCase User-Agent "^WWW-Collector-E" bad_bot
SetEnvIfNoCase User-Agent "^RMA" bad_bot
SetEnvIfNoCase User-Agent "^libWeb/clsHTTP" bad_bot
SetEnvIfNoCase User-Agent "^asterias" bad_bot
SetEnvIfNoCase User-Agent "^httplib" bad_bot
SetEnvIfNoCase User-Agent "^turingos" bad_bot
SetEnvIfNoCase User-Agent "^spanner" bad_bot
SetEnvIfNoCase User-Agent "^InfoNaviRobot" bad_bot
SetEnvIfNoCase User-Agent "^Harvest/1.5" bad_bot
SetEnvIfNoCase User-Agent "^Bullseye/1.0" bad_bot
SetEnvIfNoCase User-Agent "^Mozilla/4.0 (compatible; BullsEye; Windows 95)" bad_bot
SetEnvIfNoCase User-Agent "^Crescent Internet ToolPak HTTP OLE Control v.1.0" bad_bot
SetEnvIfNoCase User-Agent "^CherryPickerSE/1.0" bad_bot
SetEnvIfNoCase User-Agent "^CherryPicker /1.0" bad_bot
SetEnvIfNoCase User-Agent "^WebBandit/3.50" bad_bot
SetEnvIfNoCase User-Agent "^NICErsPRO" bad_bot
SetEnvIfNoCase User-Agent "^Microsoft URL Control - 5.01.4511" bad_bot
SetEnvIfNoCase User-Agent "^DittoSpyder" bad_bot
SetEnvIfNoCase User-Agent "^Foobot" bad_bot
SetEnvIfNoCase User-Agent "^WebmasterWorldForumBot" bad_bot
SetEnvIfNoCase User-Agent "^SpankBot" bad_bot
SetEnvIfNoCase User-Agent "^BotALot" bad_bot
SetEnvIfNoCase User-Agent "^lwp-trivial/1.34" bad_bot
SetEnvIfNoCase User-Agent "^lwp-trivial" bad_bot
SetEnvIfNoCase User-Agent "^Wget/1.6" bad_bot
SetEnvIfNoCase User-Agent "^BunnySlippers" bad_bot
SetEnvIfNoCase User-Agent "^Microsoft URL Control - 6.00.8169" bad_bot
SetEnvIfNoCase User-Agent "^URLy Warning" bad_bot
SetEnvIfNoCase User-Agent "^Wget/1.5.3" bad_bot
SetEnvIfNoCase User-Agent "^LinkWalker" bad_bot
SetEnvIfNoCase User-Agent "^cosmos" bad_bot
SetEnvIfNoCase User-Agent "^moget" bad_bot
SetEnvIfNoCase User-Agent "^hloader" bad_bot
SetEnvIfNoCase User-Agent "^humanlinks" bad_bot
SetEnvIfNoCase User-Agent "^LinkextractorPro" bad_bot
SetEnvIfNoCase User-Agent "^Offline Explorer" bad_bot
SetEnvIfNoCase User-Agent "^Mata Hari" bad_bot
SetEnvIfNoCase User-Agent "^LexiBot" bad_bot
SetEnvIfNoCase User-Agent "^Web Image Collector" bad_bot
SetEnvIfNoCase User-Agent "^The Intraformant" bad_bot
SetEnvIfNoCase User-Agent "^True_Robot/1.0" bad_bot
SetEnvIfNoCase User-Agent "^True_Robot" bad_bot
SetEnvIfNoCase User-Agent "^BlowFish/1.0" bad_bot
SetEnvIfNoCase User-Agent "^JennyBot" bad_bot
SetEnvIfNoCase User-Agent "^MIIxpc/4.2" bad_bot
SetEnvIfNoCase User-Agent "^BuiltBotTough" bad_bot
SetEnvIfNoCase User-Agent "^ProPowerBot/2.14" bad_bot
SetEnvIfNoCase User-Agent "^BackDoorBot/1.0" bad_bot
SetEnvIfNoCase User-Agent "^toCrawl/UrlDispatcher" bad_bot
SetEnvIfNoCase User-Agent "^WebEnhancer" bad_bot
SetEnvIfNoCase User-Agent "^TightTwatBot" bad_bot
SetEnvIfNoCase User-Agent "^suzuran" bad_bot
SetEnvIfNoCase User-Agent "^VCI WebViewer VCI WebViewer Win32" bad_bot
SetEnvIfNoCase User-Agent "^VCI" bad_bot
SetEnvIfNoCase User-Agent "^Szukacz/1.4" bad_bot
SetEnvIfNoCase User-Agent "^QueryN Metasearch" bad_bot
SetEnvIfNoCase User-Agent "^Openfind data gathere" bad_bot
SetEnvIfNoCase User-Agent "^Openfind" bad_bot
SetEnvIfNoCase User-Agent "^Xenu's Link Sleuth 1.1c" bad_bot
SetEnvIfNoCase User-Agent "^Xenu's" bad_bot
SetEnvIfNoCase User-Agent "^Zeus" bad_bot
SetEnvIfNoCase User-Agent "^RepoMonkey Bait & Tackle/v1.01" bad_bot
SetEnvIfNoCase User-Agent "^RepoMonkey" bad_bot
SetEnvIfNoCase User-Agent "^Zeus 32297 Webster Pro V2.9 Win32" bad_bot
SetEnvIfNoCase User-Agent "^Webster Pro" bad_bot
SetEnvIfNoCase User-Agent "^EroCrawler" bad_bot
SetEnvIfNoCase User-Agent "^LinkScan/8.1a Unix" bad_bot
SetEnvIfNoCase User-Agent "^Keyword Density/0.9" bad_bot
SetEnvIfNoCase User-Agent "^Kenjin Spider" bad_bot
SetEnvIfNoCase User-Agent "^Cegbfeieh" bad_bot
SetEnvIfNoCase User-Agent "^Baiduspider" bad_bot

<Limit GET POST>
order allow,deny
allow from all
Deny from env=bad_bot
</Limit>

<Limit GET HEAD POST>
order allow,deny
deny from reverse.layeredtech.com
deny from macfixer.net
deny from haoliuliang.net
deny from nihaorr1.com
deny from aspder.com
deny from nmidahena.com
deny from keyweb.com
deny from keyweb.de
deny from keymachine.de
deny from theplanet.com
deny from 414151.com
# begin Baidu
deny from 119.63.192.
deny from 119.63.193.
deny from 119.63.194.
deny from 119.63.195.
deny from 119.63.196.
deny from 119.63.197.
deny from 119.63.198
deny from 119.63.199.
deny from 180.76.5.
deny from 220.181.
deny from 123.125.6.
# end Baidu
deny from 94.228.34
deny from 46.229.164
deny from 71.48.0.0 - 71.55.255.255
deny from 71.48.0.0/13
deny from 94.228.34
deny from 201.218.198.164
deny from 194.8.74.37
deny from 41.210.252.11
deny from 194.90.190.
deny from 83.228.50.0 - 83.228.51.255
deny from 85.255.112.0 - 85.255.127.255
deny from 70.84.0.0/16
deny from 70.85.0.0/16
deny from 70.86.0.0/16
deny from 70.87.0.0/16
deny from 208.43.0.0/16
deny from 87.118.0.0/16
deny from 58.56.0.0/16
deny from 58.57.0.0/16
deny from 58.58.0.0/16
deny from 58.59.0.0/16
deny from 125.125.0.0/16
deny from 92.48.84.0/24
deny from 188.92.72.0/24
deny from 188.92.75.0/24
deny from 188.92.76.0/24
deny from 188.92.77.0/24
deny from 91.201.64.0/24
deny from 91.201.66.0/24
deny from 81.52.143.0/24
deny from 195.2.241.0/24
deny from 193.252.149.0/24
deny from 88.208.222.0/24
deny from 67.212.189.0/24
deny from 194.186.53.0/24
deny from 92.241.168.0/24
deny from 92.241.169.0/24
deny from 77.241.42.0/24
deny from 77.241.43.0/24
deny from 212.235.92.0/24
deny from 78.157.143.0/24
deny from 83.228.51.0/24
allow from all
</LIMIT>

<Limit PUT DELETE>
order deny,allow
deny from all
</Limit>

# Voorkom bekijken .htaccess of andere bestanden

<Files .htaccess>
order allow,deny
deny from all
</Files>

RewriteRule ^sitemap.xml$ /forums/index.php?action=sitemap;xml

RewriteCond %{HTTP_REFERER} ^.*$
RewriteRule ^.*%27.*$ http://127.0.0.1/ [redirect,last]
RewriteRule ^.*%25.*$ http://127.0.0.1/ [redirect,last]
RewriteRule ^.*rush=.*$ http://127.0.0.1/ [redirect,last]
RewriteRule ^.*echr.*$ http://127.0.0.1/ [redirect,last]
RewriteRule ^.*esystem.*$ http://127.0.0.1/ [redirect,last]
RewriteRule ^.*wget.*$ http://127.0.0.1/ [redirect,last]

# prevent perl user agent (most often used by santy)

RewriteCond %{HTTP_USER_AGENT} ^lwp.* [NC]
RewriteRule ^.*$ http://127.0.0.1/ [R,L]

RewriteCond %{HTTP_REFERER} ^.*$

# Drugs / Herbal

RewriteCond %{HTTP_REFERER} (sleep-?deprivation) [NC,OR]
RewriteCond %{HTTP_REFERER} (sleep-?disorders) [NC,OR]
RewriteCond %{HTTP_REFERER} (insomnia) [NC,OR]
RewriteCond %{HTTP_REFERER} (phentermine) [NC,OR]
RewriteCond %{HTTP_REFERER} (phentemine) [NC,OR]
RewriteCond %{HTTP_REFERER} (vicodin) [NC,OR]
RewriteCond %{HTTP_REFERER} (hydrocodone) [NC,OR]
RewriteCond %{HTTP_REFERER} (levitra) [NC,OR]
RewriteCond %{HTTP_REFERER} (hgh-) [NC,OR]
RewriteCond %{HTTP_REFERER} (-hgh) [NC,OR]
RewriteCond %{HTTP_REFERER} (ultram-) [NC,OR]
RewriteCond %{HTTP_REFERER} (-ultram) [NC,OR]
RewriteCond %{HTTP_REFERER} (cialis) [NC,OR]
RewriteCond %{HTTP_REFERER} (soma-) [NC,OR]
RewriteCond %{HTTP_REFERER} (-soma) [NC,OR]
RewriteCond %{HTTP_REFERER} (diazepam) [NC,OR]
RewriteCond %{HTTP_REFERER} (gabapentin) [NC,OR]
RewriteCond %{HTTP_REFERER} (celebrex) [NC,OR]
RewriteCond %{HTTP_REFERER} (viagra) [NC,OR]
RewriteCond %{HTTP_REFERER} (fioricet) [NC,OR]
RewriteCond %{HTTP_REFERER} (ambien) [NC,OR]
RewriteCond %{HTTP_REFERER} (valium) [NC,OR]
RewriteCond %{HTTP_REFERER} (zoloft) [NC,OR]
RewriteCond %{HTTP_REFERER} (finasteride) [NC,OR]
RewriteCond %{HTTP_REFERER} (lamisil) [NC,OR]
RewriteCond %{HTTP_REFERER} (meridia) [NC,OR]
RewriteCond %{HTTP_REFERER} (allegra) [NC,OR]
RewriteCond %{HTTP_REFERER} (diflucan) [NC,OR]
RewriteCond %{HTTP_REFERER} (zovirax) [NC,OR]
RewriteCond %{HTTP_REFERER} (valtrex) [NC,OR]
RewriteCond %{HTTP_REFERER} (lipitor) [NC,OR]
RewriteCond %{HTTP_REFERER} (proscar) [NC,OR]
RewriteCond %{HTTP_REFERER} (acyclovir) [NC,OR]
RewriteCond %{HTTP_REFERER} (sildenafil) [NC,OR]
RewriteCond %{HTTP_REFERER} (tadalafil) [NC,OR]
RewriteCond %{HTTP_REFERER} (xenical) [NC,OR]
RewriteCond %{HTTP_REFERER} (melatonin) [NC,OR]
RewriteCond %{HTTP_REFERER} (xanax) [NC,OR]
RewriteCond %{HTTP_REFERER} (herbal) [NC,OR]
RewriteCond %{HTTP_REFERER} (drugs) [NC,OR]
RewriteCond %{HTTP_REFERER} (lortab) [NC,OR]
RewriteCond %{HTTP_REFERER} (adipex) [NC,OR]
RewriteCond %{HTTP_REFERER} (propecia) [NC,OR]
RewriteCond %{HTTP_REFERER} (carisoprodol) [NC,OR]
RewriteCond %{HTTP_REFERER} (tramadol) [NC]
RewriteRule .* - [F]

# Porn

RewriteCond %{HTTP_REFERER} (porno) [NC,OR]
RewriteCond %{HTTP_REFERER} (shemale) [NC,OR]
RewriteCond %{HTTP_REFERER} (gangbang) [NC,OR]
RewriteCond %{HTTP_REFERER} (-cock) [NC,OR]
RewriteCond %{HTTP_REFERER} (-anal) [NC,OR]
RewriteCond %{HTTP_REFERER} (-orgy) [NC,OR]
RewriteCond %{HTTP_REFERER} (cock-) [NC,OR]
RewriteCond %{HTTP_REFERER} (anal-) [NC,OR]
RewriteCond %{HTTP_REFERER} (orgy-) [NC,OR]
RewriteCond %{HTTP_REFERER} (singles-?christian) [NC,OR]
RewriteCond %{HTTP_REFERER} (dating-?christian) [NC,OR]
RewriteCond %{HTTP_REFERER} (cumeating) [NC,OR]
RewriteCond %{HTTP_REFERER} (cream-?pies) [NC,OR]
RewriteCond %{HTTP_REFERER} (cumsucking) [NC,OR]
RewriteCond %{HTTP_REFERER} (cumswapping) [NC,OR]
RewriteCond %{HTTP_REFERER} (cumfilled) [NC,OR]
RewriteCond %{HTTP_REFERER} (cumdripping) [NC,OR]
RewriteCond %{HTTP_REFERER} (krankenversicherung) [NC,OR]
RewriteCond %{HTTP_REFERER} (cumpussy) [NC,OR]
RewriteCond %{HTTP_REFERER} (suckingcum) [NC,OR]
RewriteCond %{HTTP_REFERER} (drippingcum) [NC,OR]
RewriteCond %{HTTP_REFERER} (pussycum) [NC,OR]
RewriteCond %{HTTP_REFERER} (swappingcum) [NC,OR]
RewriteCond %{HTTP_REFERER} (eatingcum) [NC,OR]
RewriteCond %{HTTP_REFERER} (cum-) [NC,OR]
RewriteCond %{HTTP_REFERER} (-cum) [NC,OR]
RewriteCond %{HTTP_REFERER} (sperm) [NC,OR]
RewriteCond %{HTTP_REFERER} (christian-?dating) [NC,OR]
RewriteCond %{HTTP_REFERER} (jewish-?singles) [NC,OR]
RewriteCond %{HTTP_REFERER} (sex-?meetings) [NC,OR]
RewriteCond %{HTTP_REFERER} (swinging) [NC,OR]
RewriteCond %{HTTP_REFERER} (swingers) [NC,OR]
RewriteCond %{HTTP_REFERER} (personals) [NC,OR]
RewriteCond %{HTTP_REFERER} (sleeping) [NC,OR]
RewriteCond %{HTTP_REFERER} (libido) [NC,OR]
RewriteCond %{HTTP_REFERER} (grannies) [NC,OR]
RewriteCond %{HTTP_REFERER} (mature) [NC,OR]
RewriteCond %{HTTP_REFERER} (enhancement) [NC,OR]
RewriteCond %{HTTP_REFERER} (sexual) [NC,OR]
RewriteCond %{HTTP_REFERER} (gay-?teen) [NC,OR]
RewriteCond %{HTTP_REFERER} (teen-?chat) [NC,OR]
RewriteCond %{HTTP_REFERER} (gay-?chat) [NC,OR]
RewriteCond %{HTTP_REFERER} (adult-?finder) [NC,OR]
RewriteCond %{HTTP_REFERER} (adult-?friend) [NC,OR]
RewriteCond %{HTTP_REFERER} (friend-?finder) [NC,OR]
RewriteCond %{HTTP_REFERER} (friend-?adult) [NC,OR]
RewriteCond %{HTTP_REFERER} (finder-?adult) [NC,OR]
RewriteCond %{HTTP_REFERER} (finder-?friend) [NC,OR]
RewriteCond %{HTTP_REFERER} (discrete-?encounters) [NC,OR]
RewriteCond %{HTTP_REFERER} (cheating-?wives) [NC,OR]
RewriteCond %{HTTP_REFERER} (housewives) [NC,OR]
RewriteCond %{HTTP_REFERER} (\-sex\.) [NC,OR]
RewriteCond %{HTTP_REFERER} (xxx) [NC,OR]
RewriteCond %{HTTP_REFERER} (snowballing) [NC]
RewriteRule .* - [F]

# Weight

RewriteCond %{HTTP_REFERER} (fat-) [NC,OR]
RewriteCond %{HTTP_REFERER} (-fat) [NC,OR]
RewriteCond %{HTTP_REFERER} (diet) [NC,OR]
RewriteCond %{HTTP_REFERER} (pills) [NC,OR]
RewriteCond %{HTTP_REFERER} (weight) [NC,OR]
RewriteCond %{HTTP_REFERER} (supplement) [NC]
RewriteRule .* - [F]

# Gambling

RewriteCond %{HTTP_REFERER} (texas-?hold-?em) [NC,OR]
RewriteCond %{HTTP_REFERER} (poker) [NC,OR]
RewriteCond %{HTTP_REFERER} (casino) [NC,OR]
RewriteCond %{HTTP_REFERER} (blackjack) [NC]
RewriteRule .* - [F]

# Loans / Finance

RewriteCond %{HTTP_REFERER} (mortgage) [NC,OR]
RewriteCond %{HTTP_REFERER} (refinancing) [NC,OR]
RewriteCond %{HTTP_REFERER} (cash-?advance) [NC,OR]
RewriteCond %{HTTP_REFERER} (cash-?money) [NC,OR]
RewriteCond %{HTTP_REFERER} (pay-?day) [NC]
RewriteRule .* - [F]

# User Agents

RewriteCond %{HTTP_USER_AGENT} (Program\ Shareware|Fetch\ API\ Request) [NC,OR]
RewriteCond %{HTTP_USER_AGENT} "Microsoft URL Control" [NC,OR]
RewriteCond %{HTTP_USER_AGENT} (Microsoft\ URL\ Control) [NC]
RewriteRule .* - [F]

# Misc / Specific Sites

RewriteCond %{HTTP_REFERER} (netwasgroup\.com) [NC,OR]
RewriteCond %{HTTP_REFERER} (nic4u\.com) [NC,OR]
RewriteCond %{HTTP_REFERER} (wear4u\.com) [NC,OR]
RewriteCond %{HTTP_REFERER} (foxmediasolutions\.com) [NC,OR]
RewriteCond %{HTTP_REFERER} (liveplanets\.com) [NC,OR]
RewriteCond %{HTTP_REFERER} (aeterna-tech\.com) [NC,OR]
RewriteCond %{HTTP_REFERER} (continentaltirebowl\.com) [NC,OR]
RewriteCond %{HTTP_REFERER} (chemsymphony\.com) [NC,OR]
RewriteCond %{HTTP_REFERER} (infolibria\.com) [NC,OR]
RewriteCond %{HTTP_REFERER} (globaleducationeurope\.net) [NC,OR]
RewriteCond %{HTTP_REFERER} (soma\.125mb\.com) [NC,OR]
RewriteCond %{HTTP_REFERER} (mitglied\.lycos\.de) [NC,OR]
RewriteCond %{HTTP_REFERER} (foxmediasolutions\.com) [NC,OR]
RewriteCond %{HTTP_REFERER} (jroundup\.com) [NC,OR]
RewriteCond %{HTTP_REFERER} (feathersandfurvanlines\.com) [NC,OR]
RewriteCond %{HTTP_REFERER} (conecrusher\.org) [NC,OR]
RewriteCond %{HTTP_REFERER} (sbj-broadcasting\.com) [NC,OR]
RewriteCond %{HTTP_REFERER} (edthompson\.com) [NC,OR]
RewriteCond %{HTTP_REFERER} (codychesnutt\.com) [NC,OR]
RewriteCond %{HTTP_REFERER} (artsmallforsenate\.com) [NC,OR]
RewriteCond %{HTTP_REFERER} (axionfootwear\.com) [NC,OR]
RewriteCond %{HTTP_REFERER} (protzonbeer\.com) [NC,OR]
RewriteCond %{HTTP_REFERER} (candiria\.com) [NC,OR]
RewriteCond %{HTTP_REFERER} (bigsitecity\.com) [NC,OR]
RewriteCond %{HTTP_REFERER} (coresat\.com) [NC,OR]
RewriteCond %{HTTP_REFERER} (istarthere\.com) [NC,OR]
RewriteCond %{HTTP_REFERER} (amateurvoetbal\.net) [NC,OR]
RewriteCond %{HTTP_REFERER} (alleghanyeda\.com) [NC,OR]
RewriteCond %{HTTP_REFERER} (xadulthosting\.com) [NC,OR]
RewriteCond %{HTTP_REFERER} (datashaping\.com) [NC,OR]
RewriteCond %{HTTP_REFERER} (zick\.biz) [NC,OR]
RewriteCond %{HTTP_REFERER} (newprinceton\.com) [NC,OR]
RewriteCond %{HTTP_REFERER} (dvdsqueeze\.com) [NC,OR]
RewriteCond %{HTTP_REFERER} (xopy\.com) [NC,OR]
RewriteCond %{HTTP_REFERER} (webdevboard\.com) [NC,OR]
RewriteCond %{HTTP_REFERER} (devaddict\.com) [NC,OR]
RewriteCond %{HTTP_REFERER} (eaton-inc\.com) [NC,OR]
RewriteCond %{HTTP_REFERER} (whiteguysgroup\.com) [NC,OR]
RewriteCond %{HTTP_REFERER} (guestbookz\.com) [NC,OR]
RewriteCond %{HTTP_REFERER} (webdevsquare\.com) [NC,OR]
RewriteCond %{HTTP_REFERER} (indfx\.net) [NC,OR]
RewriteCond %{HTTP_REFERER} (snap\.to) [NC,OR]
RewriteCond %{HTTP_REFERER} (2y\.net) [NC,OR]
RewriteCond %{HTTP_REFERER} (astromagia\.info) [NC,OR]
RewriteCond %{HTTP_REFERER} (jixx\.de) [NC,OR]
RewriteCond %{HTTP_REFERER} (free-?sms) [NC]
RewriteRule .* - [F]

# people search engines

RewriteCond %{HTTP_REFERER} ^.*123people.de.*$ [NC,OR]
RewriteCond %{HTTP_REFERER} ^.*findestars.de.*$ [NC,OR]
RewriteCond %{HTTP_REFERER} ^.*myonid.de.*$ [NC,OR]
RewriteCond %{HTTP_REFERER} ^.*peekyou.com.*$ [NC,OR]
RewriteCond %{HTTP_REFERER} ^.*pipl.com.*$ [NC,OR]
RewriteCond %{HTTP_REFERER} ^.*rapleaf.com.*$ [NC,OR]
RewriteCond %{HTTP_REFERER} ^.*snitch.name.*$ [NC,OR]
RewriteCond %{HTTP_REFERER} ^.*spock.com.*$ [NC,OR]
RewriteCond %{HTTP_REFERER} ^.*tweepz.com.*$ [NC,OR]
RewriteCond %{HTTP_REFERER} ^.*wink.com.*$ [NC,OR]
RewriteCond %{HTTP_REFERER} ^.*yasni.de.*$ [NC,OR]
RewriteCond %{HTTP_REFERER} ^.*yoname.com.*$ [NC,OR]
RewriteCond %{HTTP_REFERER} ^.*yourtraces.com.*$ [NC,OR]
RewriteCond %{HTTP_REFERER} ^.*zoominfo.com.*$ [NC]
RewriteRule .* - [F]

# Block Hotlinken

# RewriteCond %{HTTP_REFERER} !^$
# RewriteCond %{HTTP_REFERER} !^http://(www\.)?smokey-services.eu/.*$ [NC]
# RewriteRule \.(gif|jpg|png)$ - [F]

RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)?smokey-services.eu [NC]
RewriteRule \.(jpg|jpeg|png|gif|bmp|jpe|mng|ppm|psd|psp|svg|tif|wmp)$ - [NC,F,L]

RewriteCond %{HTTP_USER_AGENT} "^omgilibot" [NC]
RewriteRule .* - [F,L]

RewriteCond %{HTTP_USER_AGENT} Baiduspider [NC]
RewriteRule ^.* - [F,L]

RewriteCond %{REMOTE_ADDR} 94.228.34.*
RewriteRule .* - [F,L]

RewriteBase /
RewriteCond %{HTTP_USER_AGENT} ADSARobot|ah-ha|almaden|aktuelles|Anarchie|amzn_assoc|ASPSeek|ASSORT|ATHENS|Atomz|attach|attache|autoemailspider|BackWeb|Bandit|BatchFTP|bdfetch|big.brother|BlackWidow|bmclient|Boston\ Project|BravoBrian\ SpiderEngine\ MarcoPolo|Bot\ mailto:[email protected]|Buddy|Bullseye|bumblebee|capture|CherryPicker|ChinaClaw|CICC|clipping|Collector|Copier|Crescent|Crescent\ Internet\ ToolPak|Custo|cyberalert|DA$|Deweb|diagem|Digger|Digimarc|DIIbot|DISCo|DISCo\ Pump|DISCoFinder|Download\ Demon|Download\ Wonder|Downloader|Drip|DSurf15a|DTS.Agent|EasyDL|eCatch|ecollector|efp@gmx\.net|Email\ Extractor|EirGrabber|email|EmailCollector|EmailSiphon|EmailWolf|Express\ WebPictures|ExtractorPro|EyeNetIE|FavOrg|fastlwspider|Favorites\ Sweeper|Fetch|FEZhead|FileHound|FlashGet\ WebWasher|FlickBot|fluffy|FrontPage|GalaxyBot|Generic|Getleft|GetRight|GetSmart|GetWeb!|GetWebPage|gigabaz|Girafabot|Go\!Zilla|Go!Zilla|Go-Ahead-Got-It|GornKer|gotit|Grabber|GrabNet|Grafula|Green\ Research|grub-client|Harvest|hhjhj@yahoo|hloader|HMView|HomePageSearch|http\ generic|HTTrack|httpdown|httrack|ia_archiver|IBM_Planetwide|Image\ Stripper|Image\ Sucker|imagefetch|IncyWincy|Indy*Library|Indy\ Library|informant|Ingelin|InterGET|Internet\ Ninja|InternetLinkagent|Internet\ Ninja|InternetSeer\.com|Iria|Irvine|JBH*agent|JetCar|JOC|JOC\ Web\ Spider|JustView|KWebGet|Lachesis|larbin|LeechFTP|LexiBot|lftp|libwww|likse|Link|Link*Sleuth|LINKS\ ARoMATIZED|LinkWalker|LWP|lwp-trivial|Mag-Net|Magnet|Mac\ Finder|Mag-Net|Mass\ Downloader|MCspider|Memo|Microsoft.URL|MIDown\ tool|Mirror|Missigua\ Locator|Mister\ PiX|MMMtoCrawl\/UrlDispatcherLLL|^Mozilla$|Mozilla.*Indy|Mozilla.*NEWT|Mozilla*MSIECrawler|MS\ FrontPage*|MSFrontPage|MSIECrawler|MSProxy|multithreaddb|nationaldirectory|Navroad|NearSite|NetAnts|NetCarta|NetMechanic|netprospector|NetResearchServer|NetSpider|Net\ Vampire|NetZIP|NetZip\ Downloader|NetZippy|NEWT|NICErsPRO|Ninja|NPBot|Octopus|Offline\ Explorer|Offline\ Navigator|OpaL|Openfind|OpenTextSiteCrawler|OrangeBot|PageGrabber|Papa\ Foto|PackRat|pavuk|pcBrowser|PersonaPilot|Ping|PingALink|Pockey|Proxy|psbot|PSurf|puf|Pump|PushSite|QRVA|RealDownload|Reaper|Recorder|ReGet|replacer|RepoMonkey|Robozilla|Rover|RPT-HTTPClient|Rsync|Scooter|SearchExpress|searchhippo|searchterms\.it|Second\ Street\ Research|Seeker|Shai|Siphon|sitecheck|sitecheck.internetseer.com|SiteSnagger|SlySearch|SmartDownload|snagger|Snake|SpaceBison|Spegla|SpiderBot|sproose|SqWorm|Stripper|Sucker|SuperBot|SuperHTTP|Surfbot|SurfWalker|Szukacz|tAkeOut|tarspider|Teleport\ Pro|Templeton|TrueRobot|TV33_Mercator|UIowaCrawler|UtilMind|URLSpiderPro|URL_Spider_Pro|Vacuum|vagabondo|vayala|visibilitygap|VoidEYE|vspider|Web\ Downloader|w3mir|Web\ Data\ Extractor|Web\ Image\ Collector|Web\ Sucker|Wweb|WebAuto|WebBandit|web\.by\.mail|Webclipping|webcollage|webcollector|WebCopier|webcraft@bea|webdevil|webdownloader|Webdup|WebEMailExtrac|WebFetch|WebGo\ IS|WebHook|Webinator|WebLeacher|WEBMASTERS|WebMiner|WebMirror|webmole|WebReaper|WebSauger|Website|Website\ eXtractor|Website\ Quester|WebSnake|Webster|WebStripper|websucker|webvac|webwalk|webweasel|WebWhacker|WebZIP|Wget|Whacker|whizbang|WhosTalking|Widow|WISEbot|WWWOFFLE|x-Tractor|^Xaldon\ WebSpider|WUMPUS|Xenu|XGET|Zeus.*Webster|Zeus [NC]
RewriteRule ^.* - [F,L]

# BrowserMatchNoCase baiduspider bad_bot
# Order Deny,Allow
# Deny from env=bad_bot

# Deny bandwidth, Spam, data and login attacks (BotBanish - smokey-services.eu)

SetEnvIfNoCase User-Agent "Yandex" bad_bot
SetEnvIfNoCase User-Agent "ccbot" bad_bot
SetEnvIfNoCase User-Agent "cliqzbot" bad_bot
SetEnvIfNoCase User-Agent "seznambot" bad_bot
SetEnvIfNoCase User-Agent "bubing" bad_bot
SetEnvIfNoCase User-Agent "360Spider" bad_bot
SetEnvIfNoCase User-Agent "go-http-client" bad_bot
SetEnvIfNoCase User-Agent "mj12bot" bad_bot
SetEnvIfNoCase User-Agent "webcrawler" bad_bot
SetEnvIfNoCase User-Agent "gluten free crawler" bad_bot
SetEnvIfNoCase User-Agent "megaindex" bad_bot
SetEnvIfNoCase User-Agent "zgrab" bad_bot
SetEnvIfNoCase User-Agent "; obot" bad_bot
SetEnvIfNoCase User-Agent "semrushbot" bad_bot
SetEnvIfNoCase User-Agent "Curl" bad_bot
SetEnvIfNoCase User-Agent "linkdexbot" bad_bot
SetEnvIfNoCase User-Agent "barkrowler" bad_bot
SetEnvIfNoCase User-Agent "Grabber" bad_bot
<Limit GET POST HEAD>
Order Allow,Deny
Allow from all
Deny from env=bad_bot
</Limit>

# Deny bandwidth, Spam, data and login attacks (BotBanish - smokey-services.eu)

<Limit GET POST>
order allow,deny
allow from all
</Limit>
deny from 23.83.90.242
deny from 196.247.162.158
deny from 23.83.90.1
deny from 37.187.57.221
deny from 107.174.108.131
deny from 142.4.215.116
deny from 149.202.93.182
deny from 172.245.70.46
deny from 54.174.31.46
deny from 185.158.119.156
deny from 42.114.39.127
deny from 139.59.240.21
deny from 104.160.244.150
deny from 46.161.9.63
deny from 192.243.53.51
deny from 137.74.132.80
deny from 107.160.226.86
deny from 23.231.54.30
deny from 206.253.224.75
deny from 101.255.17.34
deny from 172.245.136.202
deny from 137.226.113.26
deny from 104.160.244.93
deny from 45.61.153.254
deny from 133.130.49.166
deny from 107.174.108.138
deny from 78.46.174.55
deny from 107.174.226.167
deny from 107.174.108.133
deny from 104.131.147.112
deny from 45.61.154.171
deny from 176.10.99.200
deny from 196.196.92.244
deny from 51.15.209.128
deny from 141.105.64.97
deny from 181.215.94.245
deny from 192.36.27.6
deny from 136.243.9.23
deny from 42.113.152.35
deny from 46.4.87.205
deny from 179.208.73.74
deny from 46.161.9.61
deny from 37.113.14.71
deny from 178.63.97.34
deny from 34.239.246.197
deny from 211.108.3.235
deny from 42.236.49.26
deny from 42.236.49.26
deny from 42.236.102.157
deny from 42.236.49.199
deny from 35.153.17.161
deny from 80.211.254.102
deny from 43.252.159.195
deny from 23.94.171.181
deny from 191.101.73.184
deny from 77.75.79.109
deny from 46.119.115.251
deny from 82.166.195.72
deny from 107.160.226.183
deny from 62.210.37.82
deny from 124.41.240.63
deny from 91.200.12.25
deny from 162.247.72.202
deny from 18.197.12.51
deny from 185.220.101.18
deny from 77.247.181.163
deny from 54.167.29.208
deny from 178.154.171.42
deny from 178.20.55.16
deny from 23.94.171.166
deny from 144.76.23.212

[Randem]

OK, I don't see anything there. I looked at the response from your site and all I am getting are headers so that must mean that there is an unrecoverable error on your side. Please attach the BotBanish logs from your logs folder in the root

[Starbuck501]

There's quite a few, not sure what you want but here's some.

[Randem]

I will look at those but I was looking for the ones in the location of your .htaccess file there is a folder titled logs I woul dlike to see the one from today. The logs would have the look of

BotBanish_Client_2.2.05_(SMF)_Error_xxxxxxx_2018-03-03.log

[Starbuck501]

Ok, hopefully this is what you want....

[Randem]

Yes, it was! There was a server update yesterday and something fell thru. The message in that file allowed me to fix the issue.
You do not need to do anything. Thanks for your help!

[Starbuck501]

Thanks for your help!

I should be thanking you.
You have been a great help to me.

[Randem]

BotBanish Client 3.0.0 Beta is ready for use.
Features found in Botbanish 3.0.0
Other Info

[Kiriakos GR]

Why Yandex that is Russian Google, this is considered as bad bot ?

Is it realist ?  Entire traffic of any forum to be send for analysis at one anonymous server, which if this goes down, all related forums will have issues.
I am sorry but I do not consider as wise thought the use of such server - client based mod.

SMF this is defenseless against bad bots, and also against tracking software which every company this running server-hosting-business it does sending today their own trackers, and such tremendous and  useless web traffic it does consume our bandwidth and server CPU resources, and slows down database speed.

Personally I do IP blocking (due server configuration) to all trackers send by server-hosting-business, and new members registration this is also supervised by me in person.
In past six years never had any security issues.
In simple English if you do not personally protect your property by you working at it and spending your own time, no one else will keep it secure for you. 
 

     

[Randem]

What is good for one is not good for all. You should have noticed that any individual can decide what is good for their site. If one wanted Yandex to hit their site then they could have it sit on their site all day long and BotBanish would not care. You should really read the documentation or ask questions before giving uninformed bad information. It takes no effort at all to bash but it does take a little reading to be well informed before giving an uninformed opinion and attempting to get others to follow your lead. If you truly want to help someone, give fact based information that can be verified. None of what you say is true and THAT CAN BE VERIFIED by anyone.

[Kiriakos GR]

If you truly want to help someone, give fact based information that can be verified.
None of what you say is true and THAT CAN BE VERIFIED by anyone.

I will agree on the part that at BotBanish website what it is missing this is a picture of your face and your name as web project developer.
Personally I do not deliver my faith to any one hiding behind a web page.
What I did suggest to this community of forum administrators, this is them to think twice before making a decision of using this mod.

Few messages above, Starbuck501 reported issues, which you solved by you correcting your own server configuration.
This is enough for me as truly verified evidence, which every one here he can also verify too.

[Starbuck501]

I will agree on the part that at BotBanish website what it is missing this is a picture of your face and your name as web project developer.
Personally I do not deliver my faith to any one hiding behind a web page.

Anyone can put a pic up... it doesn't mean anything.
As a site owner myself, my pic isn't on my site and as with most of us we don't use our real names.
Hence.... Starbuck501.

I don't have any problem using BotBanish.
Every time BotBanish stops a known Bad Bot or a Brute Force registration attack attempt .... I get a notification.
In one month I had 106 notifications.
I do check all the IP address's to make sure... and have only had 2 so far that weren't on the bad Bot List or listed on SFS.
One of those was a bot that I wanted to allow.
Following the instructions on the BotBanish site, It was easy to alter the database and allow this bot.
Overall I think it's been a worthwhile program to install and has saved me some grief.

[Kiriakos GR]

I don't have any problem using BotBanish.

Neither Google search has any problems either, they are simply forced to pay electric bills of more than 100 servers worldwide so all users of this service to not feel any slowdown.     

[Starbuck501]

Received this notification today:

BotBanishClient: .htacces File May Be Improperly Formatted, Data is Missing or WRONG FILE USED - PLEASE CORRECT

A deny IP Address entry was found in the IP table AND in the .htacces file.
It is still being allowed access to the system. We should not be seeing this IP - ACCOUNT WILL BE TERMINATED IF THIS CONTINUES!!!

IP Address: 36.57.180.156
User Agent: Mozilla/5.0 (Windows NT 8.1; WOW64; rv:32.1) Gecko/20100101 Firefox/32.1

Followed by this notification....

A BOT/USER is attacking the system. It has been terminated

IP Address: 36.57.180.156
User Agent: Mozilla/5.0 (Windows NT 5.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.112 Safari/537.36

Can you explain why the first notification came through.

Thanks.