please help, I get many many POST requests from bots like Casper Bot Search, sledink Bot Search, rk q kangen, and dex Bot Search. They want to post to file contact.php which doesn't exist on WordPress sites.
My site gets very slow because these POSTs come sometimes every second.
Is there a way to filter or deny the access of these bad bots DDoS appearing in my access.log file?
Thank you all
Pit
Wordpress and Webdesign Forum go41 » WordPress Code Snippets
-
Pit
MemberPosted 1 year ago # -
running a WordPress site these POSTs will run into a 404 error.
These bots try to find sites running on 'j o o m l a' or 'e 1 0 4'
I got one WordPress site where I write sometimes about these CMSs and stupid bots think this site is running on either of this two.
Very frequent access of Casper Bot Search, sledink Bot Search, rk q kangen, dex Bot Search, kmccrew Bot Search, Mozilla/4.76 [ru] (X11; U; SunOS 5.7 sun4u, "Mozilla/5.0", MaMa CaSpEr or plaNETWORK Bot Search can slow down your server!
In access.log it looks like this:
213.189.27.126 - - [09/Jul/2010:07:26:54 +0200] "POST /contact.php HTTP/1.1" 403 - "-" "Casper Bot Search"
or
87.229.26.132 - - [09/Jul/2010:07:20:05 +0200] "POST /tag//contact.php HTTP/1.1" 403 - "-" "plaNETWORK Bot Search"
or (POST /powered)
92.60.176.46 - - [09/Jul/2010:06:59:46 +0200] "POST /%22powered HTTP/1.1" 403 - "-" "MaMa CaSpEr"I use some lines in .htaccess to block these bots:
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{REQUEST_URI} contact\.php [NC,OR]
RewriteCond %{REQUEST_URI} powered [NC,OR]
RewriteCond %{QUERY_STRING} ^.*(contact\.php).*$ [NC,OR]
RewriteCond %{QUERY_STRING} ^.*(powered).*$ [NC]
RewriteRule . forgetit.php [L]
</IfModule>this rewrites the requests to a file in the root of your site.
The content of this actually empty file is:<?php
header("HTTP/1.1 403 Forbidden");
?>Attention! having a file with the name contact.php will make this file useless!
Posted 1 year ago #
Reply
You must log in to post.