#1
  1. Contributing User
    Devshed Novice (500 - 999 posts)

    Join Date
    Nov 2003
    Posts
    698
    Rep Power
    95

    Excessive visits from China


    I have a dedicated server where I host a few domains struggling to make a living. One of the domains I host is there just for me to "play" and learn. I installed phpbb to learn how to configure it and learn from it. The forum was open only for me and no one else. Recently I checked the access graph and I saw that there were thousands of hist every day from China. Eventually the domain that I had reached its bandwidth limit and it stopped serving data.

    They were hitting the server pages 30,000 to 80,000. My customers are all from the US. The customer has an ID and password and the data is there for the customers only and no one else.

    Is there a way to block visitors from other countries? Or is there a scheme that I could implement to completely block rogue visitors?
    Evan
  2. #2
  3. No Profile Picture
    Contributing User
    Devshed Novice (500 - 999 posts)

    Join Date
    Oct 2009
    Location
    Nebraska, USA
    Posts
    875
    Rep Power
    275
    maybe something like THIS?
  4. #3
  5. Contributing User
    Devshed Novice (500 - 999 posts)

    Join Date
    Nov 2003
    Posts
    698
    Rep Power
    95
    I will check it out. I deleted the phpbb data because I didn't waste my bandwidth but I will recreate it and report here again.

    First I will create the forum and wait for the hits to begin and then I will implement the suggested solution.
    Evan
  6. #4
  7. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Dec 2013
    Posts
    5
    Rep Power
    0
    Ip2location should help.
    I am curious though: have you also considered blocking at a lower level than at apache(app) level?
  8. #5
  9. Contributing User
    Devshed Novice (500 - 999 posts)

    Join Date
    Nov 2003
    Posts
    698
    Rep Power
    95
    I will check your suggestion.

    I found ipinfo.io that allows me to detect the country and I incorporated it into my websites. Now, I produce an error "Database Error! Connection Failed?" I also created a table and I add the failures and successes, country of origin, page they visited and if I decided to allow or block the visitor. Now I get visits from China but they go away and don't comeback.

    I am very interested in learning how to do it in apache but I don't want to do it via IP.

    There are lots of places where you can download a list of IPs for each country but the IPs I had did not match and I gave that idea up quickly.

    Evan
    Evan
  10. #6
  11. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Dec 2013
    Posts
    5
    Rep Power
    0
    Cool.
    It is just that if you block at iptables or network level, your server will not be burdened as much as you will if you allow it to go to the web server(apache, here). But if you have a shared account on a server - and not root access - then a web site level block may be the only option.

    If country is not the only block you want and you would also like to block other rogue IPs, you could use this free API. apis.secpanel.com


    Originally Posted by epanagio
    I will check your suggestion.

    I found ipinfo.io that allows me to detect the country and I incorporated it into my websites. Now, I produce an error "Database Error! Connection Failed?" I also created a table and I add the failures and successes, country of origin, page they visited and if I decided to allow or block the visitor. Now I get visits from China but they go away and don't comeback.

    I am very interested in learning how to do it in apache but I don't want to do it via IP.

    There are lots of places where you can download a list of IPs for each country but the IPs I had did not match and I gave that idea up quickly.

    Evan

IMN logo majestic logo threadwatch logo seochat tools logo