Warning about Bots In Recent Days

Discussion in 'General Chat' started by david62311, Aug 1, 2022.

  1. david62311

    david62311 Well-Known Member

    Joined:
    Aug 29, 2013
    Messages:
    2,183
    Likes Received:
    251
    Hello-o-o-o-o-o-o-o! Echo-o-o-o-o-o-o-o!

    To anybody reading this that have followed my .htaccess blocks for blocking bots. I don't know that anybody is here anymore but, if you are still Hello to you!

    I've kept bots off my Webid site by blocking anything that used an older browser. Google and Firefox are both currently at Version 103. The bots usually used an older browser user-agent signature but, in recent days they have been using chrome/103 and have been trying to register on my Webid site. Fortunately for me, I have backup security protocols and if the bots don't type in the correct information, they will be rejected silently. I'm not going to mention it here what it is because the bots were in here before and may still be in here.

    I've gone ahead and blocked the latest chrome/103 browser in my .htaccess file. I don't like doing that but, I feel like I had to. It's not like people are using my Webid site so, it doesn't matter that I block that browser. If you want to see my .htaccess blocks then search this forum.

    Seeing that the bots have upped their game, I will recommend keeping an eye on your Webid sites because the bots are starting to get even more brutal now. I hope the bots don't keep updating their user-agent browser number because then, I will have to figure out what is in common with the bots that I have to block. It's so much more easier to just block older browser numbers.

    By the way, the bots seem to like to come in to my Webid Site to register through the adsearch.php page.

    I hope you all are doing well! Best wishes to you all!
     
  2. david62311

    david62311 Well-Known Member

    Joined:
    Aug 29, 2013
    Messages:
    2,183
    Likes Received:
    251
    Chrome has already advanced to version 104. 103 didn't last very long.

    It just surprised me to see a bot program using a current browser version number as their signature.

    You can easily block chrome/103 via adding a block code to the .htaccess file but, I'm looking at the Microsoft Edge browser number signature and for some reason it's showing chrome/103. This was it's signature today.

    These are the user-agent signatures that I've seen with the bots hitting my Webid site in the last few days and today:
    I had blocked edg, Vivaldi, Yabrowser, and Yowser because the bots will probably advance to a newer version eventually. I didn't realize what edg was until I remembered I had the Microsoft Edge browser not by choice on my Windows computer.

    You can add this below to your .htaccess file just as it is.

    Code:
    # BLOCK USER AGENTS
    RewriteEngine on
    RewriteCond %{HTTP_USER_AGENT} Vivaldi [NC,OR]
    RewriteCond %{HTTP_USER_AGENT} YaBrowser [NC]
    RewriteRule !^robots\.txt$ - [F]
    If you add it to a bigger list then make sure you use the OR or you have only the NC at the end of the coding. I am not sure if this will cause an issue blocking out good users but, I will keep an eye out to see if it does. The activity that I am seeing now on my site is from bot activity and they are using the signatures that I listed above. For us Webid users to tell is if you see multiple IP addresses using the same user-agent signature in the same minute. They are coming for item 35 on my site. If they were different real user IPs then the user-agent would change.
     
    Last edited: Aug 4, 2022

Share This Page