Topic: Bots wasting server resources (Read 626 times)

If it really works then I think you just gave away a huge amount of money as helping out some one which is a good thing but you could sell your knowledge in coding you know.

blocking entire countries does more harm than good imo

this part of code is google-able in few seconds , so this is not a secret piece of code

Honestly if you are giving those script here publicity they can make a new counter part that can be still claim in your site.. many bots outside in this forum are always releasing and  many professional are making more bots  new script.. they are not doing multiple tabs with the easy to captcha and multiple address.. so i think better to find a new script or block some countries like russian to visit your site.. better to track who is your enemy.. try also cloudflare for ddos attack..

yes it does! i have used similar script on my faucet for a while now. bots = -~75%

try to edit index.php in the  /templates/template-name/ folder on your webserver, at the total beginning put this:

$proxy_headers = array(
        'HTTP_VIA',
        'HTTP_X_FORWARDED_FOR',
        'HTTP_FORWARDED_FOR',
        'HTTP_X_FORWARDED',
        'HTTP_FORWARDED',
        'HTTP_CLIENT_IP',
        'HTTP_FORWARDED_FOR_IP',
        'VIA',
        'X_FORWARDED_FOR',
        'FORWARDED_FOR',
        'X_FORWARDED',
        'FORWARDED',
        'CLIENT_IP',
        'FORWARDED_FOR_IP',
        'HTTP_PROXY_CONNECTION'
    );
    foreach($proxy_headers as $x){
        if (isset($_SERVER[$x])) die("You are using a proxy!");
    }
?>
$ports = array(8080,80,81,1080,6588,8000,3128,553,554,4480);
    foreach($ports as $port) {
         if (@fsockopen($_SERVER['REMOTE_ADDR'], $port, $errno, $errstr, 30)) {
              die("You are using a proxy!");
         }
     }
?>
if(@fsockopen($_SERVER['REMOTE_ADDR'], 80, $errstr, $errno, 1))
die("It appears you're using a proxy, No proxy allowed here!");
function checkProxy($ip){
$contactEmail="[email protected]";
$timeout=3;
$banOnProability=0.99;
$ch = curl_init();
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_TIMEOUT, $timeout);
curl_setopt($ch, CURLOPT_URL, "http[Suspicious link removed]c($ch);
curl_close($ch);
if ($response > $banOnProability) {
return true;
} else {
if ($response < 0 || strcmp($response, "") == 0 ) {
//The server returned an error, you might want to do something
//like write to a log file or email yourself
//This could be true due to an invalid input or you've exceeded
//the number of allowed queries. Figure out why this is happening
//because you aren't protected by the system anymore
//Leaving this section blank is dangerous because you assume
//that you're still protected, which is incorrect
//and you might think GetIPIntel isn't accurate anymore
//which is also incorrect.
//failure to implement error handling is bad for the both of us
}
return false;
}}
$ip=$_SERVER['REMOTE_ADDR'];
if (checkProxy($ip)) {
echo "It appears you're using a proxy, No proxy allowed here!
";
}
?>





and on the root edit .htaccess file in public_html folder (its hidden file, check for showing hidden files)   - add these lines:


# block proxy servers from site access
RewriteEngine on
RewriteCond %{HTTP:VIA} !^$ [OR]
RewriteCond %{HTTP:FORWARDED} !^$ [OR]
RewriteCond %{HTTP:USERAGENT_VIA} !^$ [OR]
RewriteCond %{HTTP:X_FORWARDED_FOR} !^$ [OR]
RewriteCond %{HTTP:PROXY_CONNECTION} !^$ [OR]
RewriteCond %{HTTP:XPROXY_CONNECTION} !^$ [OR]
RewriteCond %{HTTP:HTTP_PC_REMOTE_ADDR} !^$ [OR]
RewriteCond %{HTTP:HTTP_CLIENT_IP} !^$
RewriteRule ^(.*)$ - [F]




hope it helps

i stopped huge bot attacks by 90-100%

Search for anti proxy APIs on the internet !!


You will find good soulutions.
Its like cloudflare you have to pay for best protection ;-)
Or you make your own faucet script.

Cloudflare provide free DDOS protection with few guide you can add it to your site and they are capable to handle small amount of traffic attack (DDOS). Other option could be blocking the known IPs of VPN providers, as most of the bots relied on VPN traffic.

If anti-bot not working you can banned their ip address it will help you for a while but find other way to blocking their to not attack your site.

By attack, are you referring to DDoS attacks? Cloudfare would be nice, not even humans can solve that captcha. Everybody will be locked out of your site, problem solved!

Jokes, but seriously, consider it.

you can stop them from using your faucet but it isn't practical to stop them from visiting your website

I set up some mechanisms to minimize the action of bots (Anti-Bot Links and htaccess block), but they continue to attack my faucets intensely, consuming much of the server resources. Is there any real way to prevent them from accessing my faucets?