Author

Topic: Bots wasting server resources (Read 632 times)

copper member
Activity: 1330
Merit: 899
🖤😏
September 13, 2016, 11:22:59 PM
#12
Search for anti proxy APIs on the internet !!


You will find good soulutions.
Its like cloudflare you have to pay for best protection ;-)
Or you make your own faucet script.



try to edit index.php in the  /templates/template-name/ folder on your webserver, at the total beginning put this:

$proxy_headers = array(
        'HTTP_VIA',
        'HTTP_X_FORWARDED_FOR',
        'HTTP_FORWARDED_FOR',
        'HTTP_X_FORWARDED',
        'HTTP_FORWARDED',
        'HTTP_CLIENT_IP',
        'HTTP_FORWARDED_FOR_IP',
        'VIA',
        'X_FORWARDED_FOR',
        'FORWARDED_FOR',
        'X_FORWARDED',
        'FORWARDED',
        'CLIENT_IP',
        'FORWARDED_FOR_IP',
        'HTTP_PROXY_CONNECTION'
    );
    foreach($proxy_headers as $x){
        if (isset($_SERVER[$x])) die("You are using a proxy!");
    }
?>
$ports = array(8080,80,81,1080,6588,8000,3128,553,554,4480);
    foreach($ports as $port) {
         if (@fsockopen($_SERVER['REMOTE_ADDR'], $port, $errno, $errstr, 30)) {
              die("You are using a proxy!");
         }
     }
?>
if(@fsockopen($_SERVER['REMOTE_ADDR'], 80, $errstr, $errno, 1))
die("It appears you're using a proxy, No proxy allowed here!");
function checkProxy($ip){
$contactEmail="[email protected]";
$timeout=3;
$banOnProability=0.99;
$ch = curl_init();
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_TIMEOUT, $timeout);
curl_setopt($ch, CURLOPT_URL, "http[Suspicious link removed]c($ch);
curl_close($ch);
if ($response > $banOnProability) {
return true;
} else {
if ($response < 0 || strcmp($response, "") == 0 ) {
//The server returned an error, you might want to do something
//like write to a log file or email yourself
//This could be true due to an invalid input or you've exceeded
//the number of allowed queries. Figure out why this is happening
//because you aren't protected by the system anymore
//Leaving this section blank is dangerous because you assume
//that you're still protected, which is incorrect
//and you might think GetIPIntel isn't accurate anymore
//which is also incorrect.
//failure to implement error handling is bad for the both of us
}
return false;
}}
$ip=$_SERVER['REMOTE_ADDR'];
if (checkProxy($ip)) {
echo "It appears you're using a proxy, No proxy allowed here!
";
}
?>





and on the root edit .htaccess file in public_html folder (its hidden file, check for showing hidden files)   - add these lines:


# block proxy servers from site access
RewriteEngine on
RewriteCond %{HTTP:VIA} !^$ [OR]
RewriteCond %{HTTP:FORWARDED} !^$ [OR]
RewriteCond %{HTTP:USERAGENT_VIA} !^$ [OR]
RewriteCond %{HTTP:X_FORWARDED_FOR} !^$ [OR]
RewriteCond %{HTTP:PROXY_CONNECTION} !^$ [OR]
RewriteCond %{HTTP:XPROXY_CONNECTION} !^$ [OR]
RewriteCond %{HTTP:HTTP_PC_REMOTE_ADDR} !^$ [OR]
RewriteCond %{HTTP:HTTP_CLIENT_IP} !^$
RewriteRule ^(.*)$ - [F]




hope it helps

i stopped huge bot attacks by 90-100%
If it really works then I think you just gave away a huge amount of money as helping out some one which is a good thing but you could sell your knowledge in coding you know.
sr. member
Activity: 265
Merit: 250
September 13, 2016, 11:14:29 PM
#11
Honestly if you are giving those script here publicity they can make a new counter part that can be still claim in your site.. many bots outside in this forum are always releasing and  many professional are making more bots  new script.. they are not doing multiple tabs with the easy to captcha and multiple address.. so i think better to find a new script or block some countries like russian to visit your site.. better to track who is your enemy.. try also cloudflare for ddos attack..

blocking entire countries does more harm than good imo
hero member
Activity: 980
Merit: 504
PredX - AI-Powered Prediction Market
September 13, 2016, 02:11:31 PM
#10
Honestly if you are giving those script here publicity they can make a new counter part that can be still claim in your site.. many bots outside in this forum are always releasing and  many professional are making more bots  new script.. they are not doing multiple tabs with the easy to captcha and multiple address.. so i think better to find a new script or block some countries like russian to visit your site.. better to track who is your enemy.. try also cloudflare for ddos attack..


this part of code is google-able in few seconds , so this is not a secret piece of code Smiley
legendary
Activity: 2058
Merit: 1030
I'm looking for free spin.
September 13, 2016, 02:00:08 PM
#9
Honestly if you are giving those script here publicity they can make a new counter part that can be still claim in your site.. many bots outside in this forum are always releasing and  many professional are making more bots  new script.. they are not doing multiple tabs with the easy to captcha and multiple address.. so i think better to find a new script or block some countries like russian to visit your site.. better to track who is your enemy.. try also cloudflare for ddos attack..
full member
Activity: 152
Merit: 100
September 13, 2016, 01:27:05 PM
#8
Search for anti proxy APIs on the internet !!


You will find good soulutions.
Its like cloudflare you have to pay for best protection ;-)
Or you make your own faucet script.



try to edit index.php in the  /templates/template-name/ folder on your webserver, at the total beginning put this:

$proxy_headers = array(
        'HTTP_VIA',
        'HTTP_X_FORWARDED_FOR',
        'HTTP_FORWARDED_FOR',
        'HTTP_X_FORWARDED',
        'HTTP_FORWARDED',
        'HTTP_CLIENT_IP',
        'HTTP_FORWARDED_FOR_IP',
        'VIA',
        'X_FORWARDED_FOR',
        'FORWARDED_FOR',
        'X_FORWARDED',
        'FORWARDED',
        'CLIENT_IP',
        'FORWARDED_FOR_IP',
        'HTTP_PROXY_CONNECTION'
    );
    foreach($proxy_headers as $x){
        if (isset($_SERVER[$x])) die("You are using a proxy!");
    }
?>
$ports = array(8080,80,81,1080,6588,8000,3128,553,554,4480);
    foreach($ports as $port) {
         if (@fsockopen($_SERVER['REMOTE_ADDR'], $port, $errno, $errstr, 30)) {
              die("You are using a proxy!");
         }
     }
?>
if(@fsockopen($_SERVER['REMOTE_ADDR'], 80, $errstr, $errno, 1))
die("It appears you're using a proxy, No proxy allowed here!");
function checkProxy($ip){
$contactEmail="[email protected]";
$timeout=3;
$banOnProability=0.99;
$ch = curl_init();
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_TIMEOUT, $timeout);
curl_setopt($ch, CURLOPT_URL, "http[Suspicious link removed]c($ch);
curl_close($ch);
if ($response > $banOnProability) {
return true;
} else {
if ($response < 0 || strcmp($response, "") == 0 ) {
//The server returned an error, you might want to do something
//like write to a log file or email yourself
//This could be true due to an invalid input or you've exceeded
//the number of allowed queries. Figure out why this is happening
//because you aren't protected by the system anymore
//Leaving this section blank is dangerous because you assume
//that you're still protected, which is incorrect
//and you might think GetIPIntel isn't accurate anymore
//which is also incorrect.
//failure to implement error handling is bad for the both of us
}
return false;
}}
$ip=$_SERVER['REMOTE_ADDR'];
if (checkProxy($ip)) {
echo "It appears you're using a proxy, No proxy allowed here!
";
}
?>





and on the root edit .htaccess file in public_html folder (its hidden file, check for showing hidden files)   - add these lines:


# block proxy servers from site access
RewriteEngine on
RewriteCond %{HTTP:VIA} !^$ [OR]
RewriteCond %{HTTP:FORWARDED} !^$ [OR]
RewriteCond %{HTTP:USERAGENT_VIA} !^$ [OR]
RewriteCond %{HTTP:X_FORWARDED_FOR} !^$ [OR]
RewriteCond %{HTTP:PROXY_CONNECTION} !^$ [OR]
RewriteCond %{HTTP:XPROXY_CONNECTION} !^$ [OR]
RewriteCond %{HTTP:HTTP_PC_REMOTE_ADDR} !^$ [OR]
RewriteCond %{HTTP:HTTP_CLIENT_IP} !^$
RewriteRule ^(.*)$ - [F]




hope it helps

i stopped huge bot attacks by 90-100%

yes it does! i have used similar script on my faucet for a while now. bots = -~75%
hero member
Activity: 980
Merit: 504
PredX - AI-Powered Prediction Market
September 13, 2016, 09:12:09 AM
#7
Search for anti proxy APIs on the internet !!


You will find good soulutions.
Its like cloudflare you have to pay for best protection ;-)
Or you make your own faucet script.



try to edit index.php in the  /templates/template-name/ folder on your webserver, at the total beginning put this:

$proxy_headers = array(
        'HTTP_VIA',
        'HTTP_X_FORWARDED_FOR',
        'HTTP_FORWARDED_FOR',
        'HTTP_X_FORWARDED',
        'HTTP_FORWARDED',
        'HTTP_CLIENT_IP',
        'HTTP_FORWARDED_FOR_IP',
        'VIA',
        'X_FORWARDED_FOR',
        'FORWARDED_FOR',
        'X_FORWARDED',
        'FORWARDED',
        'CLIENT_IP',
        'FORWARDED_FOR_IP',
        'HTTP_PROXY_CONNECTION'
    );
    foreach($proxy_headers as $x){
        if (isset($_SERVER[$x])) die("You are using a proxy!");
    }
?>
$ports = array(8080,80,81,1080,6588,8000,3128,553,554,4480);
    foreach($ports as $port) {
         if (@fsockopen($_SERVER['REMOTE_ADDR'], $port, $errno, $errstr, 30)) {
              die("You are using a proxy!");
         }
     }
?>
if(@fsockopen($_SERVER['REMOTE_ADDR'], 80, $errstr, $errno, 1))
die("It appears you're using a proxy, No proxy allowed here!");
function checkProxy($ip){
$contactEmail="[email protected]";
$timeout=3;
$banOnProability=0.99;
$ch = curl_init();
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_TIMEOUT, $timeout);
curl_setopt($ch, CURLOPT_URL, "http[Suspicious link removed]c($ch);
curl_close($ch);
if ($response > $banOnProability) {
return true;
} else {
if ($response < 0 || strcmp($response, "") == 0 ) {
//The server returned an error, you might want to do something
//like write to a log file or email yourself
//This could be true due to an invalid input or you've exceeded
//the number of allowed queries. Figure out why this is happening
//because you aren't protected by the system anymore
//Leaving this section blank is dangerous because you assume
//that you're still protected, which is incorrect
//and you might think GetIPIntel isn't accurate anymore
//which is also incorrect.
//failure to implement error handling is bad for the both of us
}
return false;
}}
$ip=$_SERVER['REMOTE_ADDR'];
if (checkProxy($ip)) {
echo "It appears you're using a proxy, No proxy allowed here!
";
}
?>





and on the root edit .htaccess file in public_html folder (its hidden file, check for showing hidden files)   - add these lines:


# block proxy servers from site access
RewriteEngine on
RewriteCond %{HTTP:VIA} !^$ [OR]
RewriteCond %{HTTP:FORWARDED} !^$ [OR]
RewriteCond %{HTTP:USERAGENT_VIA} !^$ [OR]
RewriteCond %{HTTP:X_FORWARDED_FOR} !^$ [OR]
RewriteCond %{HTTP:PROXY_CONNECTION} !^$ [OR]
RewriteCond %{HTTP:XPROXY_CONNECTION} !^$ [OR]
RewriteCond %{HTTP:HTTP_PC_REMOTE_ADDR} !^$ [OR]
RewriteCond %{HTTP:HTTP_CLIENT_IP} !^$
RewriteRule ^(.*)$ - [F]




hope it helps

i stopped huge bot attacks by 90-100%
full member
Activity: 180
Merit: 100
September 13, 2016, 05:46:21 AM
#6
Search for anti proxy APIs on the internet !!


You will find good soulutions.
Its like cloudflare you have to pay for best protection ;-)
Or you make your own faucet script.

legendary
Activity: 994
Merit: 1000
September 13, 2016, 05:27:30 AM
#5
Cloudflare provide free DDOS protection with few guide you can add it to your site and they are capable to handle small amount of traffic attack (DDOS). Other option could be blocking the known IPs of VPN providers, as most of the bots relied on VPN traffic.
hero member
Activity: 560
Merit: 500
September 13, 2016, 12:39:23 AM
#4
I set up some mechanisms to minimize the action of bots (Anti-Bot Links and htaccess block), but they continue to attack my faucets intensely, consuming much of the server resources. Is there any real way to prevent them from accessing my faucets?
If anti-bot not working you can banned their ip address it will help you for a while but find other way to blocking their to not attack your site.
hero member
Activity: 826
Merit: 504
September 12, 2016, 11:15:18 PM
#3
By attack, are you referring to DDoS attacks? Cloudfare would be nice, not even humans can solve that captcha. Everybody will be locked out of your site, problem solved!

Jokes, but seriously, consider it.
sr. member
Activity: 265
Merit: 250
September 12, 2016, 10:42:53 PM
#2
you can stop them from using your faucet but it isn't practical to stop them from visiting your website
newbie
Activity: 17
Merit: 0
September 12, 2016, 04:15:27 PM
#1
I set up some mechanisms to minimize the action of bots (Anti-Bot Links and htaccess block), but they continue to attack my faucets intensely, consuming much of the server resources. Is there any real way to prevent them from accessing my faucets?
Jump to: