International Forum attacks

  • Answered
I setup a test Forum to show off the option for a new domain and was inundated with attacks. I only noticed after a month and deleted the forum.

Now I continue to get about 200 queries / attacks every night. I've already sent many IP's and even entire countries to deny from IP address using .htaccess. The blocked ones go to error 403, which actually shows the users's IP, announces that they are illegally attacking and then hits the user's own IP address with an http request after 5 seconds.

If they go to 404, I add that country, or IP to my block list. My HTTP traffic eased from 15 GB a month to about 500 MB and the site is not even the real company's site yet and so the traffic is 99% attacks.

Is there anyway to head them off more at the pass and stop them before even hitting the site and generating a 403 error and using my bandwidth?

Also updated robots.txt to stop the spiders from crawling non-existent forums I saw in the logs.

User-agent: AhrefsBot
Disallow: /
User-agent: baidu
Disallow: /
User-agent: utel
Disallow: /
User-agent: BaiduBot
Disallow: /
User-agent: UtelBot
Disallow: /

Any other ideas???


Hello alexstorm,

When you become the target of an attacker (human or bot) things can get difficult for a while as you take steps to block them. They seem tedious but necessary to block the attackers while keeping access open to everyone else. You are doing all the right things and it shows you are having success. Keep it up and the attackers will eventually find an easier target.

Best Regards,
Scott M