Précédent   MicroClick-Québec.ca > PAGE WEB - AUDIO/VIDÉO/TV-HD - PHOTO - TÉLÉPHONIE MOBILE - INFOGRAPHIE - TABLETTES - LISEUSES > Page Web

Notices

Page Web Langage HTML - Javascript - PhpBB etc

Réponse
 
Outils de la discussion Modes d'affichage
Vieux 28/10/2018, 11h12   #1
Mondo
Visiteur
 
Messages: n/a
Post Bloquer les étrangers avec htaccess

Comment bloquer les étrangers qui se connectent ou qui essaient de se connecter sur un forum, un blog, un site web.

Pour un forum ou une page web:
- utiliser un bon captcha
- créer un fichier .htaccess à la racine du forum/site avec la plage d'IP bloquée. Il est même possible de bloquer tous les IP sauf par exemple, les IP du Québec et de la France...

Exemple de htaccess utilisé il y a plusieurs années (à modifier et à compléter selon les besoins):
Code:
RewriteEngine on
RewriteCond %{HTTP_USER_AGENT} libwww-perl [NC,OR]
RewriteCond %{HTTP_USER_AGENT} libwww-perl/5.805 [NC,OR]
RewriteCond %{HTTP_USER_AGENT} libwww-perl/5.803 [NC,OR]
RewriteCond %{HTTP_USER_AGENT} libwww-perl/5.835 [NC,OR]
RewriteCond %{HTTP_USER_AGENT} libwww-perl/5.837 [NC,OR]
RewriteCond %{HTTP_USER_AGENT} python.urllib [NC,OR]
RewriteCond %{HTTP_USER_AGENT} httpget [NC,OR]
RewriteCond %{HTTP_USER_AGENT} httrack [NC,OR]
RewriteCond %{HTTP_USER_AGENT} PhpDig [NC,OR]
RewriteCond %{HTTP_USER_AGENT} LWP::Simple [NC,OR]
RewriteCond %{HTTP_USER_AGENT} wget [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^pycurl/ [NC]
RewriteRule ^.* - [F]

SetEnvIfNoCase User-Agent "^libwww-perl" no_perl
<Limit GET POST>
Order Allow,Deny
Allow from all
Deny from env=no_perl
</Limit>

<files .htaccess>
order allow,deny
deny from all
</files>

# disable the server signature
ServerSignature Off

Options -Indexes

AddType video/ogg .ogm .ogv .ogg 
AddType video/mp4 .mp4 .m4v .f4v 
AddType video/webm .webm
AddType audio/ogg oga ogg
AddType audio/mp4 m4a

AuthName "Construction"
AuthUserFile "/home/zenzaz12/.htpasswds/public_html/passwd"


<Files 403.shtml>
order allow,deny
allow from all
</Files>

deny from 192.168.0.0/16
deny from 14.0.0.0/8
deny from 27.0.0.0/8
deny from 223.223.128.0/19
deny from 94.23.192.0/18
deny from 94.76.200.0/24
deny from 4.0.0.0/8
deny from 39.0.0.0/8
deny from 46.0.0.0/8
deny from 50.128.0.0/9
deny from 67.215.224.0/19
deny from 71.19.144.0/20
deny from 77.0.0.0/8
deny from 107.20.0.0/14
deny from 109.0.0.0/8
deny from 110.0.0.0/8
deny from 111.0.0.0/8
deny from 112.0.0.0/8
deny from 113.0.0.0/8
deny from 114.0.0.0/8
deny from 115.0.0.0/8
deny from 116.0.0.0/8
deny from 117.0.0.0/8
deny from 118.0.0.0/8
deny from 119.0.0.0/8
deny from 121.0.0.0/8
deny from 122.0.0.0/8
deny from 123.0.0.0/8
deny from 124.0.0.0/8
deny from 125.0.0.0/8
deny from 176.0.0.0/8
deny from 178.0.0.0/8
deny from 180.0.0.0/8
deny from 182.0.0.0/8
deny from 183.0.0.0/8
deny from 186.0.0.0/8
deny from 187.0.0.0/8
deny from 188.0.0.0/8
deny from 189.0.0.0/8
deny from 190.0.0.0/8
deny from 191.0.0.0/8
deny from 195.0.0.0/8
deny from 200.0.0.0/8
deny from 202.0.0.0/8
deny from 203.0.0.0/8
deny from 210.0.0.0/8
deny from 211.0.0.0/8
deny from 217.0.0.0/8
deny from 218.0.0.0/8
deny from 221.0.0.0/8
deny from 222.0.0.0/8
deny from 80.0.0.0/8
deny from 81.0.0.0/8
deny from 83.0.0.0/8
deny from 85.0.0.0/8
deny from 88.0.0.0/8
deny from 93.0.0.0/8
deny from 98.0.0.0/8
deny from 49.0.0.0/8
deny from 54.0.0.0/8
deny from 58.0.0.0/8
deny from 60.0.0.0/8
deny from 61.0.0.0/8
deny from 62.0.0.0/8
deny from 64.94.0.0/15
deny from 86.57.176.0/22
deny from 86.57.180.0/23
deny from 198.0.0.0/8
deny from 89.0.0.0/8

Exemple de IP d'attaque relevé et bloquées par mod_security, un module installé sur un serveur pour un site personnel que j'avais chez Servint.net. Ces IPs peuvent aussi être bloquées par htaccess.

Code:
85.18.108.228 # lfd: (mod_security) mod_security (id:340165) triggered by 85.18.108.228 (IT/Italy/85-18-108-228.ip.fastwebnet.it): 5 in the last 3600 secs - Tue Feb 25 02:51:45 2010
67.215.248.8 # lfd: (mod_security) mod_security (id:330034) triggered by 67.215.248.8 (US/United States/-): 5 in the last 3600 secs - Tue Feb 25 11:07:55 2010
107.21.224.185 # lfd: (mod_security) mod_security (id:340165) triggered by 107.21.224.185 (US/United States/ec2-107-21-224-185.compute-1.amazonaws.com): 5 in the last 3600 secs - Tue Feb 25 14:55:14 2010
4.59.119.11 # lfd: (mod_security) mod_security (id:340165) triggered by 4.59.119.11 (US/United States/-): 5 in the last 3600 secs - Wed Feb 26 11:32:05 2010
50.128.0.0/9 
67.215.224.0/19
71.19.146.111 # lfd: (mod_security) mod_security (id:340165) triggered by 71.19.146.111 (US/United States/smt.xen.prgmr.com): 5 in the last 3600 secs - Wed Feb 26 17:05:28 2010
125.210.204.242 # lfd: (mod_security) mod_security (id:330034) triggered by 125.210.204.242 (CN/China/-): 5 in the last 3600 secs - Wed Feb 26 23:31:59 2010
124.0.0.0/8 # lfd: (mod_security) mod_security (id:330034) triggered by 124.202.143.250 (CN/China/-): 5 in the last 3600 secs - Fri Feb 28 23:04:39 2010
125.38.95.121 
201.149.255.148 # lfd: (mod_security) mod_security (id:340165) triggered by 201.149.255.148 (MX/Mexico/mail.technosteel.com.mx): 5 in the last 3600 secs - Sun Mar  2 09:36:24 2010
201.0.0.0/8
221.0.0.0/8
125.0.0.0/8
85.92.10.8 # lfd: (mod_security) mod_security (id:340165) triggered by 85.92.10.8 (RU/Russian Federation/mobile.ekt-skylink.ru): 5 in the last 3600 secs - Tue Mar  4 23:12:44 2010
178.0.0.0/8
70.61.103.42 # Manually denied - Sat Mar  8 14:03:05 2010
88.47.191.103 # lfd: (mod_security) mod_security (id:340165) triggered by 88.47.191.103 (IT/Italy/host103-191-static.47-88-b.business.telecomitalia.it): 5 in the last 3600 secs - Sun Mar 16 15:49:54 2010
209.50.234.162
86.57.176.0/22
86.57.180.0/23
81.44.247.12 # lfd: (mod_security) mod_security (id:340165) triggered by 81.44.247.12 (ES/Spain/12.Red-81-44-247.dynamicIP.rima-tde.net): 5 in the last 3600 secs - Fri Mar 21 07:37:10 2010
94.46.250.199 # lfd: (mod_security) mod_security (id:340165) triggered by 94.46.250.199 (PT/Portugal/-): 5 in the last 3600 secs - Mon Mar 24 07:03:04 2010
200.122.135.2 # lfd: (mod_security) mod_security (id:340165) triggered by 
81.80.95.199 # lfd: (mod_security) mod_security (id:340165) triggered by 81.80.95.199 (FR/France/140590000Z003.static-ip.oleane.fr): 5 in the last 3600 secs - Thu Apr  3 04:45:34 2010
69.174.245.163 # lfd: (mod_security) mod_security (id:330034) triggered by 69.174.245.163 (US/United States/-): 5 in the last 3600 secs - Sun Apr 13 18:34:41 2010
192.99.36.47 # lfd: (mod_security) mod_security (id:330039) triggered by 192.99.36.47 (CA/Canada/ns237832.ip-192-99-36.net): 5 in the last 3600 secs - Thu May  1 00:30:26 2010
147.85.0.0/16 # manually denied spam offline
82.150.248.85 # Manually denied - Sat May  3 11:01:13 2010
37.59.0.0/16 # france
81.255.154.0/24  # france
82.150.248.0/23 # france
216.105.240.0/20 # recurrent udp53
80.0.0.0/8 # france, china recurent port 80
168.233.1.102 # lfd: (PERMBLOCK) 168.233.1.102 (US/United States/-) has had more than 4 temp blocks in the last 86400 secs - Sun May  4 14:08:36 2010
194.60.170.22 # lfd: (PERMBLOCK) 194.60.170.22 (GB/United Kingdom/dns1.uk.experian.com) has had more than 4 temp blocks in the last 86400 secs - Sun May  4 17:34:27 2010
173.203.87.176 # lfd: (mod_security) mod_security (id:340009) triggered by 173.203.87.176 (US/United States/173-203-87-176.static.cloud-ips.com): 5 in the last 3600 secs - Mon May  5 11:43:27 2010
121.0.0.0/8 # recurrent temp chinese
122.0.0.0/8 # recurrent temp chinese
38.110.88.29 # lfd: (mod_security) mod_security (id:330039) triggered by 38.110.88.29 (US/United States/-): 5 in the last 3600 secs - Wed May  7 11:57:35 2010
184.73.88.76 # lfd: (mod_security) mod_security (id:330034) triggered by 184.73.88.76 (US/United States/ec2-184-73-88-76.compute-1.amazonaws.com): 5 in the last 3600 secs - Thu May  8 01:19:42 2010
82.192.86.44 # lfd: (mod_security) mod_security (id:330034) triggered by 82.192.86.44 (NL/Netherlands/-): 5 in the last 3600 secs - Thu May  8 03:01:37 2010
122.155.201.29 # lfd: (mod_security) mod_security (id:330034) triggered by 122.155.201.29 (TH/Thailand/-): 5 in the last 3600 secs - Fri May  9 08:56:55 2010
64.94.0.0/15 # manuellement, 4 temp suite
58.0.0.0/8 # manuellement, 2 temp suite
88.0.0.0/8 # manuelle 5 temps suite
193.108.160.213 # lfd: (htpasswd) Failed web page login from 193.108.160.213 (GR/Greece/edy.eap.gr): 5 in the last 3600 secs - Mon May 12 05:44:10 2010
191.0.0.0/8 # manuelle 5 temps suite
180.0.0.0/8 # manuelle 2 temps suite
94.177.121.102 # lfd: (htpasswd) Failed web page login from 94.177.121.102 (RO/Romania/host-122-102.optic-bridge.net): 5 in the last 3600 secs - Wed May 14 10:58:15 2010
61.0.0.0/8 # manuelle 4 temps suite
171.0.0.0/8 # manuelle 4 temps suite
39.0.0.0/8 # manuelle 4 temps suite
218.0.0.0/8 # manuelle 2 temps suite
187.0.0.0/8 # manuelle 2 temps suite
189.0.0.0/8 # manuelle 2 temps suite
222.0.0.0/8 # manuelle 2 temps suite
46.0.0.0/8 # lfd: (mod_security) mod_security (id:330034) triggered by 46.105.110.43 (FR/France/ns222609.ovh.net): 5 in the last 3600 secs - Sat May 17 13:48:06 2010
54.0.0.0/8 # manuelle singapoore 4 temps suite
195.0.0.0/8 # france forum-spam
62.0.0.0/8 # france forum-spam
123.0.0.0/8 # lfd: (mod_security) mod_security (id:340009) triggered by 123.67.97.165 (CN/China/-): 5 in the last 3600 secs - Wed May 21 11:13:06 2010
94.76.200.0/24 # proxy gb 2 fois 94.76.200.234
93.0.0.0/8
83.0.0.0/8
217.0.0.0/8
75.98.84.57 # lfd: (mod_security) mod_security (id:340009) triggered by 75.98.84.57 (US/United States/-): 5 in the last 3600 secs - Fri May 23 05:30:04 2010
109.0.0.0/8 # lfd: belgique 2 temps
203.147.88.202 # lfd: (mod_security) mod_security (id:330034) triggered by 203.147.88.202 (IN/India/crm.meghbelabroadband.in): 5 in the last 3600 secs - Sat May 24 19:23:36 2010
176.0.0.0/8 # lfd: (mod_security) mod_security (id:392301) triggered by 176.31.72.184 (FR/France/-): 5 in the last 3600 secs - Sun May 25 05:30:56 2010
203.0.0.0/8 # many countries
98.0.0.0/8 # usa 2 temp bad site 98.238.235.227 
188.0.0.0/8 # germany 2 temp bad site 188.138.16.88
183.0.0.0/8 # china 
198.0.0.0/8 # usa spam, hack
14.0.0.0/8 # various countries 
89.0.0.0/8 # manuelle 2 temps suite
202.0.0.0/8 # bloque lfd: (mod_security) mod_security (id:340165) triggered by 202.201.1.248 (CN/China/-): 5 in the last 3600 secs - Thu May 29 13:30:51 2010
27.0.0.0/8
119.0.0.0/8 # lfd: (mod_security) mod_security (id:330034) triggered by 119.1.174.60 (CN/China/-): 5 in the last 3600 secs - Thu May 29 17:40:26 2010
118.0.0.0/8 # china plusieurs atack from 118.194.192.78
95.211.185.192/26
190.0.0.0/8
60.0.0.0/8
196.0.0.0/8 # rwanda url scan dataset for 196.12.157.27
106.0.0.0/8 # japan china
64.106.128.0/23 # usa hacking activity from 64.106.128.137
64.16.192.0/19 
212.0.0.0/8
64.15.160.0/19 # temp from 64.15.184.177
186.0.0.0/8  # lfd: mod_security (id:330034) triggered by 186.42.181.66 (EC/Ecuador/-)
182.0.0.0/8 # 2 temp china 182.50  
65.111.180.205 # lfd: (mod_security) mod_security (id:330034) triggered by 65.111.180.205 (US/United States/updates.mediamarktoolbox.net): 5 in the last 3600 secs - Sat Jun  7 21:23:57 2010
185.56.80.0/22 # lfd: (mod_security) mod_security (id:390801) triggered by 185.56.80.125 (NL/Netherlands/-): 5 in the last 3600 secs - Sun Jun  8 07:21:45 2010
192.198.91.150 # lfd: scan port mais ssh attack ailleurs
117.0.0.0/8 # 2 temp china 117.21.191.205 and 117.135.163.108 in 1 day
220.0.0.0/8 # lfd: (mod_security) mod_security (id:330034) triggered by 220.181.152.196 (CN/China/-): 5 in the last 3600 secs - Mon Jun  9 06:32:14 2010
95.69.192.0/19  # lfd:  temp 95.69.246.145
95.69.224.0/20 # lfd:  temp 95.69.246.145
95.69.240.0/21 # lfd:  temp 95.69.246.145
12.0.0.0/8  # lfd:  12.111.144.195 spam server dictionary attack
114.0.0.0/8
74.0.0.0/8 # lfd:  74.117.56.130 temporary block but bad reputation
181.40.78.99 # lfd: (mod_security) mod_security (id:330082) triggered by 181.40.78.99 (PY/Paraguay/pool-99-78-40-181.telecel.com.py): 5 in the last 3600 secs - Thu Jun 12 06:41:55 2010
115.0.0.0/8  # tempo 115.206.105.33
63.246.128.0/19 # tempo but mauvaise 63.246.129.40
24.89.128.0/18 # two temp scans from 24.89.180.132
37.187.0.0/16  # france
95.240.232.0/21 # italy
192.198.80.0/20 # tempo 192.198.85.86
64.127.64.0/20 # tempo 64.127.68.69
97.76.0.0/14 # tempo 97.77.122.178
85.195.118.112/28  # tempo 85.195.118.116 
130.185.156.0/22 # tempo 130.185.157.17 
65.40.0.0/15 # 2 temp scan but spam history for 65.41.46.169 embarqhsd.net 
177.0.0.0/8 # temp scan but hacking history for 177.86.175.161
59.0.0.0/8
91.0.0.0/8 # temp scan but brute hacking history for 91.206.54.22 and 91.222.36.124
133.242.0.0/16 # temp scan but spam history for 133.242.144.47
81.17.0.0/16 # 2 temp scan for 81.17.30.49
87.0.0.0/8 # 2 temp scan for 87.248.68.215 and 87.239.170.224
175.0.0.0/8 # thailand 2 temp scan but history for 175.156 spam server
192.99.0.0/16 # temp scan but spam hack history for 192.99
84.95.0.0/16  # temp scan but spam hack history for 84.95.
82.0.0.0/8
85.17.28.0/23
85.17.30.0/24
116.0.0.0/8 # temp scan from China from 116.235.99.204
219.0.0.0/8 # temp scan from China from 219.134.249.148
1.0.0.0/8 # temp scan from China from 1.202.22.117
37.200.120.0/22  # temp scan from russia from hack attempt 37.200.121.89 
37.192.168.0/21 # temp scan from russia
120.144.0.0/12 # temp scan from australia 120.151.133.166 hacking history
162.243.0.0/16 # lfd: (mod_security) mod_security (id:390583) triggered by 162.243.14.91 (US/United States/vpn3.nnc-services.com): 5 in the last 3600 secs - Sat Jun 28 06:50:47 2010
85.25.157.96/28  # temp scan from germany 85.25.157.115
85.25.157.112/30
85.25.157.116/31
146.185.0.0/16 # russia 1 temp scan but spam hacking history for 146.185 and 146.185.220.92
31.222.176.0/21 # temp scan but historic threat for 31.222.180.162
49.158.0.0/15 # temp scan but historic spam hacking from China for 49.159
66.0.0.0/8 # temp scan but spam history
5.0.0.0/8 
162.0.0.0/8 # two temp scan from 162.213.25.98 and 162.243.14.91 blocked by mod_security
15.0.0.0/8 # two temp scan from 15.125.106.2 and 15.125.106.210
94.0.0.0/8  # lfd: (mod_security) mod_security (id:330034) triggered by 94.75.228.26 (NL/Netherlands/www.mywinsoft.com): 5 in the last 3600 secs - Fri Jul  4 09:56:32 2010
211.0.0.0/8 # temp scan but historic spam hacking from China for 
85.17.141.160/27 # 3 temp scan from neer 85.17.141.182
213.152.29.0/25 # 1 temp scan from france 213.152.29.33
77.88.202.96/29 # 1 temp scan from ukraine 77.88.202.98 bad history
85.113.32.0/20 # 1 temp scan from russia 85.113.34.166 comment spam
99.0.0.0/8 # temp scan from usa 99.195.69.67 and many from centurytel
120.0.0.0/8 # temp scan from china 120.42.116.59
194.0.0.0/8 # temp scan from russia 194.58.102.23
199.0.0.0/8 # temp scan from usa 199.58.73.141 spam history for 199.58
213.0.0.0/8 # temp scan from germany 213.73.99.160 ssh attack history
  Réponse avec citation
Vieux 28/10/2018, 11h18   #2
Cocodelaval
 
Date d'inscription: 13/02/2017
Messages: 4 745
Par défaut Re : Bloquer les étrangers avec htaccess

Je comprends rien.
Cocodelaval est déconnecté   Réponse avec citation
Vieux 28/10/2018, 11h31   #3
Mondo
Visiteur
 
Messages: n/a
Par défaut Re : Bloquer les étrangers avec htaccess

Alors j'essaie d'expliquer.

Imagine ... Tu as un site web avec un nom de domaine et un forum installé sur ce nom de domaine, forum ou un nom de domaine qui t'appartient ou non... mais peu importe, tu y tiens à ton nom de domaine ou à ton forum.

Ca va bien au début. Té pas connu !

Puis Google viens indexer ton site, ton forum et puis ton sitr et ton forum apparaissent sur Google et ... té connu !!

Té ben content !

Puis avec le temps, les emmerdes commencent ... avec la reconnaissance !

Des chinois, des russes et autres étrangers viennent t'achaler juste pour le plaisir de t'achaler...

Que fais-tu ?

Tu as trois choix:
1. Ne rien faire et subir les emmerdes.
2. Les bannir temporairement de ton forum mais ils reviennent toujours
3. Les bloquer définitivement/automatiquement.

Ce sujet est sur le 3.
  Réponse avec citation
Réponse


Utilisateurs regardant la discussion actuelle : 1 (0 membre(s) et 1 invité(s))
 
Outils de la discussion
Modes d'affichage

Règles de messages
Vous ne pouvez pas créer de nouvelles discussions
Vous ne pouvez pas envoyer des réponses
Vous ne pouvez pas envoyer des pièces jointes
Vous ne pouvez pas modifier vos messages

Les balises BB sont activées : oui
Les smileys sont activés : oui
La balise [IMG] est activée : oui
Le code HTML peut être employé : non

Navigation rapide


Fuseau horaire GMT -5. Il est actuellement 05h43.


Powered by vBulletin® Version 3.8.11
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
Version française #23 par l'association vBulletin francophone