Sub Menu
Links Menu
Online Users

In total there are 313 users online :: 3 registered, 0 hidden and 310 guests

Most users ever online was 1091 on Wed Aug 16, 2023 5:27 pm

Registered users: Bing [Bot], Google [Bot], Majestic-12 [Bot] based on users active over the past 60 minutes

Banning at Server Level via SID

If you have any helpful hints and/or tips in the use of IntegraMOD, you can post it here to help other members of the IntegraMOD community.

Moderator: Integra Moderator

Banning at Server Level via SID

PostAuthor: tattee » Sat Apr 11, 2009 10:23 pm

Have you ever had a malicious user forever changing his IP by proxy and haunting your site(s) to no end?
YES, I think we all have...

WELL.... HERE'S A SOLUTION... ban by his unique System ID at the server level.

download your raw access logs for a time you know he/she was on your site wreaking havoc..
bring up the file in your favorite code editor (I use pspad)..
you should have the IP they used on site at the time..
do a search for it in the raw access logs..
look for a SID= inline with the IP they used.. thats the unique ID to the machine they used.
lets say its .. sid=b4b0acadf0g897d9791676776e0eoi4hju5
LETS BAN IT!!!

download your .htaccess file from your servers root folder and add the following.. (at the end of doc)

Code: Select all
Options All  RewriteCond %{HTTP_REFERER} ^http]RewriteRule .* /*.php?sid=b4b0acadf0g897d9791676776e0eoi4hju5 [F,L]    ErrorDocument 403 /403.php


now, that example is using my site for reference www.mysite.org .. you would change that to reflect your site... let's say your site is www.yoursite.com.. you would write the following..

Code: Select all
Options All  RewriteCond %{HTTP_REFERER} ^http]RewriteRule .* /*.php?sid=b4b0acadf0g897d9791676776e0eoi4hju5 [F,L]    ErrorDocument 403 /403.php


Upload the new .htaccess
Simple as that... he/she would need to find another machine to harass you on.
HE GETS A 403 at any address on your domain

**note - as this is my reseller domain, they cant access ANY of the domains beyond my main domain**

for added fun.. make a 403.php page saying THE FBI HAVE BEEN ALERTED TO YOUR ACTIVITY or something
or better yet.. place a redirect on your 403.php to the FBI website (keeping in mind your the referrer).
-----BEGIN GEEK CODE BLOCK-----
Version: 3.1
GIT/CS/CM d-(++) s+: a+45 C++(++++) UB+++;++++ P++ L- E--- W+++ N+ o++ K- !w O-
M--(-) V- PS+ PE Y !PGP t-(+++) 5++ X- R tv- b++ DI+ D+++ G+++ e+;++++ h* !r !y
------END GEEK CODE BLOCK------
User avatar
tattee
Members
Members
 
Posts: 47
Likes: 0 post
Liked in: 0 post
Joined: Tue Sep 12, 2006 12:36 am
Cash on hand: 0.00

Re: Banning at Server Level via SID

PostAuthor: Helter » Sun Apr 12, 2009 1:12 am

nice tip. Im sure it will come in handy.
Always use Protection
Image


Please do not PM for support
User avatar
Helter
Administrator
Administrator
 
Posts: 4167
Likes: 0 post
Liked in: 0 post
Images: 0
Joined: Sat Mar 11, 2006 3:46 pm
Cash on hand: 172.60
Location: Seattle Wa
IntegraMOD version: IM 3


Return to Hints and Tips

Who is online

Registered users: Bing [Bot], Google [Bot], Majestic-12 [Bot]

cron