How can I ban an IP

[Mitchell]

Hi,

I am getting this on my site on a permanent base and I can not get rid of him, I deleted it from my MSQL but it came back within 5 minutes,how can I ban his IP?

92.48.194.14

/power_search.php?pflag=search&title=RRHCoKGZNJiafT KIPkj&url=http%3A%2F%2Fwww.eige pca.org

I know it has been talked about before, but what are they actually doing?

[CEC]

i zap them in my .htaccess file. try:

<Limit GET HEAD POST>
order allow,deny
deny from 92.48.194.14
allow from all
</LIMIT>

[echo@]

I often wonder why there is no captcha on power_search.php

[Bruceper]

spam URL's removed, we don't need to promote their sites.

Yes it's been gone over before, that's why the forum has a search function. They're trying to exploit a flaw that was in 5.0 or 5.1 (I can't remember which)

Why would you want captcha on power_search? It won't do anything. The URL's that are submitted don't actually go anywhere, all that happens is power_search.php loads and it burns up some bandwidth.

The ONLY thing captcha would do would be to annoy legitimate users. If it was there and someone submitted one of these long URL's then power_search.php would still load and it would still do nothing.

I had an "attack" of these on indexu.com that burned up gigabytes of data in two days. I simply remove power_search.php on every site now.

Ignore the issue, or remove power_search.php, those are the only solutions for now.

[Mitchell]

Guys, thank you for the help and info, I tried CEC's method and so far so good.

Bruce, thank you for removing the URL, I was going to do it as soon as I get my answer but you were faster than me.

I also think captcha would annoy legitimate users so it is not the best option.

By the way how do they do it, do they use a script to sit on the site and press search constantly?

This IP has been on my site for last couple of months.

[Bruceper]

I _assume_ it's a bot of some type, most probably a script running off a proxy or zombie to mask the real IP.

If you use cpanel you can ban the user from there.

mpdaddy was actually talking about making a mod/plugin to ban IP's that do this, but I don't know if he actually is trying to make one or not.

The BIGGEST issue about all of this is the burning up of bandwidth. No matter WHAT you do, each request is going to burn up bandwidth unless you remove power_search.php and replace it with a blank file.

Why does it have to be blank? If it's not IndexU will return a 404 and the 404 page still uses up bandwidth.

You can see what I did at indexu.com/power_search.php it's simple, to the point and easy to do.

I just wish the losers doing this would finally figure out that it doesn't work and stop.

[mpdaddy]

I am reworking my old banning mod from 5.4 into a plugin for 1.2x. As soon as it is complete, I am going to see about adding the ability to automatically ban ip's when they attempt to use power search in this fashion. I still don't know if it's possible, but if it can be done, I will make it so that function can be turned on and off seperately from the plugin itself.

Regards
Wayne

[Simpledark]

I had an "attack" of these on indexu.com that burned up gigabytes of data in two days. I simply remove power_search.php on every site now.

If i delete this file, i have some problem with the directory? I lost some functions?

[Bruceper]

Nothing will happen other than power search will not work.