18 {{ upvoteCount | shortNum }}
18 {{ upvoteCount | shortNum }}

DDL Site Sending Lots Of Fake Visitors and It Makes My WordPress Down!

by isodownload
15 replies
Hi
Last time I added my links to dirtywarez.com and when I look after that my site gives lots of 503 error and CPU usage and Memory usage is at maximum level.
They're sending lots of fake hits/visitors (they arent human ;I looked up from google analytics and nothing seen any of them as a human when 30-40 ip's visiting my pages) from a range of mostly China and Europe IP's..
How can I block them? I use wordfence plugin and manually blocking them but I cant handle it.
Please help me.
#ddl #fake #lots #makes #sending #site #visitors #wordpress
  • Profile picture of the author seopratyush
    Blocking users or sites that originate from a particular domain is another useful trick of .htaccess.

    Before I get to the code itself, it's important to note that blocking access by referrer in .htaccess requires the help of the Apache module mod_rewrite to make out the referrer first. This module is installed by default on most servers (ask your host if you're not sure). So, to deny access all traffic that originate from a particular domain (referrers) to your site, use the following code:

    Block traffic from a single referrer:

    RewriteEngine on
    # Options +FollowSymlinks
    RewriteCond %{HTTP_REFERER} badsite\.com [NC]
    RewriteRule .* - [F]
    Block traffic from multiple referrers

    RewriteEngine on
    # Options +FollowSymlinks
    RewriteCond %{HTTP_REFERER} badsite\.com [NC,OR]
    RewriteCond %{HTTP_REFERER} anotherbadsite\.com
    RewriteRule .* - [F]
    {{ DiscussionBoard.errors[9395991].message }}
    • Profile picture of the author isodownload
      Originally Posted by seopratyush View Post

      Blocking users or sites that originate from a particular domain is another useful trick of .htaccess.

      Before I get to the code itself, it's important to note that blocking access by referrer in .htaccess requires the help of the Apache module mod_rewrite to make out the referrer first. This module is installed by default on most servers (ask your host if you're not sure). So, to deny access all traffic that originate from a particular domain (referrers) to your site, use the following code:

      Block traffic from a single referrer:

      RewriteEngine on
      # Options +FollowSymlinks
      RewriteCond %{HTTP_REFERER} badsite.com [NC]
      RewriteRule .* - [F]
      Block traffic from multiple referrers

      RewriteEngine on
      # Options +FollowSymlinks
      RewriteCond %{HTTP_REFERER} badsite.com [NC,OR]
      RewriteCond %{HTTP_REFERER} anotherbadsite.com
      RewriteRule .* - [F]
      thanks for that, I guess it helps (at least I cant see any IP logs in my wordfence plugin's last activity page) but my cpanel's latest visitors page still shows that fake IP visits (they are getting internal server error (500) ) , my CPU and Memory usage reduced by the way.
      Signature

      Traffic for Gaming Websites :
      Gameslopedy.com : Fixes for PC Game Errors, Crashes...

      {{ DiscussionBoard.errors[9396040].message }}
      • Profile picture of the author RobinInTexas
        You might be able to eliminate the error logs and send them away by redirecting instead of blocking.

        RewriteCond %{HTTP_REFERER} badsite.com [NC,OR] #by referrer
        RewriteCond %{REMOTE_ADDR} ^96\.47\. [OR] # by IP block
        RewriteCond %{REMOTE_ADDR} ^96\.47\.22\.153 [OR] # by IP
        RewriteCond %{HTTP_USER_AGENT} Baidu [NC,OR]
        RewriteCond %{HTTP_USER_AGENT} Yandex [NC,OR] # by user agent
        RewriteCond %{HTTP_USER_AGENT} YYSpider [NC] # by user agent
        RewriteRule .* http://%{REMOTE_ADDR} [L,R=403] # tells them what they are looking for is at their ip
        Signature

        Robin



        ...Even if you're on the right track, you'll get run over if you just set there.
        {{ DiscussionBoard.errors[9396737].message }}
    • Profile picture of the author IskaDev
      Originally Posted by seopratyush View Post

      Blocking users or sites that originate from a particular domain is another useful trick of .htaccess.

      Before I get to the code itself, it's important to note that blocking access by referrer in .htaccess requires the help of the Apache module mod_rewrite to make out the referrer first. This module is installed by default on most servers (ask your host if you're not sure). So, to deny access all traffic that originate from a particular domain (referrers) to your site, use the following code:

      Block traffic from a single referrer:

      RewriteEngine on
      # Options +FollowSymlinks
      RewriteCond %{HTTP_REFERER} badsite.com [NC]
      RewriteRule .* - [F]
      Block traffic from multiple referrers

      RewriteEngine on
      # Options +FollowSymlinks
      RewriteCond %{HTTP_REFERER} badsite.com [NC,OR]
      RewriteCond %{HTTP_REFERER} anotherbadsite.com
      RewriteRule .* - [F]

      i think he is right
      {{ DiscussionBoard.errors[9413982].message }}
  • Profile picture of the author Ekushey
    I hope you're not under a DDoS attack.

    I'd would strongly recommend you to use https://www.cloudflare.com to protect your site. It'll also make the site load much faster along with many of it's benefits.
    Signature

    I'll solve your PHP, MySQL, WordPress or any website or server related problems.
    Hire me on Freelancer.com at an affordable rate with fast turnaround time.

    {{ DiscussionBoard.errors[9396884].message }}
    • Profile picture of the author isodownload
      Originally Posted by RobinInTexas View Post

      You might be able to eliminate the error logs and send them away by redirecting instead of blocking.

      RewriteCond %{HTTP_REFERER} badsite.com [NC,OR] #by referrer
      RewriteCond %{REMOTE_ADDR} ^96.47. [OR] # by IP block
      RewriteCond %{REMOTE_ADDR} ^96.47.22.153 [OR] # by IP
      RewriteCond %{HTTP_USER_AGENT} Baidu [NC,OR]
      RewriteCond %{HTTP_USER_AGENT} Yandex [NC,OR] # by user agent
      RewriteCond %{HTTP_USER_AGENT} YYSpider [NC] # by user agent
      RewriteRule .* http://%{REMOTE_ADDR} [L,R=403] # tells them what they are looking for is at their ip
      why you want to block yandex, baidu and yyspider bots? It may help my website indexing in yandex search engine.
      But I saw every minute yandex bot tries to attempt my website pages:

      Code:
      .255.253.138
/forums/memberlist.php?sk=f&sd=a&first_char=s&sid=8dfe6f7cb016968205e016ca81f1d23e
7/29/14 10:36 AM
11125
success 200
GET
HTTP/1.1
Mozilla/5.0 (compatible; YandexBot/3.0; +http://yandex.com/bots)
157.55.39.158
/resources-by-categories/
7/29/14 10:36 AM
21182
success 200
GET
HTTP/1.1
Mozilla/5.0 (compatible; bingbot/2.0; +http://www.bing.com/bingbot.htm)
5.255.253.138
/forums/memberlist.php?sk=a&sd=a&first_char=j&sid=24369d2c9ff6eed78612810777249724
7/29/14 10:36 AM
11209
success 200
GET
HTTP/1.1
Mozilla/5.0 (compatible; YandexBot/3.0; +http://yandex.com/bots)
66.249.79.128
/tag/playstation-3-2/feed/
7/29/14 10:36 AM
2182
success 200
GET
HTTP/1.1
Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)
5.255.253.138
/forums/viewtopic.php?f=4&t=430&p=736&sid=b538f7a36756e716402e8eafdc019998
7/29/14 10:36 AM
12276
success 200
GET
HTTP/1.1
Mozilla/5.0 (compatible; YandexBot/3.0; +http://yandex.com/bots)
85.106.69.73
/favicon.ico
7/29/14 10:36 AM
0
success 200
GET
HTTP/1.1
Mozilla/5.0 (Windows NT 5.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.125 Safari/537.36
5.255.253.138
/forums/memberlist.php?sk=c&sd=d&first_char=e&sid=200ea961e4ddc39f8e298a4c72689b29
7/29/14 10:36 AM
11153
success 200
GET
HTTP/1.1
Mozilla/5.0 (compatible; YandexBot/3.0; +http://yandex.com/bots)
85.106.69.73
/?custom-css=1&csblog=1&cscache=6&csrev=17
7/29/14 10:35 AM
110
success 200
GET
HTTP/1.1
http://www.chemicalsubjects.com/forums/
Mozilla/5.0 (Windows NT 5.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.125 Safari/537.36
5.255.253.138
/forums/memberlist.php?sk=d&sd=a&first_char=k&sid=b11c3457b54b738d6e193bf69560110e
7/29/14 10:36 AM
11124
success 200
GET
HTTP/1.1
Mozilla/5.0 (compatible; YandexBot/3.0; +http://yandex.com/bots)
85.106.69.73
/forums/style.php?id=7&lang=en&sid=191e947d43bfa7e0eb0e9272ba9bf272
7/29/14 10:35 AM
26894
success 200
GET
HTTP/1.1
http://www.chemicalsubjects.com/forums/
Mozilla/5.0 (Windows NT 5.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.125 Safari/537.36
85.106.69.73
/forums/cron.php?cron_type=tidy_cache&sid=191e947d43bfa7e0eb0e9272ba9bf272
7/29/14 10:35 AM
57
success 200
GET
HTTP/1.1
http://www.chemicalsubjects.com/forums/
Mozilla/5.0 (Windows NT 5.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.125 Safari/537.36
5.255.253.138
/forums/memberlist.php?sk=b&sd=d&first_char=t&sid=b33bc0078e952eb4a9e8757e021f05ce
7/29/14 10:35 AM
11155
success 200
GET
HTTP/1.1
Mozilla/5.0 (compatible; YandexBot/3.0; +http://yandex.com/bots)
85.106.69.73
/forums/
7/29/14 10:35 AM
16793
success 200
GET
HTTP/1.1
Mozilla/5.0 (Windows NT 5.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.125 Safari/537.36
      Originally Posted by Ekushey View Post

      I hope you're not under a DDoS attack.

      I'd would strongly recommend you to use https://www.cloudflare.com to protect your site. It'll also make the site load much faster along with many of it's benefits.
      I use 2 wordpress security plugin. Is that gives me another server loads?
      Signature

      Traffic for Gaming Websites :
      Gameslopedy.com : Fixes for PC Game Errors, Crashes...

      {{ DiscussionBoard.errors[9397365].message }}
      • Profile picture of the author RobinInTexas
        Originally Posted by isodownload View Post

        why you want to block yandex, baidu and yyspider bots? It may help my website indexing in yandex search engine.
        But I saw every minute yandex bot tries to attempt my website pages:
        Lots of load I am not looking for their traffic.

        I was just presenting an example of different ways to eliminate traffic, User agent is one of three techniques, IP/IP range and referrer that I use.
        Signature

        Robin



        ...Even if you're on the right track, you'll get run over if you just set there.
        {{ DiscussionBoard.errors[9400195].message }}
  • Profile picture of the author KirkMcD
    You listed your site on a place called "dirty warez" and didn't expect bad things to happen?
    {{ DiscussionBoard.errors[9400316].message }}
  • Profile picture of the author isodownload
    I had talked with them .
    They said:

    Its most likely bots/trawlers indexing/scraping content from the site, this happens with older DDL sites.

    If this is overloading your site you really should change webhosts, I will delete your downloads.
    simple. It's the robots.txt file. Probably sais index,follow which means that not only will the bots index the links on the topics, they'll also follow them to index links on those sites, and that's a good thing actually as it generates at 1st view bot traffic, but also indexes your site into their search engines making it available for the public. If your site gets overloaded, the hardware setup is too weak and you need to contact your hoster.

    and yes, that's happening to all sites with the proper robots.txt file in the site root
    Would it be true?
    How come bots /spiders like that overloads my site like this?
    Signature

    Traffic for Gaming Websites :
    Gameslopedy.com : Fixes for PC Game Errors, Crashes...

    {{ DiscussionBoard.errors[9403909].message }}
  • Profile picture of the author RobinInTexas
    As previously mentioned, use cloudflare and block unwanted countries.
    Signature

    Robin



    ...Even if you're on the right track, you'll get run over if you just set there.
    {{ DiscussionBoard.errors[9409284].message }}
  • Profile picture of the author kpmedia
    CloudFlare will likely slow your site down.
    Signature
    FAQ: Need a Site5/Arvixe/Hostgator alternative? And who is EIG?
    Reviews:     Need a good VPS, dedicated server, or unlimited host? (This is NOT a fake "top 10" list!)
    {{ DiscussionBoard.errors[9436629].message }}

Trending Topics