The Google one is a mission to set up and is horrible for users.
Luckily we built an invisible CAPTCHA that is so far 100% spam proof and requires no action from the user:
https://www.opencart.com/index.php?rout ... n_id=36312
UK OpenCart Hosting | OpenCart Audits | OpenCart Support - please email info@antropy.co.uk
We've been trying to work this out, but so far we can't seem to think of their reason.
Perhaps it's Russian hackers after too much vodka?
UK OpenCart Hosting | OpenCart Audits | OpenCart Support - please email info@antropy.co.uk
Professional OpenCart extensions, support and custom work.
Contact me via email or Skype by support@thekrotek.com
of intruders for good. It's out of my .htaccess file, and it also locks out
a bunch of PROXY Users also. But better make sure, not to accidentally lock
out your 'legal' Site Visitors, or yourself...
Merry christmas !
Ernie
PS. I have it now removed again, it hopefully served it's purpose ...
My Github OC Site: https://github.com/IP-CAM
5'200 + FREE OC Extensions, on the World's largest private Github OC Repository Archive Site.
Crystal Light Centrum Taiwan
Extensions: MailQueue | SUKHR | VBoces
“Data security is paramount at [...], and we are committed to protecting the privacy of anyone who is associated with our [...]. We’ve made a lot of improvements and will continue to make them.”
When you know your life savings are gone.
Like a Lock on a Door, it might not keep one, from breaking in through a Window.
Most unwanted visitors are no professional Hackers, and for them, it does it's Job well. In
combination with other htaccess filters, and that's all I need, to keep my sites alive and well,
and my access and error logs quite clean, for the past two decades at least ..
My Github OC Site: https://github.com/IP-CAM
5'200 + FREE OC Extensions, on the World's largest private Github OC Repository Archive Site.
Professional OpenCart extensions, support and custom work.
Contact me via email or Skype by support@thekrotek.com
Sure, I can block virtually every ip address and then claim that it keeps bad guys out.Most unwanted visitors are no professional Hackers, and for them, it does it's Job well.
Problem is that ip addresses change hands, whole ip blocks are sold and bought across countries daily, with the ip4 shortages those transactions are increasing rapidly, what is an ip of a bad person today is the ip of a good one tomorrow and visa versa.
How are you going to maintain that blind list of ranges?
You even block the university of california now and you probably don't know because blocking via htaccess gives no feedback as to who you are blocking.
if you must insist on blocking "the cheap, no professional Hackers/spammers", block requests over HTTP/1.0 protocol.
Professional hackers/spammer simply rent a server at amazon/microsoft/Rackspace/... cloud services for a few hours.
Crystal Light Centrum Taiwan
Extensions: MailQueue | SUKHR | VBoces
“Data security is paramount at [...], and we are committed to protecting the privacy of anyone who is associated with our [...]. We’ve made a lot of improvements and will continue to make them.”
When you know your life savings are gone.
to create a Fort Knox out of them. I just hate, to be bugged. It depends on the
situation, at first, I block single IPs, and if multiple Subnumbers are listed, entire
Blocks. It works great, and it does not slow down anything, contrary to some
other solutions. But as I said, it's just one of the options, to keep those out,
trying to make me feel bad, by looking for holes, publicly known in OC Installs.
And I also use a top notch Hoster, the probably most decisive Factor of them all.
My Github OC Site: https://github.com/IP-CAM
5'200 + FREE OC Extensions, on the World's largest private Github OC Repository Archive Site.
If you want to block all known tor exit nodes (like you have many in your list) you are looking at approx. 1500 entries alone.
So you may have to ask yourself, how often am I visited by these ip's and what is the risk if they do vs. maintaining these lists and the slowdown they cause.
Crystal Light Centrum Taiwan
Extensions: MailQueue | SUKHR | VBoces
“Data security is paramount at [...], and we are committed to protecting the privacy of anyone who is associated with our [...]. We’ve made a lot of improvements and will continue to make them.”
When you know your life savings are gone.
The following link on suggest, the reason is to to use your site and other sites to send lots registration emails to a victim, in the hope this will overwhelm them and distract them from some other malicious activity.
https://webmasters.stackexchange.com/a/115694
letxobnav is correct, a ton of IP's in .htaccess and depending on your traffic might put huge strain on your server resources. If you wanted to block a ton of IP's, it might be better to block from a firewall level or even better offset those resources to a dedicated hardware firewall.letxobnav wrote: ↑Sun Dec 22, 2019 6:35 amwell, htaccess always slows down.
If you want to block all known tor exit nodes (like you have many in your list) you are looking at approx. 1500 entries alone.
So you may have to ask yourself, how often am I visited by these ip's and what is the risk if they do vs. maintaining these lists and the slowdown they cause.
Full Stack Web Developer :: Send a PM for Custom Work.
Backup and learn how to recover before you make any changes!
But I'm not talking about and to Online_Pro's here, but to those,
likely working on a near_to_zero Budget, and trying, to possibly
keep some Regions, Countries, whatever, largely off from accessing
a Shopsite, with most common and simple free tools.
---
My SITE ROOT .htaccess file contains ~1472 Lines, including ~690 IP Denials
and my SHOP .htaccess file contains ~247 Lines, all just valid for the Shop.
--
I made some tests, with and without the ROOT .HTACCESS File, it might slow
down performance from 99 % Mobile to sometimes 97%, but other Values are
more or less the same.
It also depends on the Server, to deliever, what one is expecting, and pays for.
Just like in real Life too ...
---
download/file.php?mode=view&id=38176
My Github OC Site: https://github.com/IP-CAM
5'200 + FREE OC Extensions, on the World's largest private Github OC Repository Archive Site.
anyway, my methods to block contact spammers, I do not use Captcha for this as I also hate to click on traffic-lights, cars and shop-signs just to send a mail.
I do for registration as that is more formal anyway.
1) block http/1.0 requests ( I do this for all requests not just contact with a page stating to update their browser).
Most cheap spammers are not identified by ip but by using the cheap proxies.
2) block requests with no accept language header ( I do this for all requests not just contact except for known/accepted bots, just 404 them)
Virtually all browsers and virtually no bot (except some chinese) set this. If it is not set and it is not an accepted bot, you do not want it.
3) use a form id post/session variable to prevent post submission bypassing the contact form.
Just a simple random id set and check with the session.
4) enforce contact form enquiry field key-strokes, submit button is disabled until a minimum number of characters are typed (not pasted), makes human spam-farm's life miserable as their game is speed so they don't type but paste the entire enquiry and hit submit.
5) validate enquiry field on known spammer keywords like:
:// (no spam is complete without the odd hyperlink)
results
online
marketing
advertizing
advertising
blast
deal
opportunity
cashback
thousand
million
brand
click
unsubscribe
! (spammers love to use exclamation marks and I hate them anyway)
These keywords you would have to adjust to fit your line of business, i.e. what kind of keywords do spammers use which would rarely be used by your potential customers but :// and ! are a dead giveaway it's a spammer (or very annoying customer).
Crystal Light Centrum Taiwan
Extensions: MailQueue | SUKHR | VBoces
“Data security is paramount at [...], and we are committed to protecting the privacy of anyone who is associated with our [...]. We’ve made a lot of improvements and will continue to make them.”
When you know your life savings are gone.
Since I purchased this extension, I have not had any spam whatsoever (except spam fritters for lunch) a top-quality module recommended very easy to install as well
https://www.opencart.com/index.php?rout ... n_id=36312
I'm very glad to hear it indeedflog wrote: ↑Mon Dec 23, 2019 5:11 pmSince I purchased this extension, I have not had any spam whatsoever (except spam fritters for lunch) a top-quality module recommended very easy to install as well
https://www.opencart.com/index.php?rout ... n_id=36312
UK OpenCart Hosting | OpenCart Audits | OpenCart Support - please email info@antropy.co.uk