IT Blog

  • Blog
  • Technology
    • Technology
    • Architecture
    • CMS
    • CRM
    • Web
    • DotNET
    • Python
    • Database
    • BI
    • Program Language
  • Users
    • Login
    • Register
    • Forgot Password?
  • ENEN
    • 中文中文
    • ENEN
Security
Security

How to block bad bots in Appache server

Nowadays more and more web crawlers visit a website, some are good for you, such as google search engine, they respect robots.txt protocol. But some of them have bad behavior that has negatively impact to your site. How to block the bad bots These crawlers are called bot. A bot is a software program that operates on the Internet and performs repetitive tasks. While some bot traffic is from good bots, bad bots can have a huge negative impact on a website or application. So we want to block those bad bots from visiting our site. Normally, we can set rule in robots.txt file, but the bad bots do not respect these rules. So setting up robots.txt file is only for good bots. To be sure the bad bots are blocked, we have to use .htaccess file. Here are the steps: 1. find out the bot keyword from the user-agent from the log. 2. add the following script to the top of .htaccess file: a) set rewrite condition: It uses regular expression to match multiple user agents in one line. RewriteEngine On RewriteCond %{HTTP_USER_AGENT} "dataforseobot|Yandex|AhrefsBot|BLEXBot|SemrushBot" [NC] RewriteRule "^.*$" - [F,L] Or b) using SetEnvIf directives: SetEnvIfNoCase User-Agent "AhrefsBot" badbots SetEnvIfNoCase User-Agent "BLEXBot" badbots SetEnvIfNoCase User-Agent "SemrushBot" badbots SetEnvIfNoCase User-Agent "YandexBot" badbots SetEnvIfNoCase User-Agent "dataforseobot" badbots <Limit GET POST HEAD>  Order Allow,Deny  Deny from env=badbots </Limit> Both scripts are equiverant, just pick the one you like. By using the script above the page will return 403 (forbidden) to the bad bots. Test the effects Here's an example that uses chrome browser…

2022-01-06 0 Comments 500 Views 5 Like IT Team Read more
Security

Mixed Content warning: request an insecure element was automatically upgraded to HTTPS

After applied SSL settings to enforce HTTPS browser starts complaining "Mixed Content: ..." as the image shown bellow. "Mixed Content" warnings occur when an HTTPS page is asked to load a resource over HTTP. Insecure resources are vulnerable to alteration by an active attacker or eavesdropping by a passive attacker, which violates the user's expectation of security for an HTTPS page. Ref: Fixing mixed content for more information. Fix: Change all insured links with "http://" to "https://" on the page. This could a tough work and time consuming. The following is a hot fix, it works very well for me. Hot fix: Add meta content in html head section to allow browser automatically upgrade http to https, ensure loading contents through SSL layer. <meta http-equiv="Content-Security-Policy" content="upgrade-insecure-requests">  1,765 total views

2020-12-02 0 Comments 391 Views 1 Like IT Team Read more
Security

Removing WP-VCD malware

Yesterday, I was notified there were malicious activity from your website, a huge number of email spam messages is originating from it.211cn.ca. As a result the website was suspended as limited access, which only allow registered IP can access the website. When I logon, notification appeared on the panel. And my.siteground home Detail notification In the review panel I saw a list of files that contains malicious code. GEN|eval_base64decode|92ac7c84794de23675efab25846195ea|07/09/20| /home/hostlike/pubweb211/211it/blyuzewtpd.php GEN|eval_base64decode|92ac7c84794de23675efab25846195ea|07/09/20| /home/hostlike/pubweb211/211it/ndxwcecntb.php HEX|remote_content_includer_6|3480dcf23fdfa81ed608897c2680bb4a|11/09/20| /home/hostlike/pubweb211/211it/vckkmhpjam.php GEN|eval_base64decode|92ac7c84794de23675efab25846195ea|07/09/20| /home/hostlike/pubweb211/211it/lllriasktz.php GEN|eval_base64decode|b200c70d10b280b747353869008d8975|10/09/20| /home/hostlike/pubweb211/211it/guzzmmgqcc.php HEX|remote_content_includer_6|3480dcf23fdfa81ed608897c2680bb4a|07/09/20| /home/hostlike/pubweb211/211it/wp-content/plugins/wp-file-manager/lib/files/cmswprkgwt.php GEN|eval_base64decode|6d9dc920c3142026786fac9ef4a85b7f|07/09/20| /home/hostlike/pubweb211/211it/wp-content/plugins/wp-file-manager/lib/files/upmnzusqae.php HEX|remote_content_includer_6|3480dcf23fdfa81ed608897c2680bb4a|07/09/20| /home/hostlike/pubweb211/211it/wp-content/plugins/wp-file-manager/lib/files/awiotljzvb.php HEX|strrev_gzinflate_obfusc|69f9670e8743e996e97b271aa8570044|07/09/20| /home/hostlike/pubweb211/211it/wp-content/plugins/wp-file-manager/lib/files/rsixodaduj.php HEX|remote_content_includer_6|3480dcf23fdfa81ed608897c2680bb4a|07/09/20| /home/hostlike/pubweb211/211it/wp-content/plugins/wp-file-manager/lib/files/wcbwqrugyx.php HEX|remote_content_includer_6|3480dcf23fdfa81ed608897c2680bb4a|07/09/20| /home/hostlike/pubweb211/211it/wp-content/plugins/wp-file-manager/lib/files/zrjkkylnkr.php HEX|remote_content_includer_6|3480dcf23fdfa81ed608897c2680bb4a|07/09/20| /home/hostlike/pubweb211/211it/wp-content/plugins/wp-file-manager/lib/files/oqjfkoyenl.php HEX|strrev_gzinflate_obfusc|69f9670e8743e996e97b271aa8570044|07/09/20| /home/hostlike/pubweb211/211it/wp-content/plugins/wp-file-manager/lib/files/qbhdyxlhku.php HEX|strrev_gzinflate_obfusc|69f9670e8743e996e97b271aa8570044|07/09/20| /home/hostlike/pubweb211/211it/wp-content/plugins/wp-file-manager/lib/files/wgmtivragq.php HEX|remote_content_includer_6|3480dcf23fdfa81ed608897c2680bb4a|07/09/20| /home/hostlike/pubweb211/211it/wp-content/plugins/wp-file-manager/lib/files/hiqobbrcem.php HEX|strrev_gzinflate_obfusc|69f9670e8743e996e97b271aa8570044|07/09/20| /home/hostlike/pubweb211/211it/wp-content/plugins/wp-file-manager/lib/files/smkjoogdfw.php HEX|strrev_gzinflate_obfusc|69f9670e8743e996e97b271aa8570044|07/09/20| /home/hostlike/pubweb211/211it/wp-content/plugins/wp-file-manager/lib/files/mmnudpdxaj.php STR|wp_vcd_malware|8125436f73ec321255941993e83d4215|17/05/19| /home/hostlike/pubweb211/211it/wp-content/themes/apostrophe-2-wpcom/functions.php STR|wp_vcd_malware|3bd15df2ee78583e0e5249c20b004570|17/05/19| /home/hostlike/pubweb211/211it/wp-content/themes/twentynineteen/functions.php STR|wp_vcd_malware|89e770805bc10deaaed0bc2b5e5e2044|17/05/19| /home/hostlike/pubweb211/211it/wp-content/themes/apostrophe-2-wpcom-child/functions.php STR|wp_vcd_malware|3342254765f2895b7287d55206c4715a|30/12/19| /home/hostlike/pubweb211/211it/wp-content/themes/twentytwenty/functions.php STR|wp_vcd_malware|6a87f54f37ac47b27764d760559444fe|17/05/19| /home/hostlike/pubweb211/211it/wp-content/themes/twentyseventeen/functions.php HEX|remote_content_includer_6|3480dcf23fdfa81ed608897c2680bb4a|10/09/20| /home/hostlike/pubweb211/211it/hllyqgfyoo.php GEN|eval_base64decode|d2015c782da6ab8e637d8e6fe7318d06|11/09/20| /home/hostlike/pubweb211/211it/F0xAutoConfig/inthagame.php GEN|eval_base64decode|d2015c782da6ab8e637d8e6fe7318d06|22/02/18| /home/hostlike/pubweb211/211it/api/intrigantes.php HEX|remote_content_includer_6|3480dcf23fdfa81ed608897c2680bb4a|10/09/20| /home/hostlike/pubweb211/211it/jsilrrlpdj.php STR|wp_vcd_malware|6fc123ea0b9564867df8f3391206f05c|02/01/20| /home/hostlike/pubweb211/211it/wp-includes/post.php STR|wp_vcd_malware|6e618a387332c93c2f78e08f21c724d3|17/01/20| /home/hostlike/pubweb211/211it/wp-includes/wp-vcd.php HEX|js_url_slider|92ea63f479cf2a449af94368f951010f|06/09/20| /home/hostlike/pubweb211/211it/wp-includes/wp-tmp.php GEN|eval_base64decode|d2015c782da6ab8e637d8e6fe7318d06|17/05/19| /home/hostlike/pubweb211/211it/wp-snapshots/intro.php HEX|eval_gzinflate_b64d_0|8266b96d0ba86770c9f7edf62198a003|07/05/19| /home/hostlike/pubweb211/211it/pages/tk_desk.php HEX|eval_gzinflate_b64d_0|8266b96d0ba86770c9f7edf62198a003|22/02/18| /home/hostlike/pubweb211/211it/tools/tjsend.php GEN|eval_base64decode|d6a7b5db62bf7815a10a17cdf7ddbd4b|10/09/20| /home/hostlike/pubweb211/211it/dvflreeurs.php HEX|remote_content_includer_6|3480dcf23fdfa81ed608897c2680bb4a|07/09/20| /home/hostlike/pubweb211/211it/vynugoevjh.php WP-VCD malware is used to add an admin user, it hides in legitimate WordPress files. The initial version of this threat was uploaded via wp include file called wp-vcd.php. The malicious code is injected into Wordpress core files like functions.php, class.wp.php, post.php, and also injected into WordPress themes, including child theme. It was reported that WP-VCD malware is a malicious code that comes bundled with illegitimate versions of a paid theme/plugin. These pirated themes and plugins incorporate malicious scripts that get inserted once you install them. Once leaked to your website though a nulled theme, it starts spreading to infect other themes on your site and even proliferates to infect every unprotected site hosted on the shared server. If you’ll look for “Free [pugin…

2020-09-27 0 Comments 711 Views 1 Like IT Team Read more
Chinese (Simplified) Chinese (Simplified) Chinese (Traditional) Chinese (Traditional) English English French French German German Japanese Japanese Korean Korean Russian Russian
Newest Hotspots Random
Newest Hotspots Random
Rich editor not working Making web page scroll down automatically Getting data from Dapper result All Unicode Chars How to keep and display contact form 7 data Common Regular Expressions
Controlling posts order in plugin WP Tab Widget How to change copyright footer for Parallax-One theme Embed google map in a page Generating Test Data with SQL Scripts Fixing jQuery DataTables header non-responsive issue Getting data from Dapper result
Categories
  • Architecture
  • BI
  • C#
  • CSS
  • Database
  • DotNET
  • Hosting
  • HTML
  • JavaScript
  • PHP
  • Program Language
  • Python
  • Security
  • SEO
  • Technology
  • Web
  • Wordpress

COPYRIGHT © 2021 Hostlike IT Blog. All rights reserved.

This site is supported by Hostlike.com