if you want to ban IP's completely from your forum and you use apache.

Edit your current .htaccess or create one and place the following in it.

Deny from 1.2.3.4

Just had a bot myself -- 49 guests at once -- couldn't tell where it's from. [b]But, I have a question: can I ban "66.196.72" to ban all of the below through the .htaccess, similar to how the admin cp will let me ban registrations from truncated IP addresses?

66.196.72.47
66.196.72.51
66.196.72.73
66.196.72.66
66.196.72.49
66.196.72.67
66.196.72.43
66.196.72.100
66.196.72.35
66.196.72.44
66.196.72.86
64.140.49.68
66.196.72.39
66.196.72.51
66.196.72.48
66.196.72.61
66.196.72.41
66.196.72.59
66.196.72.33
66.196.72.71
66.196.72.37
66.196.72.72
66.196.72.58
66.196.72.32
66.196.72.42

That's Inktomi, better not ban that! ;)

Umm...

Inktomi is a search-engine spider, and it's a good bot.

I'll take your word for it. I just hope it doesn't add too many queries... we're a small site for school teachers and students, mostly within one state, to visit. We really don't need to be searched so intensively.

http://www.vbulletin.org/forum/showthread.php?s=&threadid=55092

wow just done a search on google and found this thread.

it just so happens that a guest is using a program through Inktomi Spider
to try and overload the server. had to put the cookie level on 60 seconds until
this idiot goes away.

That's a search engine bot. It's normal. If you don't want search engines indexing your set, then use robots.txt to stop them.

i know for a fact this hacker is using this program to try and overload the server, he has been going for the last 16 hours.
im unsure what text to write or where to put it to stop the Inktomi Spider

i know for a fact this hacker is using this program to try and overload the server, he has been going for the last 16 hours.
im unsure what text to write or where to put it to stop the Inktomi Spider
You could temporally block all spiders...

create robots.txt and add:

User-agent: *
Disallow: /

You could temporally block all spiders...

create robots.txt and add:

User-agent: *
Disallow: /

hey man thanks.

just is there away to stop Inktomi Spider from my site?

like i know i have to make a text file and upload to my forum root?

but im unsure of the spot on code?

is that it? User-agent: *
Disallow: /
i put the above in a text file and upload?
thats it?
thx

I'm 99% sure inktomi spider is slurp. so.

to block inktomi alone use:

User-agent: Slurp
Disallow: /

However. He may try other spiders I don't know.

thanks man cheers.

He can fake the user-agent but he can't fake the IP. I fail to see how you cuold know it's a hacker. I once had 127 inktomi spider instances on my forums last year. I've heard stories of far higher too.

He can fake the user-agent but he can't fake the IP. I fail to see how you cuold know it's a hacker. I once had 127 inktomi spider instances on my forums last year. I've heard stories of far higher too.


Well since Inktomi was purchased by Yahoo! and all the spiders were renamed, Yahoo! Slurp. You shouldn't be seeing Inktomi spiders anymore.

Well since Inktomi was purchased by Yahoo! and all the spiders were renamed, Yahoo! Slurp. You shouldn't be seeing Inktomi spiders anymore.

Just googled and that was in 2002 too. Maybe it wasn't a year ago then! Time flies :(

I don't think they finished the renaming of the spiders until 2006. For a long time they kept Inktomi as an independent search indexing subsidiary.

He can fake the user-agent but he can't fake the IP. I fail to see how you cuold know it's a hacker. I once had 127 inktomi spider instances on my forums last year. I've heard stories of far higher too.

lol its pretty easy to know when the hacker writes this at chat-avenue.com

sorry guise @ suspended
just had to do it, couldn't resist

he used the bot and programed it to view the member list, and then over loaded the server by putting hundreds and hundreds of guests viewing that location (member list).
he got converseboards.com suspended for 10 hours.
since i have had my boards up over 2 years i have never seen a inktomi spider, but suddenly it appears on whos online viewing the member list with the other 100's of guests with the same ip.
also this Justin from chat-avenue.com has hacked chat-avenue.com, my board and c/b and many others. after he hacks a board he goes and laughs about it at chat-avenue.com
chat-avenue.com cannot banned him because when he gets banned he hacks the place.
would you like me to said him your way? :D


I'm 99% sure inktomi spider is slurp. so.

to block inktomi alone use:

User-agent: Slurp
Disallow: /

However. He may try other spiders I don't know.

damn man this did not work.

His only viewing member list?

if so... try:

change robots.txt to:

(Presuming your board is in root directory if not, change the location to your vb default directory, were index.php is sitting on it's proud kingdom chair)

User-agent: *
Disallow: /memberlist.php

ok thanks i'll try that, whats with the vista spiders i have never seen them?

edit: to late the idiot just over loaded the server again, using inktomi bot. grrrr

Why can't you ban his IP using iptables?

Why can't you ban his IP using iptables?

the guy is using AltaVista Spider and Inktomi Spider with 100's of different ip's :confused: and his at it again today :rolleyes: 500 error.

the guy is using AltaVista Spider and Inktomi Spider with 100's of different ip's :confused: and his at it again today :rolleyes: 500 error.
You need to talk to your host then. The only way to stop this is at a higher router level where there is more bandwidth. By the time the DDOS attack gets to your server, its too late to stop. You can do web searches on fighting DDOS attacks and preventing them in the future.

thanks Wayne (http://www.vbulletin.com/forum/member.php?u=868), ill try that.