Trade Expert Support Forum

http://forum.tradeexpert.net/viewtopic.php?f=2&t=460

Same auto hitbot shit that this guy experienced. From the same ip ranges as well. Cyber-Wurx netblock.

I have him blocked in htaccess as well as a custom php protection script I use and yet his clicks still show up in the click report for no-cookie traffic.

Here are his ip blocks and some referrer info which I use in htaccess:

69.61.28.64/27
69.61.40.64/27
69.61.110.0/24

RewriteEngine on
RewriteCond %{HTTP_REFERER} freeupsex\.com [NC,OR]
RewriteCond %{HTTP_REFERER} flipgirls\.net [NC,OR]
RewriteCond %{HTTP_REFERER} shellyporn\.com [NC]
RewriteRule .* http://%{REMOTE_ADDR}/ [F,L]

Hello,

please send me te3 login details on PM so i can check it out.

Best regards,
Rock

Yeah figured out what this little prick is doing is hitting (out.php) directly without loading the main sites index page. So it shows up in te3 stats in nocoookie traffic as:

/te3/out.php?l=

Got shitloads of them. I thought in te3's htaccess you have these rules:

##TE3-ALLOWED-START##
RewriteEngine On
RewriteCond %{REQUEST_URI} !/in.php
RewriteCond %{REQUEST_URI} !/out.php
RewriteCond %{REQUEST_URI} !/cron.php
RewriteCond %{REQUEST_URI} !/rlogin.php
RewriteCond %{REQUEST_URI} !/signup.php
RewriteCond %{REQUEST_URI} !/securityimage.php
RewriteCond %{REQUEST_URI} !/webmaster_stats.php
RewriteCond %{REQUEST_URI} !/toplist/*
RewriteCond %{REQUEST_URI} !/thumbs/*
RewriteCond %{REMOTE_ADDR} !^xx\.xxx\.xxx\.xxx
RewriteRule ^.*$ - [R=403,L,NC]
##TE3-ALLOWED-END##

Should that not stop anyone from loading out.php directly, unless they come from your own site's ip?

Anyways, I pm'd you the login details.

I really hate these kinds of site leachers.......sigh.

Hi, camdoughcat.

Regarding TE3's htaccess: it is primarily intended to protect your admin interface.

The simplest way to solve your problem is to add him to your IP block list. Since his IP is changing, you should add him as IP blocks (69.61.110., 69.61.28., etc.). TE3 will then count him under system trade "blocked" and send him to the URL, specified in Outgoing redirections.

Rock

Ok this idiot just will not give up. His host is of zero help either as they do not reply to abuse complaints.

Same thing still, hitting /te3/out.php?l= directly (faking the referrer field as well). I have his ip ranges blocked in the sites root htaccess but because of the following htaccess inside the /te3/ directory the main one gets overridden and he is still able to load " /te3/out.php?l= "

##TE3-ALLOWED-START##
RewriteEngine On
RewriteCond %{REQUEST_URI} !/in.php
RewriteCond %{REQUEST_URI} !/out.php
RewriteCond %{REQUEST_URI} !/cron.php
RewriteCond %{REQUEST_URI} !/toplist/*
RewriteCond %{REQUEST_URI} !/thumbs/*
RewriteCond %{REMOTE_ADDR} !^xx\.xx\.xxx\.xxx
RewriteCond %{REMOTE_ADDR} !^xx\.xx\.xxx\.xx
RewriteRule ^.*$ - [R=403,L,NC]
##TE3-ALLOWED-END##

Yes I have him set in TE3 to be counted as blocked traffic and send his hits to a url I choose but the point is - I want this prick off my site completely since it is obviously just fake traffic. My question is how do I modify the htaccess file in /te3/ to accomplish this?

No additional ideas on this guys???

Hello again.

Banninig IP ranges is a little tricky - you could also block legitimate users from visiting your website. You could alternatively keep his ranges on your IP blocklist, and exclude 'blocked' traffic from your Total summary stats.

If you do want to block him from your webpage completely, add his IP ranges to .htaccess file inside /te3/ directory. Place them outside TE3 comments, like this:
Let me know if it works,
Rock