.htninja whitelisting IPs
-
Hi,
I use Cloudflare and I also integrated with Ezoic. I use Cloudflare firewall rules too.
In Cloudways I have a special setting for Cloudflare, to see user IP.I have two questions:
1)I have to white list many IPs from Ezoic, they’re not a range. Is there a limit to how many IP can be white listed in the .htninja file? Or any side effects?
2)This morning I received an alert from ninjafirewall from a login from IP that was not mine. However I logged in at the same hour. I think this might be an Ezoic IP, I don’t use their CDN, but I use their speed toll.
How can I avoid this?
Should I whitelist my own IP with the .htninja. ?Thanks in advance
The page I need help with: [log in to see the link]
-
Hi,
Thanks for your answer.
1) I had set up the .htninja for Ezoic with the code you gave me but doesn’t seem to work. Cloudways implemented X-Middleton for this purpose, besides that is not working, the consequence is that I cant block bots with X-Middleton in the user agent.
2) My Ezoic account have been paused due to invalid traffic. I don’t know which is the source of the invalid traffic. But they pointed that I have to ask support from Cloudways, however they become unresponsive now.
3) Cloudways Bot protection app is incompatible with Ezoic, so they recommend me to use Ninja firewall. I had enabled Full WAF mode.
I have Cloudflare firewall rules, and a few days ago I enabled Under Attack and Bot Fight. But wasn’t enough.
3) The only things I see:
3.1) errors in my error log, and I don’t know how to stop this kind of spam.
Ex:
[Thu Jan 14 12:23:45.633013 2021] [proxy_fcgi:error] [pid 32339:tid 140589848721152] [client 3.238.165.133:17040] AH01071: Got error 'PHP message: Error Illegal mix of collations (utf8_general_ci,IMPLICIT) and (utf8mb4_unicode_520_ci,COERCIBLE) for operation 'like' de la base de datos de WordPress para la consulta SELECT SQL_CALC_FOUND_ROWS ar3_2_posts.ID FROM ar3_2_posts WHERE 1=1 AND (((ar3_2_posts.post_title LIKE '% Billige viagra original kaufen schweiz.\xf0\x9f\x8d\xbe\xf0\x9f\x90\xb8 www.DoctorFox.store \xf0\x9f\x90\xb8\xf0\x9f\x8d\xbe Billig glucophage 500 ohne rezept kaufen.%') OR (ar3_2_posts.post_excerpt LIKE '% Billige viagra original kaufen schweiz.\xf0\x9f\x8d\xbe\xf0\x9f\x90\xb8 www.DoctorFox.store \xf0\x9f\x90\xb8\xf0\x9f\x8d\xbe Billig glucophage 500 ohne rezept kaufen.%') OR (ar3_2_posts.post_content LIKE '% Billige viagra original kaufen schweiz.\xf0\x9f\x8d\xbe\xf0\x9f\x90\xb8 www.DoctorFox.store \xf0\x9f\x90\xb8\xf0\x9f\x8d\xbe Billig glucophage 500 ohne rezept kaufen.%'))) AND (ar3_2_posts.post_password = '') AND ar3_2_posts.post_type IN ('post', 'page', 'attachment') AND (ar3_2_posts.post_status = 'publish') ORDER BY (CASE WHEN ar3_2_posts.post_title LIKE '% Billige viagra original kaufen schweiz.\xf0\x9f\x8d\xbe\xf0\x9f\x90\xb8 www.DoctorFox.store \xf0\x9f\x90\xb8\xf0\x9f\x8d\xbe Billig g...'3.2) I see spam search from well-known bots:
216.244.66.241 - - [14/Jan/2021:12:09:32 +0000] "GET /es/?s= %20apotek%20online%20kodein%F0%9F%A7%B8%F0%9F%8E%8F%20www.Ma yoClinic.store%20%F0%9F%8E%8F%F0%9F%A7%B8%20viagra%20piller% 20uden%20recept%20best%C3%A4ll%20viagra%20p%C3%A5%20n%C3%A4t et HTTP/1.1" 200 12426 "-" "Mozilla/5.0 (compatible; DotBot/ 1.1; http://www.opensiteexplorer.org/dotbot, [email protected]) X -Middleton/1"Can you enlighten me?
I am struggling I fill that I am hunting in the dark
Your help will be greatly appreciated.
The topic ‘.htninja whitelisting IPs’ is closed to new replies.
