PHP-Web-Stat Support Forum
https://www.php-web-statistik.de/cgi-bin/yabb/YaBB.pl
Board (English) >> English board >> I have add some php lines in pws.php
https://www.php-web-statistik.de/cgi-bin/yabb/YaBB.pl?num=1705955753

Beitrag begonnen von Sandro kensan am 22.01.24 um 21:35:53

Titel: I have add some php lines in pws.php
Beitrag von Sandro kensan am 22.01.24 um 21:35:53
I suspect that there are bots that do not identify themselves as such, particularly from China. Since I assume that from TLDs other than my country (.it) with an empty referer I have almost zero access and instead the bots are maximally present, I inserted these lines of code in pws.php after
"// country detection":


Code (php):
if ( $js_referer == "" && $country <> "it") {
  $domain_name = trim(gethostbyaddr($ip_address));
  file_put_contents("bot.txt", date("H:i:s d/m/Y",$time_stamp)." * ".$ip_address." * ".$country." *".$js_referer."* $domain_name\n", FILE_APPEND);
  exit;
}


I am a first-time experimenter but in one day I found these entries: 8-)

06:36:46 22/01/2024 * 123.249.yy.xx * cn ** ecs-123-249-yy-xx.compute.hwclouds-dns.com
10:32:40 22/01/2024 * 111.7.yy.xx * cn ** 111.7.yy.xx


I suppose they are SPAM or bot and with the payed plug-in I suppose I can check it in a better way.

Titel: Re: I have add some php lines in pws.php
Beitrag von Reimar am 23.01.24 um 09:41:43
Good work ! Thanks for these lines !

You can also block whole countries if you are interested.
Normally there is a ".htaccess" file within your webserver root directory.
You can also edit this file and include the blocking lines.

Have a look at this: https://www.ip2location.com/free/visitor-blocker

Just scroll down, enter the countries you want to block, choose Apache 2.4 htaccess and click download. The generated text file you can copy paste within your htaccess file.



Titel: Re: I have add some php lines in pws.php
Beitrag von Sandro kensan am 24.01.24 um 13:02:45

Reimar schrieb am 23.01.24 um 09:41:43:
Good work ! Thanks for these lines !

You can also block whole countries if you are interested.


No, blocking entire countries is not in my principles. I know that there are webmasters or service operators who receive a lot of spam or have a lot of harvesters from China or other countries, but blocking entire countries is not in my line. There are many visitors coming from all over the world, including China.

Instead I am incorporating a different approach that I am experimenting with these days, I copy the code:


Code (php):
####################################################################
### edit to avoid spam
####################################################################

function honeypot($ip, $referer, $country, $time_stamp){
    // key for SPAM service honeypot https://www.projecthoneypot.org
    $access_key = "abcdefghilmnop";
    $file = "bot_SPAM.txt";
    $domain_name = trim(gethostbyaddr($ip));
    $date = date("H:i:s d/m/Y",$time_stamp);

    // invert IP
    $reversed_ip = implode('.', array_reverse(explode('.', $ip)));

    // do query DNS
    $query = $access_key . "." . $reversed_ip . ".dnsbl.httpbl.org";

    // execute query DNS
    $response = gethostbyname($query);

    // check if IP is legit
    if ($response != $query) {
      // IP not legit
      // analyze the type of threat
      $response_array = explode('.', $response); //127.x.y.z

      // must be 127
      $version = $response_array[0];
      if ($version <> 127){
        //same thing is wrong in answer of honeypot server
        return;
      }

      // The second octet indicates the number of days since the IP was last seen
      $days = $response_array[1];

      // The third octet indicates the IP threat score (0 to 255)
      $threat = $response_array[2];

      // The fourth octet indicates the type of visitor (bitwise)
      $type = $response_array[3];

      // Define constants for visitor types
      define('SEARCH_ENGINE', 0);
      define('SUSPICIOUS', 1);
      define('HARVESTER', 2);
      define('COMMENT_SPAMMER', 4);
      $visitatore = ""; //type of visitor
      // Check if the visitor is a search engine
      if ($type == SEARCH_ENGINE) {
        echo "Il visitatore č un motore di ricerca.";
        $visitatore .= "SEARCH_ENGINE ";
      }

      // Check if the visitor is suspicious
      if ($type & SUSPICIOUS) {
        echo "Il visitatore č sospetto.";
        $visitatore .= "SUSPICIOUS ";
      }

      // Check if the visitor is a harvester
      if ($type & HARVESTER) {
        echo "Il visitatore č un harvester.";
        $visitatore .= "HARVESTER ";
      }

      // Check if the visitor is a comment spammer
      if ($type & COMMENT_SPAMMER) {
        echo "Il visitatore č un comment spammer.";
        $visitatore .= "COMMENT_SPAMMER ";
      }
      file_put_contents($file, $date ." * ". $visitatore ."* ". $ip ." * ". $country ." *". $referer ."* $domain_name\n", FILE_APPEND);
      exit;
    }
    else {
      // The response is invalid, meaning that the IP is not present in the database
      echo "The visitor is not in the Project Honey Pot database.";
      // IP probably legitimate, from a legal user
      return;
    }
}


Titel: Re: I have add some php lines in pws.php
Beitrag von Reimar am 25.01.24 um 20:56:54
Nice approach ! Thanks for this ! Maybe we can use this too.

PHP-Web-Stat Support Forum » Powered by YaBB 2.5.2!
YaBB Forum Software © 2000-2012. Alle Rechte vorbehalten.