Tom S. Posted November 17, 2018 Posted November 17, 2018 I can see in my online users list a lot of guests (15+) coming from the same/similar IP. What do you guys think this might be? Should I be concerned? Should I block the IP? Has anyone come across this type of situation before? Any advice would be much appreciated.
AndyF Posted November 17, 2018 Posted November 17, 2018 https://whatismyipaddress.com/ip-lookup, amongst other tools. 🙂 Most of those appear to originate from France, I'd not (personally) be massively concerned about that unless it gets out of hand. Do you have a robots.txt present ? I'm thinking of something like a crawl-delay parameter here: User-agent: * crawl-delay: 30 (or 60 perhaps) its seconds I think some bots ignore it though, but it may help if you don't have one at all...
Ramsesx Posted November 17, 2018 Posted November 17, 2018 If they don't slow down my site I do no action. Some weeks ago there were bots causing heavy impact on my server load and I blocked the IP's in ACP. 2 hours ago, AndyF said: I'm thinking of something like a crawl-delay parameter here: Thanks for the suggestion, didn't know you can add delay parameters. I just read some sites regarding this and this can slow down site indexing if you have a lot of pages to index. And not all bots will follow this parameter.
AndyF Posted November 17, 2018 Posted November 17, 2018 57 minutes ago, Ramsesx said: And not all bots will follow this parameter. True. I think from memory GoogleBot does not (or did not) but that was quite a long time ago I looked. You'd need to use their webmaster tool set to introduce a delay to slow this one down although its not usually a cause of concern I found. 🙂
Mark H Posted November 19, 2018 Posted November 19, 2018 On 11/17/2018 at 6:46 AM, Tom S. said: I can see in my online users list a lot of guests (15+) coming from the same/similar IP. What do you guys think this might be? Should I be concerned? Should I block the IP? Has anyone come across this type of situation before? Any advice would be much appreciated. That block of IP's resolve to OVH hosting in France. Though interestingly, they show as being a block of "Failover IP's". Not certain what that phrase means, but personally I'd just block the range of 54.36.148.0 to 54.36.151.255 if that happens again. (It may be a rogue search engine.) In CIDR format that would be: 54.36.148.0/22
Tom S. Posted November 20, 2018 Author Posted November 20, 2018 On 11/19/2018 at 8:49 PM, Mark H said: In CIDR format that would be: 54.36.148.0/22 Can I use that format in the IPS ban filter for IP's?
Mark H Posted November 20, 2018 Posted November 20, 2018 I don't believe CIDR format can be used in the software ban settings, however you can use 4 separate entries with wildcards. 54.36.148.* 54.36.149.* 54.36.150.* 54.36.151.* But this really should be done on the server level, in the server Firewall, so that they don't even see a "You aren't permitted to visit" error. An .htaccess file can be used as well, but the firewall is preferred.
Tom S. Posted November 21, 2018 Author Posted November 21, 2018 Yes I did that in the end. Blocked them server side. Thanks.
Recommended Posts
Archived
This topic is now archived and is closed to further replies.