vBulletin Mods

The Official vBulletin Modifications Site
https://www.vbulletin.org/forum/showthread.php?t=325551

How can I block traffic FROM Amazon Technologies
by the one
28 Aug 2017 08:57

I am aware that Amazon now make available a complete list of their IP address blocks in JSON format here https://ip-ranges.amazonaws.com/ip-ranges.json


I have been told that you can use that to create rules to block all of those addresses.Now i am not really any good at this so this is my question.

What would i do with that would i copy it and add it in my CSF in WHM and if so can someone tell me where i put that or how do i create the rules block.

Many thanks.

Malc

Simon Lloyd 28 Aug 2017 11:50

You could ban their useragent string using this https://www.vbulletin.org/forum/showthread.php?t=268208 or Ban IPs using this https://www.vbulletin.org/forum/showthread.php?t=268147 no rules needed :)

the one 29 Aug 2017 07:10

I dont fancy banning the ip individually that would take forever and i would do that at the server end.:)

I also have that plugin for bots installed on my forum and it bans most bots but for some reason it does not work on amazonaws.

Anyway thanks for the advice.I did do a thread here https://www.vbulletin.org/forum/showthread.php?t=323511 but only a few work arounds

cheers

Simon Lloyd 29 Aug 2017 07:25

The bot blocker does do the Amazonaws but you need to find the correct useragent, so you'd need to block amazonaws.com, ia_archiver, alexa.com (unless you use Alexa for your web analysis), softlayer.com, scaleway.com and there are a few more, but the best way is to view your Who's Online page with useragent showing and copy the amazonaws strings in to the list in the mod then they are gone forever :)

--------------- Added 29 Aug 2017 at 07:33 ---------------

As an added, use the tools I provide links to in the ban spider mod page and analyse the user agent string as it may turn out that that they have other associated and the one displaying is just a fašade.

the one 29 Aug 2017 18:56

Thanks simon so if i see this

ec2-52-89-87-158.us-west-2.compute.amazonaws.com

Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2228.0 Safari/537.36


Do i put this Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2228.0 Safari/537.36 in the ban spider

Many thanks

Simon Lloyd 30 Aug 2017 17:56

Yes exactly that, you have to remember that Amazonaws isn't actually amazon but just rented space to others by them.

This part ec2-52-89-87-158.us-west-2.compute.amazonaws.com is just what the IP address resolves to and you see it as admin.

Hope that helps :)

the one 02 Sep 2017 12:56

Quote:

Originally Posted by Simon Lloyd (Post 2589667)
Yes exactly that, you have to remember that Amazonaws isn't actually amazon but just rented space to others by them.

This part ec2-52-89-87-158.us-west-2.compute.amazonaws.com is just what the IP address resolves to and you see it as admin.

Hope that helps :)

Thanks buddy

So this agent Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2228.0 Safari/537.36

If i put that in the ban list it wont stop normal members viewing the forum.

Cheers once again

Dave 02 Sep 2017 13:24

People who still use version 41.0.2228.0 of Chrome will not be able to use the forum if you ban that useragent.
It's very unlikely people still use that version since we're at version 60 now though.

Stratis 06 Sep 2017 16:50

This I use in a file .htaccess


Block Disabled:      (Update License Status)  
Suspended or Unlicensed Members Cannot View Code.

When I see some new IP, I put that in the file. I have many months to see them again.

Simon Lloyd 07 Sep 2017 18:00

Quote:

Originally Posted by Dave (Post 2589697)
People who still use version 41.0.2228.0 of Chrome will not be able to use the forum if you ban that useragent.
It's very unlikely people still use that version since we're at version 60 now though.

Hi Dave, it wont ban just that version of Chrome, it will only ban any user with that entire user agent string, so no worries if there are some dinosaurs still using that version of Chrome :)

--------------- Added 07 Sep 2017 at 18:01 ---------------

Quote:

Originally Posted by Stratis (Post 2589768)
This I use in a file .htaccess


Block Disabled:      (Update License Status)  
Suspended or Unlicensed Members Cannot View Code.

When I see some new IP, I put that in the file. I have many months to see them again.

You shouldn't have a large .htaccess file as it can lead to a greater use of resources which in turn could slow the experience for real users.

--------------- Added 07 Sep 2017 at 18:02 ---------------

Quote:

Originally Posted by the one (Post 2589696)
Thanks buddy

So this agent Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2228.0 Safari/537.36

If i put that in the ban list it wont stop normal members viewing the forum.

Cheers once again

No it wont, it will prevent users that have that exact user agent string (which appears to be a modified one) from entering your site.

Stratis 08 Sep 2017 08:12

Quote:

Originally Posted by Simon Lloyd
You shouldn't have a large .htaccess file as it can lead to a greater use of resources which in turn could slow the experience for real users.

Here is a small point, it is better stopping all of them that actually take more resources when they are in my site. Thanks


All times are GMT. The time now is 18:57.

Powered by vBulletin® Version 3.8.14
Copyright © 2021, MH Sub I, LLC dba vBulletin. All Rights Reserved. vBulletin® is a registered trademark of MH Sub I, LLC
Copyright ©2001 - , vbulletin.org. All rights reserved.