Results 1 to 17 of 17
  1. #1
    Member
    Join Date
    January 18th, 2005
    Posts
    155
    Bandwidth Eater hitting on GC links - FYI
    If you're using the PHP code, check your Bandwidth every so often - there was a "Host" going through only my GC links this month, hitting them by seconds and I've had to increase the bandwidth on that site to 6 gigs to keep from going over my limit. I've got the IP number somewhere on my Notepad - will go find it if anyone wants it - and was finally able to end this by putting it in the IP Deny Manager in cPanel. (didn't know that existed before).

    You all probably know that you can find these culprits by going into "latest visitors" in cPanel. But maybe someone here doesn't know that so I'm writing this for them.

    I never knew just how much I didn't know until all these problems with scammers and spammers popped up for me!

    Krin

  2. #2
    Member
    Join Date
    August 4th, 2007
    Posts
    108
    Exclamation
    doesnt' your isp have the capability to ban the ip??, hell I can do it on my little buffalo router at home

  3. #3
    ABW Ambassador flamingoworld's Avatar
    Join Date
    January 18th, 2005
    Posts
    5,208
    Quote Originally Posted by bigsite
    doesnt' your isp have the capability to ban the ip??, hell I can do it on my little buffalo router at home
    ban it on your isp all you want, it won't help your website any. You can't ban an ip on your website from your router at home unless your site is hosted on a computer in your home.

  4. #4
    Member
    Join Date
    January 18th, 2005
    Posts
    155
    Thank you Connie .. I wondered how I was going to answer that one.

  5. #5
    ABW Ambassador Caseyfern's Avatar
    Join Date
    May 18th, 2007
    Location
    Yes, sadly I'm in California
    Posts
    518
    I used GC extensively until a similar attack last year. Since I wasn't able to find a CURL version of their PHP, I had to back out of using GC. If there were a CURL version, I'd definitely use it for the coupons side of my site.

  6. #6
    notary sojac Herb ԿԬ's Avatar
    Join Date
    January 18th, 2005
    Location
    Central/Western NY State
    Posts
    7,741
    Lightbulb
    Quote Originally Posted by Caseyfern
    I used GC extensively until a similar attack last year. Since I wasn't able to find a CURL version of their PHP, I had to back out of using GC. If there were a CURL version, I'd definitely use it for the coupons side of my site.
    I have a curl version, not sure it is exactly what you want as far as avoiding attacks, though. This is courtesy of Oscar, an ABW member. Substitute the SID given in GC's PHP code for the xxxxx. Hope this helps.

    <?php

    $URL = "http://si.goldencan.com/GetData.aspx?SID=xxxxx";

    $PageURL = urlencode($_SERVER['SCRIPT_NAME'].'?'.$_SERVER['QUERY_STRING']);

    $IPAddress = urlencode($_SERVER['REMOTE_ADDR']);

    $UserAgent = urlencode($_SERVER['HTTP_USER_AGENT']);

    $goldencanurl=$URL.'&PageURL='.$PageURL.'&IPAddress='.$IPAddress.'&UserAgent='.$UserAgent;

    // create a new CURL resource

    $ch = curl_init();

    // set URL and other appropriate options

    curl_setopt($ch, CURLOPT_URL, "$goldencanurl");

    curl_setopt($ch, CURLOPT_HEADER, false);

    // grab URL and pass it to the browser

    curl_exec($ch);

    // close CURL resource, and free up system resources

    curl_close($ch);

    ?>


  7. #7
    ABW Ambassador Caseyfern's Avatar
    Join Date
    May 18th, 2007
    Location
    Yes, sadly I'm in California
    Posts
    518
    Thanks!! Will this work with the coupons thing? I'm pretty close to brainless when it comes to PHP. I inserted the SID as directed, but it comes up blank.

  8. #8
    notary sojac Herb ԿԬ's Avatar
    Join Date
    January 18th, 2005
    Location
    Central/Western NY State
    Posts
    7,741
    I don't know, as I use the javascript version for GC's coupons/price drops.

    I notice GC gives a .php version of the coupons; have you tried it by itself on a page?

  9. #9
    ABW Ambassador Caseyfern's Avatar
    Join Date
    May 18th, 2007
    Location
    Yes, sadly I'm in California
    Posts
    518
    Yes, I've tried it, but since we have to block certain types of PHP since the big server crisis, nothing shows up.

  10. #10
    notary sojac Herb ԿԬ's Avatar
    Join Date
    January 18th, 2005
    Location
    Central/Western NY State
    Posts
    7,741
    Lightbulb
    I used the example code for a while, but eventually opened up my servers a little. Haven't had a problem. yet.

  11. #11
    notary sojac Herb ԿԬ's Avatar
    Join Date
    January 18th, 2005
    Location
    Central/Western NY State
    Posts
    7,741
    all I know is if I try to put two instances of the .php code on a page only one might show.

  12. #12
    ABW Ambassador Boom or Bust's Avatar
    Join Date
    February 3rd, 2008
    Posts
    3,955
    How about this...
    If your pages are PHP or ASP (or any other server side script language for that matter), how about putting a bit of code at the top of every page that retrieves the session IP address and compares it to a black list of IPs. If it gets a match, either respond with a blank page or redirect to a blank or non-existent page? That would stop a crawling bot in it's tracks with no where to go or give it a very small (low bandwidth) page.
    Once set up you would have to monitor the bot IPs coming in. They usually use blocks of IPs and blocking everything matching just the two high order octets may be enough to keep them out. I believe there are lists of bot IP addresses out on the net too.



    X

  13. #13
    Member
    Join Date
    January 18th, 2005
    Posts
    155
    Quote Originally Posted by Caseyfern
    Thanks!! Will this work with the coupons thing? I'm pretty close to brainless when it comes to PHP. I inserted the SID as directed, but it comes up blank.
    Casey - I had a problem too and finally emailed my host (midphase) and they gave me a little two-line file to FTP onto every directory of my sites that had GC coupons. file name is
    php.ini

    You HAVE to get it from the Host because it evidently gets initiated on the actual php.ini file they alone have access to! I'm guessing that.

    I had seen someone else post here that you have to email your host and it can be easily taken care of, and it was. All the help given above turns me into a tailspin because I'm PHP brainless too.
    Karin
    (PS - Do you think PopShops will get the Coupon feeds some day? )

  14. #14
    ABW Ambassador Caseyfern's Avatar
    Join Date
    May 18th, 2007
    Location
    Yes, sadly I'm in California
    Posts
    518
    All great ideas, folks, and thank you so much for taking time to give me some ideas. And I agree, if PopShops gets coupon feeds, I will be ascending one more cloud toward seventh heaven. I'm already a complete and total PopShops addict, evangelist, fan and follower.

    I'll call my ISP tomorrow and see if the php.ini is something they do or something I have to do since I own the server. Thanks again!

  15. #15
    Member
    Join Date
    January 18th, 2005
    Posts
    155
    I'll bet they are a fan of You Too, Casey - your site must be a great sales lady for them! I've gone there often and wondered "How'd She Do That!".
    Maybe you'll have a talk with them about doing it one of these days.

  16. #16
    Member
    Join Date
    January 18th, 2005
    Posts
    155
    Here's the IP address of the Eater
    84.32.87.250 - It's not a Robot but comes from a very large, legitimate-looking site in Amsterdam that has to do with Databases. Almost as if someone's trying to harvest GoldenCan's database, but that's dumb of me to say because they could join GC and get their own. I got the domain name from
    arinnet dot net /whois/ -

    Anyone interested can go there and pop 84.32.87.250 into the space there.
    I'm afraid to name the name here - I'm paranoid or something?

    It only goes to GC links that are like this -
    .../directory/pagename.html?gc&gc&gc&gc&gc&gc&gc&gc&gc&gc&gc&gc& (sometimes even longer with the gc&gc and then ending in a letter or two)
    Not my regular pages or a different type of GC link without the gc&gc's in it.

    I used the IP Deny Manager in Cpanel, it stopped it cold, my bandwidth usage is down to less than 2 gigs ............ etc., etc., etc.

    Karin

  17. #17
    ABW Ambassador Caseyfern's Avatar
    Join Date
    May 18th, 2007
    Location
    Yes, sadly I'm in California
    Posts
    518
    Quote Originally Posted by KariBon
    I'll bet they are a fan of You Too, Casey - your site must be a great sales lady for them! I've gone there often and wondered "How'd She Do That!".
    Maybe you'll have a talk with them about doing it one of these days.
    LOL - As Jessie will attest, I talk to PopShops a Lot - sometimes probably too much for their tastes, always begging for more little things (and quite often getting them rapidly). And thank you for the great compliment

  18. Newsletter Signup

+ Reply to Thread

Similar Threads

  1. Bandwidth exceeded on links?
    By baygrafix in forum ShareASale - SAS
    Replies: 5
    Last Post: September 2nd, 2009, 05:37 AM
  2. FYI - Trouble with Generated Links
    By lansing in forum Commission Junction - CJ
    Replies: 2
    Last Post: May 8th, 2008, 03:33 PM
  3. Who is hitting my site?
    By joebaracco in forum Search Engine Optimization
    Replies: 6
    Last Post: June 23rd, 2002, 06:40 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •