Comment bloquer des spammeurs gràce à leur IP ?

Dax701 · 19 Février 2008

Bonjour à tous,

Je cherche un moyen de bloquer certains spammeurs en utlisant leurs adresses IP , on m'a indiqué d'utilisé un .htaccess comme ceci

<Limit GET>
order allow,deny
deny from 91.186.10.10
allow from all
</Limit>

Le problème est que le spammeur sévit sur un script qui est placé ici h**p://www.monsite.com/dossier-du-script , et que j'utilise déjà un htaccess pour la réécriture d'url dans ce dossier
Ma question est: ce système fonctionne-t-il si je place le htaccess à la racine ? Si la réponse est négative, alors quelqu'un pourait-il m'indiquer si cet exemple vous semble correct .

Code:

RewriteEngine on
RewriteBase /
# User-Agents with no privileges (mostly spambots/spybots/offline downloaders that ignore robots.txt)
RewriteCond %{REMOTE_ADDR} ^220\.181\.33\.225 [OR] #rude bot
RewriteCond %{REMOTE_ADDR} ^60\.28\.252\.77 [OR] #rude bot
RewriteCond %{REMOTE_ADDR} ^69\.31\.1\.154 [OR] #rude bot
RewriteCond %{REMOTE_ADDR} ^24\.86\.103\.176 [OR] #spammer
RewriteCond %{REMOTE_ADDR} ^81\.95\.146\.162 [OR] #spammer
RewriteCond %{REMOTE_ADDR} ^193\.252\.177\.186 [OR] #spammer
RewriteCond %{REMOTE_ADDR} "^63\.148\.99\.2(2[4-9]|[3-4][0-9]|5[0-5])$" [OR] # Cyveillance spybot
RewriteCond %{REMOTE_ADDR} ^12\.148\.196\.(12[8-9]|1[3-9][0-9]|2[0-4][0-9]|25[0-5])$ [OR] # NameProtect spybot
RewriteCond %{REMOTE_ADDR} ^12\.148\.209\.(19[2-9]|2[0-4][0-9]|25[0-5])$ [OR] # NameProtect spybot
RewriteCond %{REMOTE_ADDR} ^64\.140\.49\.6([6-9])$ [OR] # Turnitin spybot
RewriteCond %{HTTP_REFERER} iaea\.org [OR] # spambot
RewriteCond %{HTTP_REFERER} neopets\.com [OR] # referrer spam
RewriteCond %{HTTP_REFERER} spampoison\.com [OR] # looks exactly like a spambot
RewriteCond %{HTTP_REFERER} riaa\.com [OR] # some bot
RewriteCond %{HTTP_REFERER} cxa\.de [OR] # porn site
RewriteCond %{HTTP_REFERER} filthserver\.com [OR] # porn site
RewriteCond %{HTTP_REFERER} wastedpartygirls\.com [OR] # porn site
RewriteCond %{HTTP_REFERER} amateurxpass\.com [OR] # porn site
RewriteCond %{HTTP_REFERER} mature--young\.com [OR] # porn site
RewriteCond %{HTTP_REFERER} bloglisting\.com [OR] # porn site
RewriteCond %{HTTP_REFERER} nudecelebblogs\.com [OR] # porn site
RewriteCond %{HTTP_REFERER} sexrabbit\.de [OR] # porn site
RewriteCond %{HTTP_REFERER} busty2\.com [OR] # porn site
RewriteCond %{HTTP_REFERER} adult-models\.biz [OR] # porn site
RewriteCond %{HTTP_REFERER} freenudecelebrity\.net [OR] # porn site
RewriteCond %{HTTP_REFERER} limolimo\.net [OR] # dont know
RewriteCond %{HTTP_REFERER} shatteredreality\.net [OR] # spammer site
RewriteCond %{HTTP_USER_AGENT} ^[A-Z]+$ [OR] # spambot
RewriteCond %{HTTP_USER_AGENT} anarchie [NC,OR] # OD
RewriteCond %{HTTP_USER_AGENT} cherry.?picker [NC,OR] # spambot
RewriteCond %{HTTP_USER_AGENT} "compatible ; MSIE 6.0" [OR] # spambot (note extra space before semicolon)
RewriteCond %{HTTP_USER_AGENT} crescent [NC,OR] # OD
RewriteCond %{HTTP_USER_AGENT} "^DA \d\.\d+" [OR] # OD
RewriteCond %{HTTP_USER_AGENT} "DTS Agent" [OR] # OD
RewriteCond %{HTTP_USER_AGENT} "^Download" [OR] # OD
RewriteCond %{HTTP_USER_AGENT} EasyDL/\d\.\d+ [OR] # OD
RewriteCond %{HTTP_USER_AGENT} e?mail.?(collector|magnet|reaper|siphon| sweeper|harvest|collect|wolf) [NC,OR] # spambot
RewriteCond %{HTTP_USER_AGENT} express [NC,OR] # OD
RewriteCond %{HTTP_USER_AGENT} extractor [NC,OR] # OD
RewriteCond %{HTTP_USER_AGENT} "Fetch API Request" [OR] # OD
RewriteCond %{HTTP_USER_AGENT} flashget [NC,OR] # OD
RewriteCond %{HTTP_USER_AGENT} FlickBot [OR] # rude bot
RewriteCond %{HTTP_USER_AGENT} FrontPage [OR] # stupid user trying to edit my site
RewriteCond %{HTTP_USER_AGENT} getright [NC,OR] # OD
RewriteCond %{HTTP_USER_AGENT} go.?zilla [NC,OR] # OD
RewriteCond %{HTTP_USER_AGENT} "efp@gmx\.net" [OR] # rude bot
RewriteCond %{HTTP_USER_AGENT} grabber [NC,OR] # OD
RewriteCond %{HTTP_USER_AGENT} imagefetch [OR] # rude bot
RewriteCond %{HTTP_USER_AGENT} httrack [NC,OR] # OD
RewriteCond %{HTTP_USER_AGENT} "Indy Library" [OR] # spambot
RewriteCond %{HTTP_USER_AGENT} "^Internet Explore" [OR] # spambot
RewriteCond %{HTTP_USER_AGENT} ^IE\ \d\.\d\ Compatible.*Browser$ [OR] # spambot
RewriteCond %{HTTP_USER_AGENT} "LINKS ARoMATIZED" [OR] # rude bot
RewriteCond %{HTTP_USER_AGENT} "Microsoft URL Control" [OR] # spambot
RewriteCond %{HTTP_USER_AGENT} "mister pix" [NC,OR] # rude bot
RewriteCond %{HTTP_USER_AGENT} "^Mozilla/4.0$" [OR] # dumb bot
RewriteCond %{HTTP_USER_AGENT} "mister pix" [NC,OR] # rude bot
RewriteCond %{HTTP_USER_AGENT} "^Mozilla/4.0$" [OR] # dumb bot
RewriteCond %{HTTP_USER_AGENT} "^Mozilla/\?\?$" [OR] # formmail attacker
RewriteCond %{HTTP_USER_AGENT} MSIECrawler [OR] # IE's "make available offline" mode
RewriteCond %{HTTP_USER_AGENT} ^NG [OR] # unknown bot
RewriteCond %{HTTP_USER_AGENT} offline [NC,OR] # OD
RewriteCond %{HTTP_USER_AGENT} net.?(ants|mechanic|spider|vampire|zip) [NC,OR] # OD
RewriteCond %{HTTP_USER_AGENT} nicerspro [NC,OR] # spambot
RewriteCond %{HTTP_USER_AGENT} ninja [NC,OR] # Download Ninja OD
RewriteCond %{HTTP_USER_AGENT} NPBot [OR] # NameProtect spybot
RewriteCond %{HTTP_USER_AGENT} PersonaPilot [OR] # rude bot
RewriteCond %{HTTP_USER_AGENT} snagger [NC,OR] # OD
RewriteCond %{HTTP_USER_AGENT} Sqworm [OR] # rude bot
RewriteCond %{HTTP_USER_AGENT} SurveyBot [OR] # rude bot
RewriteCond %{HTTP_USER_AGENT} tele(port|soft) [NC,OR] # OD
RewriteCond %{HTTP_USER_AGENT} TurnitinBot [OR] # Turnitin spybot
RewriteCond %{HTTP_USER_AGENT} web.?(auto|bandit|collector|copier|devil|downloader|fetch|hook|mole| miner|mirror|reaper|sauger|sucker|site|snake|stripper|weasel|zip) [NC,OR] # ODs
RewriteCond %{HTTP_USER_AGENT} vayala [OR] # dumb bot, doesn't know how to follow links, generates lots of 404s
RewriteCond %{HTTP_USER_AGENT} zeus [NC,OR]
# Below are filtered requests (mostly virus and other security holes sniffers)
RewriteCond %{REQUEST_URI} formmail [NC,OR]
RewriteCond %{REQUEST_URI} _vti_bin [NC,OR]
RewriteCond %{REQUEST_URI} MSOffice [OR]
RewriteCond %{REQUEST_URI} mail.?(pl|cgi) [NC]
RewriteRule .* - [F,L]
RewriteRule abuse templates/scammers.html
RewriteRule ^([a-zA-Z0-9]*).html detail.php?siteid=$1
RewriteRule rally-cars-for-sale.php index.php?catid=1&set_add_ad_cat=
RewriteRule race-cars-for-sale.php index.php?catid=3&set_add_ad_cat=
RewriteRule trackday-cars-for-sale.php index.php?catid=5&set_add_ad_cat=
RewriteRule karts-for-sale.php index.php?catid=7&set_add_ad_cat=
RewriteRule trailers-for-sale.php index.php?catid=9&set_add_ad_cat=
RewriteRule uk-racing-circuits.php motorsportlocations.php?catid=1
RewriteRule drag-strips.php motorsportlocations.php?catid=4
RewriteRule uk-hillclimbs.php motorsportlocations.php?catid=5
RewriteRule uk-inactive-racing-circuits.php motorsportlocations.php?catid=8
RewriteRule indoor-kart-circuits.php motorsportlocations.php?catid=11
RewriteRule outdoor-kart-circuits.php motorsportlocations.php?catid=12
RewriteRule motor-racing-museums.php motorsportlocations.php?catid=7
RewriteRule oval-racing-circuits.php motorsportlocations.php?catid=3
RewriteRule rally-stages.php motorsportlocations.php?catid=10
RewriteRule speed-venues.php motorsportlocations.php?catid=6
RewriteRule street-circuits.php motorsportlocations.php?catid=2
RewriteRule trackday-airfields.php motorsportlocations.php?catid=9
RewriteRule dadson-kart-challenge.php motorsportlocations.php?seriesid=2
RewriteRule wscc-speed-series-venues.php motorsportlocations.php?seriesid=1

<Files *>
order deny,allow

#deny from 84.92.125.171

#nigerian spammer
deny from 213.185.106.24
deny from 213.185.106
#some dutch scammer
deny from 213.181.88.58
deny from 213.181.88
deny from 87.106.29.229
deny from 87.106.29

# Nigerian/African 419 Scammers IP addresses follow: deny from 12.166.96.32/27 41.220.64.0/20 41.223.248.0/22 61.11.230.112/29 62.56.128.0/17 62.56.235. 62.56.236. 62.56.244.0/22 62.56.248. 62.128.160.0/20 62.173.32.0/19 62.192.128.0/19 62.192.140.250 62.193.160.0/19 63.70.178. 63.73.58. 63.100.193. 63.103.138. 63.103.139.64/26 63.103.140.0/22 63.109.245.168/29 63.109.248.128/25 63.122.154. 64.14.48.128/26 64.110.30. 64.110.31. 64.110.64.16/28 64.110.76.0/23 64.110.81. 64.110.93.16/28 64.110.93.176/28 64.110.147. 65.209.91. 65.209.92. 66.18.64.0/19 66.110.31. 66.178.7.16/29 66.178.7.32/28 66.178.46.0/24 66.178.55. 66.178.62. 66.178.80.176/29 66.178.81.64/29 66.199.241.82 66.205.20. 80.87.64.0/19 80.88.128.0/20 80.88.129. 80.88.130. 80.88.131. 80.88.132.0/26 80.88.132.64/27 80.88.132.104/29 80.88.132.128/26 80.88.132.192/27 80.88.132.224/28 80.88.132.240/29 80.88.133.0/25 80.88.134.0/26 80.88.134.64/29 80.88.136. 80.88.137. 80.88.138.0/25 80.88.138.128/26 80.88.138.192/27 80.88.139.0/25 80.88.139.128/26 80.88.139.192/27 80.88.139.224/28 80.88.140. 80.88.141.0/25 80.88.141.128/27 80.88.142. 80.88.143.128/24 80.88.144.0/23 80.88.146. 80.88.147. 80.88.148. 80.88.149.0/25 80.88.149.128/26 80.88.149.192/28 80.88.150. 80.88.151. 80.88.152. 80.88.153. 80.88.154.32/27 80.88.154.72/29 80.88.154.80/29 80.88.154.96/28 80.88.155.0/25 80.88.155.128/27 80.88.155.160/29
deny from 80.78.18.88/29 80.78.18.96/27 80.78.18.128/29 80.179.102.0/24 80.179.107.64/27 80.179.107.224/29 80.179.128.0/17 80.231.4.0/23 80.247.136.0/24 80.247.137.0/24 80.247.141.32/27 80.247.141.64/26 80.247.141.128/25 80.247.142.0/24 80.247.147.16/28 80.247.147.32/29 80.247.147.64/27 80.247.147.96/28 80.247.151.0/24 80.247.153.0/24 80.247.156.0/26 80.247.156.128/28 80.247.157.0/24 80.247.159.0/24 80.248.0.0/20 80.248.64.0/23 80.248.70.0/20 80.248.64.0/20 80.250.32.0/20 80.255.40.48/28 80.255.40.96/29 80.255.40.112/28 80.255.40.128/28 80.255.40.192/28 80.255.40.224/27 80.255.40.240/28 80.255.43. 80.255.46.0/29 80.255.46.16/28 80.255.46.64/29 80.255.59.19 80.255.59.0/24 81.18.32.0/20 81.18.40.0/24 81.18.42.0/24 81.23.194.0/27 81.23.194.64/27 81.23.194.128/25 81.23.195.0/24 81.23.196.0/25 81.23.196.128/29 81.23.200.0/21 81.24.0.0/20 81.91.224.0/20 81.199.0.0/16 81.199.6.0/24 81.199.7.0/24 81.199.72.0/22 81.199.76.0/24 81.199.82.0/23 81.199.84.0/22 81.199.84. 81.199.85. 81.199.86. 81.199.87. 81.199.88. 81.199.89. 81.199.90.0/24 81.199.94.0/23 81.199.108.0/22 81.199.124.0/22 81.199.240.0/21 82.128.0.0/17 83.229.100.0/23 84.254.188.3 84.254.128.0/18
deny from 155.239.0.0/16 192.116.64.0/18 192.116.128.0/18 192.116.152.0/21 193.110.2.0/23 193.189.0.0/18 193.189.64.0/23 193.189.128. 193.219.192.0/18 193.220.0.0/16 193.220.26.0/24 193.220.30.0/26 193.220.30.64/27 193.220.31.0/26 193.220.31.64/27 193.220.45.0/25 193.220.47.0/25 193.220.77.0/26 193.220.187.0/26 193.220.187.128/27 195.8.22. 195.44.168.0/21 195.44.176.0/21 195.137.13. 195.137.14. 195.166.224.0/19 195.166.237.40 195.166. 195.219.176. 195.225.62.0/23 195.245.108.0/23 196.1.176.0/20 196.3.60.0/22 196.3.180.0/22 196.29.208.0/20 196.38.110.0/23 196.45.192.0/18 196.46.240.0/21 196.46.144.0/22 196.200.0.0/20 196.200.64.0/20 196.200.112.0/20 196.201.64.0/19 196.201.64.128/25 196.201.65.0/24 196.202.160.0/19 196.202.224.0/21 196.207.0.0/20 196.207.128.0/18 196.207.192.0/18 196.207.247.0/24 196.220.0.0/19 204.118.170.0/24 209.88.163. 209.101.84. 209.159.164. 209.159.166.0/24 209.198.240.0/23 209.198.242.16/28 209.198.242.96/29 209.198.242.104/30 209.198.242.108/31 209.198.242.128/27 209.198.246.240/28 212.96.2.0/23 212.96.4. 212.96.28. 212.96.29. 212.96.30. 212.100.64.0/19 212.165.128.0/17 212.165.132.64/27 212.165.135. 212.165.140.16/29 212.165.140.64/26 212.165.140.128/25 212.165.141.0/24 212.165.147.0/26 212.165.147.128/26 212.199.108.0/24 212.199.251.0/24 212.247.93.0/24
deny from 213.136.96.0/24 213.136.116.0/24 213.140.62.0/23 213.150.192.0/23 213.166.160.0/19 213.181.64.0/19 213.185.96.0/21 213.185.106.0/24 213.185.112. 213.185.113.0/26 213.185.124. 213.187.135. 213.187.145. 213.211.128.0/18 213.211.188.0/24 213.232.96. 213.255.193. 213.255.195.0/25 213.255.195.128/27 213.255.198. 213.255.199. 216.72.104.0/21 216.74.187.0/24 216.129.147.128/28 216.129.159. 216.133.174. 216.147.132.144/28 216.147.132.160/28 216.236.200.96/28 216.236.202.96/28 216.236.205.0/24 216.236.222.128/26 216.250.195.0/27 216.250.195.64/26 216.250.221.0/24 216.250.222.0/24 216.252.176.0/24 216.252.177.0/24 216.252.231.0/25 216.252.245.0/24 217.10.163.128/26 217.10.163.192/27 217.10.163.224/27 217.10.166.0/26 217.10.166.64/28 217.10.169.0/24 217.10.170.0/24 217.10.171.0/24 217.10.173.0/26 217.10.182.0/27 217.10.184.0/24 217.14.80.0/20 217.15.124.0/25 217.20.241.0/25 217.20.241.128/29 217.20.241.136/29 217.20.241.144/28 217.20.241.160/29 217.20.241.168/29 217.20.241.176/29 217.20.241.184/29 217.20.241.192/29 217.20.241.200/29 217.20.241.208/29 217.20.242.0/24 217.20.243.24/29 217.20.243.32/27 217.78.64.0/20 217.117.0.0/20 217.146.3.144/28 217.146.3.160/28 217.146.3.176/29 217.146.3.224/27 217.146.4.64/26 217.146.5. 217.146.6.0/25 217.146.6.160/27 217.146.7. 217.146.8.0/25 217.146.9. 217.146.10.128/25 217.146.11.0/25 217.146.12. 217.146.13. 217.146.14.0/25 217.146.15.0/25 217.146.16.0/27 217.146.16.32/29 217.194.140.0/22 217.194.144.0/20 217.20.242.0/27 217.20.242.32/28 217.20.242.48/29
# Tentative CIDR block for 16,777,216 AfriNIC assigned IPs
#deny from 41.0.0.0/8

# Pan Am Sat Nigeria and South Africa
deny from 216.139.160.0/19 216.139.176.136/29

# Added Goldenlines.net.il (Israel) because of Open Proxies used by Nigerian scammers
deny from 80.179.244.0/24

# The CIDRs below are Canadian Satellite ISPs that appear to have reassigned these IP blocks to Nigeria
deny from 64.86.155.0/24 64.201.33.0/24 216.185.79.0/24

# added this German ISP on 5/1/05, probably reassigned to Nigeria: 62.192.128.0/19

# Added Sky-Vision satellite services for African and Eastern European Internet Cafes
deny from 83.229.64.0/18 217.194.144.0/20

# Kenya, Somalia, Zimbabwe, Ghana and some misc Nigerian IPs
deny from 196.200.0.0/16 196.201.0.0/16

# Added New Skies Satellite Service (Nigeria + Africa) on Dec 7, 2005:
deny from 66.178.0.0/17
deny from 66.178.0.0/17

# Amsterdam, The Netherlands Versatel Nederland DSL-NAT Customers - Lottery and 419 scammers
deny from 62.59.36.0/22 62.59.40.0/21 62.59.48.0/22 82.93. 82.168.0.0/14

# Italian Satellite ISP for Nigeria added 04/08/2006
deny from 83.137.61.0/24

# Ironlinkus.com Satellite Services (Africa - used by scammers) - added on 08/08/2006
deny from 216.118.252.0/24 216.118.253.0/24

# End Nigerian/African blocklist

# Turkish 419 scammers:
deny from 66.199.224.0/19 72.36.168.153/29 85.98.160.0/20 212.174.113.0/24
# Turkey Telecom entire CIDRs: 85.98.128.0/17 212.174.0.0/17 - for future blocking

# Added CHINANET Guangdong province network, Beijing, China, on 11/16/05
deny from 219.128.0.0/13 219.136.0.0/15 220.181.0.0/16

# Add other blocked domain names or IP addresses here, starting with "deny from " without quotes

# If you find that you need to poke a hole in the blocklist, for legitimate visitors, follow this example: allow from 123.456.789.0

# Add "allow from" IP addresses, or CIDR Ranges, after all of the "deny from" items, just before the closing Files tag.

# Everything not included within these deny from ranges is PERMITTED by the allow portion of the directive.


</Files>

<Files 403.shtml>
order allow,deny
allow from all
</Files>

# This prevents web browsers or spiders from seeing your .htaccess directives:

<Files .htaccess>
deny from all
</Files>

# End of file

dorian53 · 19 Février 2008

Salut,

J'utilise également cette méthode pour interdire l'accès à certaines pages aux spammeurs.

Code:

RewriteCond %{REMOTE_ADDR} zzz.yyy.xxx.www

Malheureusement, certains passent à travers car je logue (en PHP) les spammeurs avec cette même adresse IP plus loin dans des zones d'accès qui leur étaient logiquement interdite.

Curieux...