![]() |
![]() |
![]() |
||||
Welcome to the GoFuckYourself.com - Adult Webmaster Forum forums. You are currently viewing our boards as a guest which gives you limited access to view most discussions and access our other features. By joining our free community you will have access to post topics, communicate privately with other members (PM), respond to polls, upload content and access many other special features. Registration is fast, simple and absolutely free so please, join our community today! If you have any problems with the registration process or your account login, please contact us. |
![]() ![]() |
|
Discuss what's fucking going on, and which programs are best and worst. One-time "program" announcements from "established" webmasters are allowed. |
|
Thread Tools |
![]() |
#1 |
Confirmed User
Industry Role:
Join Date: Jan 2002
Location: Clearwater, Florida
Posts: 2,680
|
This IP is denied in .htaccess and it is STILL getting through!
How on earth is this IP 193.136.33.209 that is being denied right now using .htaccess executing my php script that is protected by the .htaccess deny file?
I have looked everywhere for an answer and cant seem to find one anywhere..hopefully someone on here will know.
__________________
Im fuckin retired ![]() |
![]() |
![]() ![]() ![]() ![]() ![]() |
![]() |
#2 |
Confirmed User
Join Date: Feb 2002
Location: Amsterdam
Posts: 9,377
|
start by posting your .htaccess file....if you don't want to:
replace the IP you want to ban with your own IP and test if it works.... DynaMite
__________________
| http://www.sinnerscash.com/ | ICQ: 370820 | Skype: SinnersCash | AdultWhosWho | |
![]() |
![]() ![]() ![]() ![]() ![]() |
![]() |
#3 |
Confirmed User
Industry Role:
Join Date: Jan 2002
Location: Clearwater, Florida
Posts: 2,680
|
PLAT DOES NOT HAVE AN ATTITUDE!!!! just trying to get an answer from this wacked out board! :c)
__________________
Im fuckin retired ![]() |
![]() |
![]() ![]() ![]() ![]() ![]() |
![]() |
#4 |
Registered User
Join Date: Nov 2001
Location: www.codialer.com
Posts: 26
|
Put this in your .htaccess file and see if he still he gets through.
deny from 193.136.33.0/24 Marco [email protected] ICQ 29151164
__________________
![]() CoDialer Paying up to $1.00 per minute, 240 countries supported and bi-weekly payments! |
![]() |
![]() ![]() ![]() ![]() ![]() |
![]() |
#5 | |
Confirmed User
Join Date: Aug 2001
Location: In a Bunker
Posts: 868
|
Quote:
__________________
Does anyone look down here? |
|
![]() |
![]() ![]() ![]() ![]() ![]() |
![]() |
#6 |
Confirmed User
Join Date: Feb 2002
Location: Amsterdam
Posts: 9,377
|
If you know what you are doing then why doesn't it work and do you ask?
DynaMite
__________________
| http://www.sinnerscash.com/ | ICQ: 370820 | Skype: SinnersCash | AdultWhosWho | |
![]() |
![]() ![]() ![]() ![]() ![]() |
![]() |
#7 | |
Confirmed User
Join Date: Nov 2001
Posts: 2,531
|
Quote:
__________________
This Space for Rent |
|
![]() |
![]() ![]() ![]() ![]() ![]() |
![]() |
#8 |
Confirmed User
Join Date: Feb 2002
Location: Amsterdam
Posts: 9,377
|
/24 is a C-class of IP addresses....it means everything from:
123.123.123.0 until 123.123.123.255 DynaMite
__________________
| http://www.sinnerscash.com/ | ICQ: 370820 | Skype: SinnersCash | AdultWhosWho | |
![]() |
![]() ![]() ![]() ![]() ![]() |
![]() |
#9 |
Suck it!
Industry Role:
Join Date: Jun 2001
Location: Who wants to know?
Posts: 4,432
|
/24 is used in classless interdomain routing (CIDR) as a way to work with blocks of IP's irrespective of the old method of fixed classes and subnets. CIDR allows a lot more flexibility in assigning IP's from a block rather than in fixed chunks of 255 addresses at a time.
In this case, it's just a different way to block the entire block from 193.196.33.0 to 193.196.33.255 Worth a try.
__________________
![]() ![]() ![]() |
![]() |
![]() ![]() ![]() ![]() ![]() |
![]() |
#10 | |
Confirmed User
Industry Role:
Join Date: Jan 2002
Location: Clearwater, Florida
Posts: 2,680
|
Ok look.
Im running a php file that redirects to c.cgi. I can see its still coming through by looking in my UCJ logs. I have renamed c.cgi to something else just in case it was coming in directly through c.cgi. It's a pronbot that is messing up my UCJ stats. Setting .htaccess deny will not work if the user comes directly in through a c.cgi link thats why I made the php file cause the .htaccess will deny that php file from being used. Tested by me for me using my IP and some friends did the same. All came out "forbidden" as it should. Now how is this one IP getting through and wreaking havoc still? IP Spoofing maybe? Thats the ONLY thing i can find by searching google but still it doesnt give a good enough explanation so i'm not positive. DynaSpain: Quote:
__________________
Im fuckin retired ![]() |
|
![]() |
![]() ![]() ![]() ![]() ![]() |
![]() |
#11 | |
Confirmed User
Join Date: Feb 2002
Posts: 1,751
|
Quote:
Go Fuck Yourself and the horse you rode in on!
__________________
<a href="http://www.jupiterhosting.com"><img src="http://www.jupiterhosting.com/banners/55x55.jupiter.gif" alt="" border="0" align=""></a> |
|
![]() |
![]() ![]() ![]() ![]() ![]() |
![]() |
#12 |
Confirmed User
Industry Role:
Join Date: Jan 2002
Location: Clearwater, Florida
Posts: 2,680
|
where did u quote that from? thats a fake quote!... liez
__________________
Im fuckin retired ![]() |
![]() |
![]() ![]() ![]() ![]() ![]() |
![]() |
#13 |
Confirmed User
Join Date: Nov 2001
Posts: 2,531
|
Wow - you learn something new every day.
So for a totally "effecitve" block, you could use deny from xxx.xxx.xxx.xxx deny from xxx.xxx.xxx deny from xxx.xxx.xxx.xxx/24 Assuming it's a class C of course.
__________________
This Space for Rent |
![]() |
![]() ![]() ![]() ![]() ![]() |
![]() |
#14 |
Confirmed User
Join Date: Feb 2002
Location: Amsterdam
Posts: 9,377
|
I was willing to help....not anymore...first you post a problem
without any info...then you claim that you're allmighty and know it all......post again with info and wine you don't understand.... /etc/rc.d/init.d/apache stop <---my advice I'll guarantee it works! Even with IP spoofing dickhead! ![]() DynaMite
__________________
| http://www.sinnerscash.com/ | ICQ: 370820 | Skype: SinnersCash | AdultWhosWho | |
![]() |
![]() ![]() ![]() ![]() ![]() |
![]() |
#15 |
Confirmed User
Industry Role:
Join Date: Jan 2002
Location: Clearwater, Florida
Posts: 2,680
|
kk im sorry i apologize for being so rude.
its been a long fucking day, im tired, want to go to sleep but no gotta find out how to fix this crap guy for good. and anyone who follows him. Now what is this here? /etc/rc.d/init.d/apache or are u just mad and tryin to get me to crash my server or something? :c)
__________________
Im fuckin retired ![]() |
![]() |
![]() ![]() ![]() ![]() ![]() |
![]() |
#16 |
Confirmed User
Join Date: Feb 2002
Location: Amsterdam
Posts: 9,377
|
/etc/rc.d/init.d/apache stop will stop your webserver....it will stop the attack but it's not what you are looking for.
THe IP range belongs to an university in Portugal 193.136.32.0 - 193.136.39.255 Try first blocking those nets. It are leaching students only that you will block. Their router blocks IMCP traffic so you can't ping/trace any ip within that block. If you have access to IP chains of IP tables block that range in there that's a lot better...then having your webserver to deal with it. DynaMite
__________________
| http://www.sinnerscash.com/ | ICQ: 370820 | Skype: SinnersCash | AdultWhosWho | |
![]() |
![]() ![]() ![]() ![]() ![]() |
![]() |
#17 |
Confirmed User
Join Date: Feb 2002
Location: Toronto, ON
Posts: 962
|
Your first mistake was thinking you knew what you were talking about. It doesn't matter how a user comes in. Put the .htaccess in the directory with the content you wish to protect. Read this 10 times before you come back in here being soooo right again.
__________________
SIG TOO BIG! Maximum 120x60 button and no more than 3 text lines of DEFAULT SIZE and COLOR. Unless your sig is for a GFY top banner sponsor, then you may use a 624x80 instead of a 120x60. |
![]() |
![]() ![]() ![]() ![]() ![]() |
![]() |
#18 | |
Confirmed User
Industry Role:
Join Date: Jan 2002
Location: Clearwater, Florida
Posts: 2,680
|
Quote:
AdultWire damnit man dont make me go crazy again and blow a gasket or something! Yes I know .htaccess will deny an IP from viewing a directory..yes yes that is true that is like noobie talk. Ive been here forever and never seen this type of thing before happen k? Just because I am not mr. l33t poster with 2000 gfy posts does not mean im a fucking retard with no skills.
__________________
Im fuckin retired ![]() |
|
![]() |
![]() ![]() ![]() ![]() ![]() |
![]() |
#19 | |
Confirmed User
Industry Role:
Join Date: Jan 2002
Location: Clearwater, Florida
Posts: 2,680
|
Quote:
Wow because I did try to ping the IP address and it came up not returning some TTL. So if I block out the entire range it should knock them out? Still its weird that one IP getting through... and no other IP's withing that small range showing.
__________________
Im fuckin retired ![]() |
|
![]() |
![]() ![]() ![]() ![]() ![]() |
![]() |
#20 |
Confirmed User
Join Date: Feb 2002
Location: Amsterdam
Posts: 9,377
|
if that IP is a firewall all traffic from behind that ip can appear to come from that IP....it all depends on their setup.
I did a traceroute on that IP it stops with a router from that another class within that netblock...I looked up the netblock at the ripe whois database.... it can be a firewall, a proxy, or just a host....all I can see is that either a router or firewall is dropping ICMP traffic that's why you get the expire ttl message.... Blocking that whole netblock would be my first try if I would not have access to ipchains DynaMite
__________________
| http://www.sinnerscash.com/ | ICQ: 370820 | Skype: SinnersCash | AdultWhosWho | |
![]() |
![]() ![]() ![]() ![]() ![]() |
![]() |
#21 |
Confirmed User
Join Date: Feb 2002
Location: Amsterdam
Posts: 9,377
|
Afterall it's not that hard using php to force fake headers for a http request.....
DynaMite
__________________
| http://www.sinnerscash.com/ | ICQ: 370820 | Skype: SinnersCash | AdultWhosWho | |
![]() |
![]() ![]() ![]() ![]() ![]() |
![]() |
#22 |
Confirmed User
Join Date: Feb 2002
Location: Amsterdam
Posts: 9,377
|
I assume you have it solved....I can go to bed now
![]() DynaMite
__________________
| http://www.sinnerscash.com/ | ICQ: 370820 | Skype: SinnersCash | AdultWhosWho | |
![]() |
![]() ![]() ![]() ![]() ![]() |
![]() |
#23 |
Confirmed User
Industry Role:
Join Date: Jan 2002
Location: Clearwater, Florida
Posts: 2,680
|
Yes I read about sending fake headers and am trying figure out the proper code. Anyone know the PHP code for this?
Maybe i am just a poon and this is forcing a fake header but I doubt it. My current php file looks like this <?php Header("Location:http://www.domain.com/cgi-bin/ucj/c.cgi?url=$url&link=$link&p=$p"); exit; ?>
__________________
Im fuckin retired ![]() |
![]() |
![]() ![]() ![]() ![]() ![]() |
![]() |
#24 |
So Fucking Banned
Join Date: Jan 2001
Location: http://www.thefly.net/ --- Quit your job and live off steady traffic.
Posts: 11,856
|
I like this thread ;) let us know if you were finally able to stop this IP!
|
![]() |
![]() ![]() ![]() ![]() ![]() |
![]() |
#25 |
Confirmed User
Join Date: Oct 2001
Location: Still lost
Posts: 5,112
|
Hey Plat do you ever write back on icq?
61294953 |
![]() |
![]() ![]() ![]() ![]() ![]() |
![]() |
#26 |
Confirmed User
Join Date: Feb 2002
Location: Amsterdam
Posts: 9,377
|
I just woke up again.....did you solve it?
DynaMite
__________________
| http://www.sinnerscash.com/ | ICQ: 370820 | Skype: SinnersCash | AdultWhosWho | |
![]() |
![]() ![]() ![]() ![]() ![]() |
![]() |
#27 |
Confirmed User
Industry Role:
Join Date: Jan 2002
Location: Clearwater, Florida
Posts: 2,680
|
shit he's back again 193.136.33.209
I even tried the 193.136.33.0/24 method that is in .htaccess right as I speak. Still no go. How do I force headers using php?
__________________
Im fuckin retired ![]() |
![]() |
![]() ![]() ![]() ![]() ![]() |
![]() |
#28 |
Confirmed User
Join Date: Feb 2002
Location: Amsterdam
Posts: 9,377
|
193.136.32.0 - 193.136.39.255 deny all those nets
deny from 193.136.32.0/24 deny from 193.136.33.0/24 deny from 193.136.34.0/24 deny from 193.136.35.0/24 deny from 193.136.36.0/24 Then you have that whole netblock banned...that will work! DynaMite
__________________
| http://www.sinnerscash.com/ | ICQ: 370820 | Skype: SinnersCash | AdultWhosWho | |
![]() |
![]() ![]() ![]() ![]() ![]() |
![]() |
#29 |
Confirmed User
Industry Role:
Join Date: Jan 2002
Location: Clearwater, Florida
Posts: 2,680
|
K this is freaky.. im denying all those netblocks and it is still getting through!!!
__________________
Im fuckin retired ![]() |
![]() |
![]() ![]() ![]() ![]() ![]() |