News:

Looking for documentation? Take a look on our wiki

Main Menu

503 error - JCH Optimize ?

Started by sabikeuk, August 13, 2019, 17:09:19 PM

Previous topic - Next topic

sabikeuk

Hello,

I am receiving 503 error on my website: www.estilofina-nabytek.cz .  According to my host (Siteground- I am on dedicated server) its due to excessive accesses from some IPs. I am receiving hits between 20000-40000. I have checked access logs and those are from the following:

"GET /index.php?option=com_virtuemart&view=vendor&layout=tos&virtuemart_vendor_id=1&Itemid=1477&nosef=1&format=html&tmpl=component" - which is link to terms and conditions in virtuemart cart popup window

and

"GET /xxx/ ask_question?tmpl=component" - which is Ask a Question form on product page.

VM 3.4.2  Joomla 3.9.10   PHP 7.1.30

Any help would be much appreciated.

Thank you,
Dan

StefanSTS

That is quite normal from time to time.

Block the IPs or IP ranges on server level or via your hoster.

Regards
Stefan
--
Stefan Schumacher
www.jooglies.com - VirtueMart Invoice Layouts

Please use only stable versions with even numbers for your live shop! Use Alpha versions only if you know what risk you are taking.

sabikeuk

Thanks for reply Stephan, is it normal that this happens for 2-3 days every 2 weeks ? Every time there is a different IP address ...

StefanSTS

#3
Yes, looks like you are so lucky that you are on someones list to scan for unsecure forms.

1. Mostly these guys try to guess the Joomla password of admin.
2. E-Mail Spam through functions like "Send to a friend" and things like that.

Disabling unnecessary forms helps, or some kind of captcha.
On the server it can help to run some blacklists for IP addresses.

All in all there will be always attempts that is normal. Keep the system up to date, safe passwords and you are 99%+ in the clear.

If the hackers don't kill your server resources, Google bot and SEO spiders will do that for you if you have lots of products and a small server.

It's just like this these days but if you keep the system clean of plugins you don't need and components updated all the time, you can take some holidays from worrying. ;-)
You might need some more server resources if server errors continue.

Regards
Stefan
--
Stefan Schumacher
www.jooglies.com - VirtueMart Invoice Layouts

Please use only stable versions with even numbers for your live shop! Use Alpha versions only if you know what risk you are taking.

diri

#4
I recommend to give this a try:

https://perishablepress.com/6g/

edit:

email spam is kind of normal as well when "send a copy to my address" is active on any email related form.

sabikeuk

Quote from: diri on August 14, 2019, 09:45:10 AM
I recommend to give this a try:

https://perishablepress.com/6g/

edit:

email spam is kind of normal as well when "send a copy to my address" is active on any email related form.

Hello,

currently running below settings already in .htaccess:

Part 1/2:
# Bot Block #
RewriteEngine On
# Block Essential Bots #
RewriteCond %{HTTP_USER_AGENT} ^(.*)MJ12bot [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)BLEXBot [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)SolomonoBot [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Yandex [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Baiduspider [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Yeti [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Mail.Ru [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Ezooms [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)AhrefsBot [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Sosospider [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)sogou [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)exabot [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)rogerbot [NC,OR]
# Block Non-Essential Bots #
RewriteCond %{HTTP_USER_AGENT} ^(.*)2icommerce [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)archive.org [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Abont [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)abot [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Accoona [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)ActiveTouristBot [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)adressendeutschland [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)aipbot [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Alligator [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)AllSubmitter [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)almaden [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)anarchie [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Acunetix [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)AESOP_com_SpiderMan [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Alexibot [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Anonymous [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Anonymouse.org [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Apexoo [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Aqua_Products [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)asterias [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)ASSORT [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)ATHENS [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)AtHome [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Atomz [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)attach [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)autoemailspider [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)autohttp [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)BackDoorBot [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)BackWeb [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)binlar [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Bandit [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Badass [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)BecomeBot [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)berts [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Bitacle [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Biz360 [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)bladder\ fusion [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Blog\ Checker [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)BlogPeople [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Blogshares\ Spiders [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Bloodhound [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)BatchFTP [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Bigfoot [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Black.Hole [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)BlackWidow [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)BlowFish [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Bolt [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Board\ Bot [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Bookmark\ search\ tool [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)b2w [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)bew [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)BotALot [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)BotRightHere [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Bot\ mailto:craftbot@yahoo.com [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Buddy [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Bropwers [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Browsezilla [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)BuiltBotTough [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Bullseye [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)BunnySlippers [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)casper [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Cegbfeieh [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)CheeseBot [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)cmsworld [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)checkpriv [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)choppy [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)clshttp [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)CherryPicker [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)ChinaClaw [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)charlotte [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Convera [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Copernic [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)CFNetwork [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Collector [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Copier [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)CopyRightCheck [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)cosmos [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Crescent [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)curl [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Custo [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Cyberz [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)c-spider [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Default\ Browser [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^Da$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)DataCha0s [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Daum [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Deweb [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Digger [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)DISCo [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Digimarc [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)digout4uagent [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)diavol [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)discobot [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)DnloadMage [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)DIIbot [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)dotbot [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)DittoSpyder [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Download [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Downloader [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Download\ Demon [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Download\ Devil [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Download\ Wonder [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)dragonfly [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)dirbuster [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)DreamPassport [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)DSurf [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)DTS\ Agent [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)dumbot [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)DynaWeb [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Drip [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)eCatch [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)ecollector [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)edgeio [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)efp@gmx.net [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)ecxi [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)e-collector [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)EasyDL [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)EBrowse [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)ebingbong [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)EirGrabber [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)email [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)EmailCollector [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Email\ Extractor [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)EmailSiphon [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)EmeraldShield [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Enterprise_Search [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)EmailWolf [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)EroCrawler [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)ESurf [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Eval [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Everest-Vulcan [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)extract [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Extractor [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)ExtractorPro [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Express\ WebPictures [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)EyeNetIE [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)FairAd [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)fastlwspider [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)FileHound [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)findlinks [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)fimap [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)FlashGet [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Flaming\ AttackBot [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)scan [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)FHscan [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)feedfinder [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)fetch [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)FEZhead [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)flicky [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)FlickBot [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Foobot [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)- probably spam - [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)flunky [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Franklin\ Locator [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)FreshDownload [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)FrontPage [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)FSurf [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Gaisbot [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Gamespy_Arcade [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)genieBot [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)GetBot [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Getleft [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)GetRight [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)GetSmart [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)GetWeb! [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Go!Zilla [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Google\ Wireless\ Transcoder [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)g00g1e [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Go-Ahead-Got-It [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)GOFORITBOT [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)gotit [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)grab [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Grabber [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)GrabNet [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Grafula [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)grub [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)GT::WWW [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)heritrix [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Harvest [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Hatena\ Antenna [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)hloader [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)HMView [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)holmes [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)HooWWWer [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)HouxouCrawler [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)HTTPGet [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)HTTP::Lite [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)httplib [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)HTTPRetriever [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)HTTrack [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)humanlinks [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)IBM_Planetwide [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)iCCrawler [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Image\ Stripper [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Image\ Sucker [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)imagefetch [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)imds_monitor [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)IncyWincy [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)ichiro [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)iGetter [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)archiver [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)ia_archiver [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)IDBot [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)id-search [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)id-search.org [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)IlseBot [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Image\ Stripper [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Image\ Sucker [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Indy [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)InetURL [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)InfoNaviRobot [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)InstallShield\ DigitalWizard [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Industry\ Program [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)InfoTekies [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Intelliseek [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)InterGET [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Internet\ Ninja [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Iria [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)IRLbot [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Iron33 [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)ISSpider [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)IUPUI\ Research\ Bot [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)ISC\ Systems\ iRc [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Java [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)JBH\ Agent [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Jakarta [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)JennyBot [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)JetCar [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)jeteye [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)jeteyebot [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)JoBo [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)JOC\ Web\ Spider [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)JOC [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)JOC\ Web\ Spider [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)JustView [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Jyxobot [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)jbrofuzz [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Kenjin.Spider [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Kapere [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Kenjin [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)KRetrieve [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Keyword\ Density [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)KRetrieve [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)ksoap [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)KWebGet [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)LapozzBot [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)larbin [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)leech [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)LeechFTP [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)LeechGet [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)libwww [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)libwww-perl [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)libwhisker [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Link [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)libghttp [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)LinksManager.com_bot [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)LexiBot [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)lftp [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)loader [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)libWeb [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)likse [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)libwww-FM [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)LinkextractorPro [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)LinkScan [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)linktiger [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)LNSpiderguy [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)LocalcomBot [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)looksmart [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)LinkWalker [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)lmcrawler [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Linkie [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)lwp-trivial [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)LWP::Simple [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Mac\ Finder [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Mail\ Sweeper [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)mark.blonin [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)MaSagool [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Magnet [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Mag-Net [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)MarkWatch [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Mass [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Mata\ Hari [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)MCspider [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)MetaProducts\ Download\ Express [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Microsoft\ Data\ Access [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Microsoft\ URL\ Control [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Maxthon [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)MFC_Tear_Sample [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Memo [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Microsoft.URL [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Microsoft\ URL\ Control [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)MIDown [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)MIIxpc [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Mirror [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Missauga [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Missouri\ College\ Browse [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)miner [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Missigua\ Locator [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Mister [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Monster [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)mothra [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)mkdb [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)moget [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Moreoverbot [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)netscan [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)MovableType [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)MSIECrawler [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)MSProxy [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)MVAClient [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)MyFamilyBot [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)MyGetRight [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)kmccrew [NC,OR]

sabikeuk

part 2/2
RewriteCond %{HTTP_USER_AGENT} ^(.*)MSFrontPage [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)nameprotect [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)NASA\ Search [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Naver [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Navroad [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)NearSite [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)NetAnts [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)netattache [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)NetCarta [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)nessus [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Netcraft [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)NetMechanic [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)NetResearchServer [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)NetSpider [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)NetZIP [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Net\ Vampire [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)NEWT\ ActiveX [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Nextopia [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)NextGenSearchBot [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Net\ Vampire [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^NG$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)NICErsPRO [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)NimbleCrawler [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)noxtrumbot [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Ninja [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)NPbot [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Nutch [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)nikto [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Octopus [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Openvas [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Openbot [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Offline [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Openfind [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)OpenTextSiteCrawler [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Oracle\ Ultra\ Search [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)OutfoxBot [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)P3P [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)PackRat [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)PageGrabber [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)PagmIEDownload [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)panscient [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Papa\ Foto [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)python [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)pavuk [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)PECL::HTTP [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)PeoplePal [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)pcBrowser [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)PHPCrawl [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)perl [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)PerMan [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)PersonaPilot [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)PleaseCrawl [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)PHP\ version [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)PlantyNet_WebRobot [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)playstarmusic [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Plucker [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Pockey [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Port\ Huron [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)ProPowerBot [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)prospector [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)ProWebWalker [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Prozilla [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)PushSite [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)PussyCat [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)PuxaRapido [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)puf [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Program\ Shareware [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Progressive\ Download [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)psbot [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)psycheclone [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)planetwork [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)postrank [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)purebot [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)pycurl [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Python-urllib [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Pump [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)QueryN [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Radiation [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)RealDownload [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)RedCarpet [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)RedKernel [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Reaper [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Recorder [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)ReGet [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)relevantnoise [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Rippers [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)SBIder [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)scooter [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)ScoutAbout [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)script [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)searchpreview [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)searchterms [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Seekbot [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Serious [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Shai [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)shelob [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Shim-Crawler [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)SickleBot [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)RepoMonkey [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)RMA [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Rover [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Rsync [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Rufus [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)RTG30 [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)SAPO [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Siphon [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)InternetSeer.com [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)sitecheck [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)SiteSnagger [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Slurpy\ Verifier [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)SlySearch [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)SmartDownload [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)sna [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Snake [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)snagger [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Snapbot [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Snoopy [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Steeler [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)SpaceBison [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)SpankBot [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)spanner [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)SpeedDownload [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Spegla [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Sphere [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Sphider [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Webscanner [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Sqworm [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Stamina [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)SpiderBot [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)sproose [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)sootle [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)seekerspider [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Stripper [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)studybot [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Sucker [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)siclab [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)skygrid [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)SuperBot [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)SuperHTTP [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Surfbot [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)SurfWalker [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)suzuran [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Szukacz [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)sqlmap [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)tAkeOut [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)TALWinHttpClient [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)tarspider [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Teleport [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Toata\ dragostea [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)toCrawl [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)urllib [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)User-Agent [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Telesoft [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Templeton [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)TestBED [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)turnit [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)TurnitinBot [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)The\ Intraformant [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)TheNomad [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)TightTwatBot [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Titan [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)True_Robot [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)turingos [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Twisted\ PageGetter [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)URLy.Warning [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)URL\ Control [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)URLy\ Warning [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)URL_Spider_Pro [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)UtilMind [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)URLGetFile [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)URI::Fetch [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)UCmore [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)UdmSearch [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)UMBC [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)UniversalFeedParser [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)QuepasaCreep [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Vacuum [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)vayala [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)vobsub [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)vikspider [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)VCI [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)VoilaBot [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)voyager [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)VoidEYE [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)w3mir [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Web\ Image\ Collector [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Web\ Sucker [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Web2WAP [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)WebaltBot [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)webalta [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)WebCollage [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)WebAuto [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)WebBandit [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)WebCapture [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Webclipping.com [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)WebCopier [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)WebCopy [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)WebEMailExtrac [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)WebEnhancer [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)WebFetch [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)WebFilter [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)WebFountain [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)WebGo [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Web.Image.Collector [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)WebLeacher [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)WebMiner [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)WebMirror [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)WebmasterWorldForumBot [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)WebReaper [NC,OR]

RewriteCond %{HTTP_USER_AGENT} ^(.*)WebSauger [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)WebSnake [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)webshag [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Website [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Webster [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)WebStripper [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)WebVac [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)WebWhacker [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)WebZIP [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)webwalk [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Wells\ Search [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)WEP\ Search [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)WeRelateBot [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)wget [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)WhosTalking [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Whacker [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)whatweb [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Widow [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Wildsoft\ Surfer [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)WUMPUS [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)WinHTTrack [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)winhttp [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)WinHttpRequest [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)WISENutbot [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)WWW-Mechanize [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)WWWOFFLE [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)wwwster [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)WWW-Collector [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Xaldon [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)xxxyy [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)zermelo [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Xenu [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)XGET [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)YahooYSMcm [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)YaDirectBot [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Zade [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)ZBot [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)zerxbot [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Zeus [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)youda [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Zyborg [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)zmeu [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)zune [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)Jorgee [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)SemrushBot [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^(.*)SBooksNet [NC]
RewriteRule .* - [F]
# 6G FIREWALL/BLACKLIST
# @ https://perishablepress.com/6g/

# 6G:[QUERY STRINGS]
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{QUERY_STRING} (eval\() [NC,OR]
RewriteCond %{QUERY_STRING} (127\.0\.0\.1) [NC,OR]
RewriteCond %{QUERY_STRING} ([a-z0-9]{2000}) [NC,OR]
RewriteCond %{QUERY_STRING} (javascript:)(.*)(;) [NC,OR]
RewriteCond %{QUERY_STRING} (base64_encode)(.*)(\() [NC,OR]
RewriteCond %{QUERY_STRING} (GLOBALS|REQUEST)(=|\[|%) [NC,OR]
RewriteCond %{QUERY_STRING} (<|%3C)(.*)script(.*)(>|%3) [NC,OR]
RewriteCond %{QUERY_STRING} (\\|\.\.\.|\.\./|~|`|<|>|\|) [NC,OR]
RewriteCond %{QUERY_STRING} (boot\.ini|etc/passwd|self/environ) [NC,OR]
RewriteCond %{QUERY_STRING} (thumbs?(_editor|open)?|tim(thumb)?)\.php [NC,OR]
RewriteCond %{QUERY_STRING} (\'|\")(.*)(drop|insert|md5|select|union) [NC]
RewriteRule .* - [F]
</IfModule>

# 6G:[REQUEST METHOD]
<IfModule mod_rewrite.c>
RewriteCond %{REQUEST_METHOD} ^(connect|debug|delete|move|put|trace|track) [NC]
RewriteRule .* - [F]
</IfModule>

# 6G:[REQUEST STRINGS]

<IfModule mod_alias.c>
RedirectMatch 403 (?i)([a-z0-9]{2000,})
RedirectMatch 403 (?i)(https?|ftp|php):/
RedirectMatch 403 (?i)(base64_encode)(.*)(\()
RedirectMatch 403 (?i)(=\\\'|=\\%27|/\\\'/?)\.
# RedirectMatch 403 (?i)/(\$(\&)?|\*|\"|\.|,|&|&?)/?$
RedirectMatch 403 (?i)(\{0\}|\(/\(|\.\.\.|\+\+\+|\\\"\\\")
RedirectMatch 403 (?i)(~|`|<|>|:|;|,|%|\\|\s|\{|\}|\[|\]|\|)
RedirectMatch 403 (?i)/(=|\$&|_mm|cgi-|etc/passwd|muieblack)
RedirectMatch 403 (?i)(&pws=0|_vti_|\(null\)|\{\$itemURL\}|echo(.*)kae|etc/passwd|eval\(|self/environ)
RedirectMatch 403 (?i)\.(aspx?|bash|bak?|cfg|cgi|dll|exe|git|hg|ini|jsp|log|mdb|out|sql|svn|swp|tar|rar|rdf)$
RedirectMatch 403 (?i)/(^$|(wp-)?config|mobiquo|phpinfo|shell|sqlpatch|thumb|thumb_editor|thumbopen|timthumb|webshell)\.php
</IfModule>

# 6G:[USER AGENTS]

SetEnvIfNoCase User-Agent ([a-z0-9]{2000}) bad_bot
SetEnvIfNoCase User-Agent (archive.org|binlar|casper|checkpriv|choppy|clshttp|cmsworld|diavol|dotbot|extract|feedfinder|flicky|g00g1e|harvest|heritrix|httrack|kmccrew|loader|miner|nikto|nutch|planetwork|postrank|purebot|pycurl|python|seekerspider|siclab|skygrid|sqlmap|sucker|turnit|vikspider|winhttp|xxxyy|youda|zmeu|zune) bad_bot
Order Allow,Deny
Allow from All
Deny from env=bad_bot

# 6G:[BAD IPS]
Order Allow,Deny
Allow from All
# uncomment/edit/repeat next line to block IPs
# Deny from 123.456.789

sabikeuk

#7
I have checked the log, I believe IP address which caused 503 error wasnt spam or bad bot as I have received order confirmation from that IP, see below:

Product added to cart:


GET /component/virtuemart/kosik?Itemid=1483 HTTP/1.0" 200 27707 "https://www.estilofina-nabytek.cz/kancelarske-stoly/psaci-stul-jayden-dub-128-cm.htm" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.100 Safari/537.36"

over 4000 hits/requests for terms and conditions page from the shopping cart (it took around 3 minutes):

GET /index.php?option=com_virtuemart&view=vendor&layout=tos&virtuemart_vendor_id=1&nosef=1&format=html&tmpl=component&_=1565704377962 HTTP/1.0" 200 19893 " www.estilofina-nabytek.cz/index.php?opti...=html&tmpl=component " "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.100 Safari/537.36"

Confirmed order:

GET /kancelarske-stoly/psaci-stul-jayden-dub-128-cm.htm HTTP/1.0" 200 20803 "https://www.estilofina-nabytek.cz/component/virtuemart/objednavky/number/201911556?order_pass=p_gPZxxxxx&Itemid=0" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.100 Safari/537.36"

Mod edited password
[Jörgen]

StefanSTS

If you believe that is a genuine IP of a customer, please remove the IP address from your post, otherwise the world might know tomorrow who bought what in your store.

And your customer might not want that.

Regards
Stefan
--
Stefan Schumacher
www.jooglies.com - VirtueMart Invoice Layouts

Please use only stable versions with even numbers for your live shop! Use Alpha versions only if you know what risk you are taking.

diri

#9
Quote from: sabikeuk on August 14, 2019, 15:44:48 PM
I have checked the log, I believe IP address which caused 503 error wasnt spam or bad bot as I have received order confirmation from that IP, see below:

Product added to cart:


GET /component/virtuemart/kosik?Itemid=1483 HTTP/1.0" 200 27707 "https://www.estilofina-nabytek.cz/kancelarske-stoly/psaci-stul-jayden-dub-128-cm.htm" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.100 Safari/537.36"

over 4000 hits/requests for terms and conditions page from the shopping cart (it took around 3 minutes):
...

I take it for given you don't have anything generating a quasi endless loop. Than I have only one idea first hand:

A misconfigured proxy between your site and customer's device.

To explain it:
Provider proxies are not only one instance most often. There are i.e. 6 instances of it which do kind of load balancing when a request arrive. They switch from one instance to another one than.

In case a request is not fullfilled completely in time customer's client sends next request for same target. Proxy uses another instance, your site gets next request.

Worst case I experienced with such misbehaviour has been in 1990s with a standing 30 MB line, a customer with ISDN connection (64kb) a download tool at customer's side, a 500k file on server and a proxy in between:

Caused by partial requests from download tool such a round robin proxy blocked this 30 MB line for about 8 hours before we cut  connection. We needed about one hour to identify proxy for sure to get in contact with provider and to have proof for his security team. It has been anything but funny.

StefanSTS

Can you check, if you have VirtueMart 404 handling on, please disable that in VM config first tab.
--
Stefan Schumacher
www.jooglies.com - VirtueMart Invoice Layouts

Please use only stable versions with even numbers for your live shop! Use Alpha versions only if you know what risk you are taking.

sabikeuk

Quote from: StefanSTS on August 15, 2019, 13:30:41 PM
Can you check, if you have VirtueMart 404 handling on, please disable that in VM config first tab.

It is disabled in VM, Joomla handles 404.

sabikeuk

I went through the history of what was done with the web, error 503 started since the page load optimisation was done using JCH Optimize Pro. Subsequently, I switched from Cloud Hosting to Dedicated server, since, when the JCH is turned on, the 503 error will occur 2-3 times in 2 weeks. I am running 3 joomla sites (with Virtuemart estore) and 2 wordpress blogs.

Could it be really due to JCH ?

sabikeuk

JCH was disabled but just received again 500 + 503 error. Again a lots of hits regarding to "GET /xxx/ ask_question?tmpl=component" - which is Ask a Question form on product page.
I have a captcha on Ask a question form, dont understand why this is happening...

AH

Regards
A

Joomla 4.4.5
php 8.1