Forum Topic: Blackhole
After some months, the htaccess file has quite a number of blocked IP address caught by the blackhole.
At the moment, I'm also blocking IPs registered at Project Honey Pot (with only a few complains from people who didn't like to be blocked), but I also noticed that some of their IP addresses were just used by bad guys from let's say Russia and/or China.
Do you clean up these IP address after some time or do you just leave the whole list?
I have seen a website that is much slower when I add something like 100 IP addresses to the htaccess file. Other sites were OK though (different providers).
7 Replies to “Blackhole”
Great question. Blocking by IP in any case should be considered a short-term strategy to block immediate threats. I recommend clearing the list every few months (or as needed) to lighten things up.
Btw, I subscribed to this post but haven't received a notification. Also not in Spam. But it could be just an incident.
Hmm, not sure what happened there.. apologies for any inconvenience it may have caused. I will be sure to investigate during the next update.
Learning tons of awesomeness from your book, Htaccess Made Easy-Peasy, this forum, and PerishablePress.com in the last week. Thanks!
Testing out my Blackhole implementaion on my website, I get:
Deprecated: Function ereg_replace() is deprecated in .../index.php on line 98
Deprecated: Function eregi() is deprecated in .../index.php on line 73
I'm not a PHP guy. When I replaced the two functions with their replacements, preg_match (with
/ delimiters) and
preg_replace (with the
/i switch), I get a bunch of other PHP errors written to the rendered page.
Is there a newer version of Blackhole?
Or, do you have plans to update your Blackhole code?
I'm able to suppress those deprecation and error messages by adding:
// Turn off error messages for this file error_reporting(0);
to each file
index.php. But that's not the best convention, right?
Thanks in advance for the help!
PS - BTW, after spending forever adding
semalt.com blocks in my .htaccess file yesterday (using
http://logorrhoea.net/2014/01/how-to-block-semalt-com-referrer-traffic-using-htaccess), butt they crawled me again today. Dang. Would you please consider adding them to your G6 project and/or to your 2014-micro-blacklist?
Glad to help:
1) "Is there a newer version of Blackhole?"
The one hosted at Perishable Press is the latest one, but others have reported the PHP warnings and notices as well, so..
2) "Or, do you have plans to update your Blackhole code?"
Yes, as soon as time allows. I am currently finsihing up my next book, and then have plans to update my scripts and plugins after that.
3) "..to each file blackhole.php and index.php. But that?s not the best convention, right?"
It's fine for now. Remember, there is a big difference between PHP warnings, notices, and errors. If you are receiving errors, then covering them up probably is not as good as getting them fixed. Yet, if they are simply notices or warnings, those are hardly worth worrying about and are fine to ignore.
4) "Would you please consider adding them to your G6 project and/or to your 2014-micro-blacklist?"
Sure, if you send me an email using the address in the footer of this page, then I can add to the queue for the next update.
Let me know if I can elaborate on anything, glad to do so.
Appreciate the help, Jeff thanks. Will do (send the email to get in the queue)
Would you please clarify? In:
Step 3: Include the bot-check script by adding the following line to the top of your pages:
<?php include($_SERVER['DOCUMENT_ROOT'] . #'/blackhole/blackhole.php'); ?>
Is the space between the
. and the
/blackhole/blackhole.php supposed to be there in your posted example? (Note: I put the
# there above to mark where it appears.)
Yes, it is supposed to be there :)
Learn more about concatenation: