• D
    User Attivo

    Sito sotto attacco

    Ragazzi, ho un problema che non riesco a risolvere: da qualche settimana il mio sito è bombardato da attacchi spammer.
    Tecnicamente non ho avuto difficoltà a bloccarli impedendo le registrazioni tramite captcha, domande/risposte, ecc ecc. Il problema è che i robot che attaccano il sito continuano ad inviare richieste GET al sito consumando banda in maniera paurosa: da circa 1 Gb mese sono passato a 20Gb, ed il provider minaccia di oscurare il sito.

    Qui sotto ho postato un piccolo pezzo degli ultimi log del server, che recentemente contengono 5-6Mb al giorno di stringhe di questo tipo (il nome del sito è soostituito con "miosito").
    C'è qualche modo per fermare l'attacco? Come si può notare, non solo gli IP variano moltissimo , ma anche il tipo di richieste, a volte sono richieste di registrazione, altre volte visualizzazioni di post, richieste di profili, utilizzo della ricerca interna, ecc.

    86.96.226.16 - - [10/Dec/2012:05:19:54 +0100] "GET /index.php?PHPSESSID=ap0u000c0q939c16m94tp1vha6&type=rss;action=.xml HTTP/1.1" 200 3598 "-" "Mozilla/4.0 (compatible;)"
86.96.226.16 - - [10/Dec/2012:05:19:47 +0100] "GET /index.php?action=help HTTP/1.1" 200 13162 "-" "Mozilla/4.0 (compatible;)"
195.229.241.172 - - [10/Dec/2012:05:19:53 +0100] "GET /index.php/topic,423.0.html?PHPSESSID=r9sb4ts811urnhasrliq1bsn60 HTTP/1.1" 200 22868 "-" "Mozilla/4.0 (compatible;)"
86.96.226.16 - - [10/Dec/2012:05:19:54 +0100] "GET /index.php/topic,389.0.html?PHPSESSID=ap0u000c0q939c16m94tp1vha6 HTTP/1.1" 500 27740 "-" "Mozilla/4.0 (compatible;)"
86.96.226.16 - - [10/Dec/2012:05:19:56 +0100] "GET /index.php?PHPSESSID=naajjd8d5rbq5vu49rggqbcgd3&action=search HTTP/1.1" 200 22331 "-" "Mozilla/4.0 (compatible;)"
86.96.226.16 - - [10/Dec/2012:05:19:46 +0100] "GET /index.php?PHPSESSID=vog8di7hml5ur429al2m050386&action=search HTTP/1.1" 200 21528 "http://www.miosito.eu/index.php/topic,423.0/prev_next,next.html?" "Mozilla/5.0 (Windows NT 5.1; U; en) Opera 8.01"
86.96.226.16 - - [10/Dec/2012:05:19:48 +0100] "GET /index.php?action=dlattach;attach=1076;type=avatar HTTP/1.1" 200 7629 "-" "Mozilla/4.0 (compatible;)"
86.96.226.16 - - [10/Dec/2012:05:19:54 +0100] "GET /index.php?PHPSESSID=blacmdo0gd2tg81nfvva8nrpc5&action=help HTTP/1.1" 200 13104 "-" "Mozilla/4.0 (compatible;)"
195.229.241.172 - - [10/Dec/2012:05:19:59 +0100] "GET /Themes/darkfuture/images/buttons/search.gif HTTP/1.1" 200 596 "-" "Mozilla/4.0 (compatible;)"
195.229.241.172 - - [10/Dec/2012:05:19:54 +0100] "GET /index.php?PHPSESSID=ap0u000c0q939c16m94tp1vha6&action=search HTTP/1.1" 200 22331 "-" "Mozilla/4.0 (compatible;)"
195.229.241.172 - - [10/Dec/2012:05:19:46 +0100] "GET /index.php?PHPSESSID=vog8di7hml5ur429al2m050386& HTTP/1.1" 200 17689 "http://www.miosito.eu/index.php/topic,423.0/prev_next,next.html?" "Mozilla/5.0 (Windows NT 5.1; U; en) Opera 8.01"
195.229.241.172 - - [10/Dec/2012:05:19:54 +0100] "GET /index.php/board,10.0.html?PHPSESSID=ap0u000c0q939c16m94tp1vha6 HTTP/1.1" 200 47531 "-" "Mozilla/4.0 (compatible;)"
86.96.226.16 - - [10/Dec/2012:05:20:00 +0100] "GET /Smileys/SoLoSMiLeYS1/grin.gif HTTP/1.1" 200 1675 "-" "Mozilla/4.0 (compatible;)"
86.96.226.16 - - [10/Dec/2012:05:19:59 +0100] "GET /index.php?action=verificationcode;vid=search;rand=5eededc825af4bf26b5b42ef1f78e715 HTTP/1.1" 200 441 "-" "Mozilla/4.0 (compatible;)"
195.229.241.172 - - [10/Dec/2012:05:19:59 +0100] "GET /Themes/darkfuture/images/expand.gif HTTP/1.1" 200 683 "-" "Mozilla/4.0 (compatible;)"
195.229.241.172 - - [10/Dec/2012:05:19:48 +0100] "GET /index.php?action=dlattach;attach=15;type=avatar HTTP/1.1" 200 10119 "-" "Mozilla/4.0 (compatible;)"
195.229.241.172 - - [10/Dec/2012:05:20:00 +0100] "GET /index.php/topic,376.15.html?PHPSESSID=omltht8lemo0lf4hd816i337o6 HTTP/1.1" 500 35040 "-" "Mozilla/4.0 (compatible;)"
195.229.241.172 - - [10/Dec/2012:05:19:46 +0100] "GET /index.php?PHPSESSID=vog8di7hml5ur429al2m050386&action=help HTTP/1.1" 200 12321 "http://www.miosito.eu/index.php/topic,423.0/prev_next,next.html?" "Mozilla/5.0 (Windows NT 5.1; U; en) Opera 8.01"
86.96.226.16 - - [10/Dec/2012:05:19:54 +0100] "GET /index.php?PHPSESSID=ap0u000c0q939c16m94tp1vha6& HTTP/1.1" 500 13140 "-" "Mozilla/4.0 (compatible;)"
195.229.241.172 - - [10/Dec/2012:05:19:54 +0100] "GET /index.php?PHPSESSID=ap0u000c0q939c16m94tp1vha6&action=help HTTP/1.1" 200 13249 "-" "Mozilla/4.0 (compatible;)"
86.96.226.16 - - [10/Dec/2012:05:19:54 +0100] "GET /index.php/topic,389.0/prev_next,next.html?PHPSESSID=ap0u000c0q939c16m94tp1vha6 HTTP/1.1" 200 36019 "-" "Mozilla/4.0 (compatible;)"
86.96.226.16 - - [10/Dec/2012:05:19:47 +0100] "GET /index.php?type=rss;action=.xml HTTP/1.1" 200 3656 "-" "Mozilla/4.0 (compatible;)"
195.229.241.172 - - [10/Dec/2012:05:19:49 +0100] "GET /index.php/topic,423.0.html HTTP/1.1" 200 22938 "-" "Mozilla/4.0 (compatible;)"
195.229.241.172 - - [10/Dec/2012:05:20:02 +0100] "GET /index.php/topic,424.0.html?PHPSESSID=hjtk5cprfa85g8q8ahrobp24k3 HTTP/1.1" 200 35901 "-" "Mozilla/4.0 (compatible;)"
86.96.226.16 - - [10/Dec/2012:05:20:08 +0100] "GET /index.php?PHPSESSID=1nsmsbngd2lmgr5bu4cejg48l1&action=help HTTP/1.1" 200 13249 "-" "Mozilla/4.0 (compatible;)"
195.229.241.172 - - [10/Dec/2012:05:19:47 +0100] "GET /index.php/topic,389.0.html HTTP/1.1" 200 31554 "-" "Mozilla/4.0 (compatible;)"
195.229.241.172 - - [10/Dec/2012:05:20:08 +0100] "GET /index.php/topic,423.0.html?PHPSESSID=1nsmsbngd2lmgr5bu4cejg48l1 HTTP/1.1" 200 22880 "-" "Mozilla/4.0 (compatible;)"
195.229.241.172 - - [10/Dec/2012:05:19:56 +0100] "GET /index.php?PHPSESSID=naajjd8d5rbq5vu49rggqbcgd3&action=help HTTP/1.1" 200 13249 "-" "Mozilla/4.0 (compatible;)"
195.229.241.172 - - [10/Dec/2012:05:20:09 +0100] "GET /index.php?PHPSESSID=v87ariufaee4o4biea3mn1grd6&action=help HTTP/1.1" 200 12991 "-" "Mozilla/4.0 (compatible;)"
195.229.241.172 - - [10/Dec/2012:05:19:47 +0100] "GET /index.php/board,10.0.html HTTP/1.1" 500 29200 "-" "Mozilla/4.0 (compatible;)"
195.229.241.172 - - [10/Dec/2012:05:19:47 +0100] "GET /index.php?action=search HTTP/1.1" 200 22389 "-" "Mozilla/4.0 (compatible;)"
195.229.241.172 - - [10/Dec/2012:05:20:12 +0100] "GET /index.php?PHPSESSID=ddhc9b7asfuk0btn1anvue4994&action=help HTTP/1.1" 200 13104 "-" "Mozilla/4.0 (compatible;)"
86.96.226.16 - - [10/Dec/2012:05:20:14 +0100] "GET /index.php?PHPSESSID=cjddq2n53cggf6m6ql3k0s0vk1&action=help HTTP/1.1" 200 13249 "-" "Mozilla/4.0 (compatible;)"
195.229.241.172 - - [10/Dec/2012:05:20:11 +0100] "GET /index.php?PHPSESSID=vk15pk9tlgd6r1chiedo9sfe34&action=help HTTP/1.1" 200 13249 "-" "Mozilla/4.0 (compatible;)"
195.229.241.172 - - [10/Dec/2012:05:20:14 +0100] "GET /index.php?PHPSESSID=cjddq2n53cggf6m6ql3k0s0vk1&action=search HTTP/1.1" 500 21900 "-" "Mozilla/4.0 (compatible;)"
86.96.226.16 - - [10/Dec/2012:05:20:12 +0100] "GET /index.php/board,10.0.html?PHPSESSID=ddhc9b7asfuk0btn1anvue4994 HTTP/1.1" 200 47273 "-" "Mozilla/4.0 (compatible;)"
195.229.241.172 - - [10/Dec/2012:05:20:17 +0100] "GET /index.php?PHPSESSID=spprhe44au113il6b9lltf6bj0&action=help HTTP/1.1" 200 13104 "-" "Mozilla/4.0 (compatible;)"
122.228.193.196 - - [10/Dec/2012:05:20:26 +0100] "GET /index.php HTTP/1.0" 200 62395 "http://www.miosito.eu/index.php" "Opera/9.80 (Windows NT 5.2; U; en) Presto/2.10.229 Version/11.64"
122.228.193.196 - - [10/Dec/2012:05:20:43 +0100] "POST /index.php?PHPSESSID=jlu5v21lkusvc1qr0u4h5kho92&action=login2 HTTP/1.0" 200 10532 "http://www.miosito.eu/index.php" "Opera/9.80 (Windows NT 5.2; U; en) Presto/2.10.229 Version/11.64"
66.249.76.86 - - [10/Dec/2012:05:21:10 +0100] "GET /index.php?topic=43.0 HTTP/1.1" 200 9576 "-" "Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)"
86.96.226.16 - - [10/Dec/2012:05:19:49 +0100] "GET /index.php/topic,367.15.html?PHPSESSID=pe3uv6rpga8u9a0bn3rr6onqq3 HTTP/1.1" 500 30660 "-" "Mozilla/4.0 (compatible;)"
195.229.241.172 - - [10/Dec/2012:05:19:51 +0100] "GET /index.php/topic,376.15.html HTTP/1.1" 500 32120 "-" "Mozilla/4.0 (compatible;)"
66.249.76.86 - - [10/Dec/2012:05:21:54 +0100] "GET /index.php?topic=263.0;prev_next=prev HTTP/1.1" 200 8021 "-" "Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)"
195.229.241.172 - - [10/Dec/2012:05:19:54 +0100] "GET /index.php/topic,389.0/prev_next,prev.html?PHPSESSID=ap0u000c0q939c16m94tp1vha6 HTTP/1.1" 500 32120 "-" "Mozilla/4.0 (compatible;)"
195.229.241.172 - - [10/Dec/2012:05:19:54 +0100] "GET /index.php/topic,376.15.html?PHPSESSID=blacmdo0gd2tg81nfvva8nrpc5 HTTP/1.1" 500 21900 "-" "Mozilla/4.0 (compatible;)"
86.96.226.16 - - [10/Dec/2012:05:19:49 +0100] "GET /index.php/topic,423.0/prev_next,next.html HTTP/1.1" 500 29200 "-" "Mozilla/4.0 (compatible;)"
195.229.241.172 - - [10/Dec/2012:05:19:49 +0100] "GET /index.php/topic,423.0/prev_next,prev.html HTTP/1.1" 500 29200 "-" "Mozilla/4.0 (compatible;)"
86.96.226.16 - - [10/Dec/2012:05:19:47 +0100] "GET /index.php/topic,389.0/prev_next,prev.html HTTP/1.1" 500 18980 "-" "Mozilla/4.0 (compatible;)"
86.96.226.16 - - [10/Dec/2012:05:20:09 +0100] "GET /index.php/topic,376.15.html?PHPSESSID=v87ariufaee4o4biea3mn1grd6 HTTP/1.1" 500 24820 "-" "Mozilla/4.0 (compatible;)"
86.96.226.16 - - [10/Dec/2012:05:20:10 +0100] "GET /index.php/topic,389.0.html?PHPSESSID=vk15pk9tlgd6r1chiedo9sfe34 HTTP/1.1" 500 24820 "-" "Mozilla/4.0 (compatible;)"
195.229.241.172 - - [10/Dec/2012:05:19:47 +0100] "GET /index.php HTTP/1.1" 500 35040 "-" "Mozilla/4.0 (compatible;)"
86.96.226.16 - - [10/Dec/2012:05:20:17 +0100] "GET /index.php?PHPSESSID=spprhe44au113il6b9lltf6bj0&action=search HTTP/1.1" 500 20440 "-" "Mozilla/4.0 (compatible;)"
122.228.193.196 - - [10/Dec/2012:05:22:55 +0100] "GET /index.php HTTP/1.0" 200 62395 "http://www.miosito.eu/index.php" "Opera/9.80 (Windows NT 6.1; U; ru) Presto/2.10.229 Version/11.60"
122.228.193.196 - - [10/Dec/2012:05:23:05 +0100] "POST /index.php?PHPSESSID=rp5mlmpshm90h3uv1th843dfv2&action=login2 HTTP/1.0" 200 10532 "http://www.miosito.eu/index.php" "Opera/9.80 (Windows NT 6.1; U; ru) Presto/2.10.229 Version/11.60"
31.128.224.184 - - [10/Dec/2012:05:23:19 +0100] "GET /index.php HTTP/1.0" 200 62137 "http://www.miosito.eu/index.php" "Opera/9.80 (Windows NT 6.1; WOW64; U; MRA 5.9 (build 4876); ru) Presto/2.10.289 Version/12.00"
31.128.224.184 - - [10/Dec/2012:05:23:25 +0100] "GET /index.php?PHPSESSID=g0338t9dmo92ck99lurggte931&action=post;topic=1196.5 HTTP/1.0" 200 11108 "http://www.miosito.eu/index.php?PHPSESSID=g0338t9dmo92ck99lurggte931&action=post;topic=1196.5" "Opera/9.80 (Windows NT 6.1; WOW64; U; MRA 5.9 (build 4876); ru) Presto/2.10.289 Version/12.00"
31.128.224.184 - - [10/Dec/2012:05:23:27 +0100] "GET /index.php?action=register HTTP/1.0" 200 9245 "http://www.miosito.eu/index.php?action=register" "Opera/9.80 (Windows NT 6.1; WOW64; U; MRA 5.9 (build 4876); ru) Presto/2.10.289 Version/12.00"
31.128.224.184 - - [10/Dec/2012:05:23:28 +0100] "POST /index.php?action=login2 HTTP/1.0" 200 10535 "http://www.miosito.eu/index.php?action=register" "Opera/9.80 (Windows NT 6.1; WOW64; U; MRA 5.9 (build 4876); ru) Presto/2.10.289 Version/12.00"
68.60.128.145 - - [10/Dec/2012:05:24:47 +0100] "GET /index.php?action=profile;u=356 HTTP/1.0" 200 10434 "http://www.miosito.eu/index.php?action=profile;u=356" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_6_8) AppleWebKit/535.11 (KHTML, like Gecko) Chrome/17.0.963.79 Safari/535.11"
68.60.128.145 - - [10/Dec/2012:05:25:00 +0100] "GET /index.php?PHPSESSID=r67tt867k5673e8fmpcidv9420&action=register HTTP/1.0" 200 9467 "http://www.miosito.eu/index.php?PHPSESSID=r67tt867k5673e8fmpcidv9420&action=register" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_6_8) AppleWebKit/535.11 (KHTML, like Gecko) Chrome/17.0.963.79 Safari/535.11"
201.249.25.118 - - [10/Dec/2012:05:25:06 +0100] "GET /index.php?action=profile;u=5 HTTP/1.0" 200 13589 "http://www.miosito.eu/index.php?action=profile;u=5" "Mozilla/5.0 (Windows NT 5.2; rv:13.0) Gecko/20100101 Firefox/13.0.1"
114.35.167.38 - - [10/Dec/2012:05:25:53 +0100] "GET /http://www.miosito.eu//index.php?action=profile;u=5 HTTP/1.1" 404 538 "http://www.miosito.eu/index.php?action=profile;u=5" "Mozilla/5.0 (Windows NT 5.2; rv:13.0) Gecko/20100101 Firefox/13.0.1"
110.164.62.191 - - [10/Dec/2012:05:26:51 +0100] "GET /http://www.miosito.eu//index.php?action=profile;u=5 HTTP/1.0" 404 538 "http://www.miosito.eu/index.php?action=profile;u=5" "Mozilla/5.0 (Windows NT 5.2; rv:13.0) Gecko/20100101 Firefox/13.0.1"
66.249.76.86 - - [10/Dec/2012:05:27:36 +0100] "GET /index.php?topic=329.0;wap2 HTTP/1.1" 200 1945 "-" "Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)"
114.252.77.191 - - [10/Dec/2012:05:27:43 +0100] "GET /index.php?action=profile;u=519 HTTP/1.0" 200 10067 "http://www.authenticpanthersjerseywebs.com" "Opera/9.80 (Windows NT 6.1; WOW64; U; en) Presto/2.10.229 Version/11.64"
201.249.25.118 - - [10/Dec/2012:05:27:56 +0100] "GET /http://www.miosito.eu//index.php?action=profile;u=5 HTTP/1.0" 404 500 "http://www.miosito.eu/index.php?action=profile;u=5" "Mozilla/5.0 (Windows NT 5.2; rv:13.0) Gecko/20100101 Firefox/13.0.1"
114.252.77.191 - - [10/Dec/2012:05:28:06 +0100] "POST /index.php?PHPSESSID=mkffg8rfqtjsg7n40dh78vnfd1&action=login2 HTTP/1.0" 200 10643 "http://www.miosito.eu/index.php?action=profile;u=519" "Opera/9.80 (Windows NT 6.1; WOW64; U; en) Presto/2.10.229 Version/11.64"
212.126.123.17 - - [10/Dec/2012:05:28:21 +0100] "GET /http:/www.miosito.eu/index.php?action=profile;u=/index.php?action=profile;u=5 HTTP/1.1" 404 536 "http://www.miosito.eu/index.php?action=profile;u=5" "Mozilla/5.0 (Windows NT 5.2; rv:13.0) Gecko/20100101 Firefox/13.0.1"
120.85.140.99 - - [10/Dec/2012:05:28:24 +0100] "GET /http:/www.miosito.eu/index.php?action=profile;u=/index.php?action=profile;u=5 HTTP/1.0" 404 536 "http://www.miosito.eu/index.php?action=profile;u=5" "Mozilla/5.0 (Windows NT 5.2; rv:13.0) Gecko/20100101 Firefox/13.0.1"
190.121.231.114 - - [10/Dec/2012:05:28:43 +0100] "GET /http:/www.miosito.eu/index.php?action=profile;u=/index.php?action=profile;u=5 HTTP/1.0" 404 536 "http://www.miosito.eu/index.php?action=profile;u=5" "Mozilla/5.0 (Windows NT 5.2; rv:13.0) Gecko/20100101 Firefox/13.0.1"
125.88.75.139 - - [10/Dec/2012:05:28:54 +0100] "GET /http:/www.miosito.eu/index.php?action=profile;u=/index.php?action=profile;u=5 HTTP/1.0" 404 536 "http://www.miosito.eu/index.php?action=profile;u=5" "Mozilla/5.0 (Windows NT 5.2; rv:13.0) Gecko/20100101 Firefox/13.0.1"
76.95.185.230 - - [10/Dec/2012:05:29:15 +0100] "GET /index.php?action=profile;u=356 HTTP/1.0" 200 10067 "http://www.miosito.eu/index.php?action=profile;u=356" "Opera/9.80 (Windows NT 6.1; WOW64; U; ru) Presto/2.10.289 Version/12.00"
218.108.168.166 - - [10/Dec/2012:05:29:23 +0100] "GET http://www.miosito.eu/http:/www.miosito.eu/index.php?action=profile;u=/index.php?action=profile;u=5 HTTP/1.0" 404 498 "http://www.miosito.eu/index.php?action=profile;u=5" "Mozilla/5.0 (Windows NT 5.2; rv:13.0) Gecko/20100101 Firefox/13.0.1"
182.71.105.7 - - [10/Dec/2012:05:29:32 +0100] "GET /http:/www.miosito.eu/index.php?action=profile;u=/index.php?action=profile;u=5 HTTP/1.1" 404 536 "http://www.miosito.eu/index.php?action=profile;u=5" "Mozilla/5.0 (Windows NT 5.2; rv:13.0) Gecko/20100101 Firefox/13.0.1"
78.131.55.82 - - [10/Dec/2012:05:29:36 +0100] "GET /http:/www.miosito.eu/index.php?action=profile;u=/index.php?action=profile;u=5 HTTP/1.1" 404 536 "http://www.miosito.eu/index.php?action=profile;u=5" "Mozilla/5.0 (Windows NT 5.2; rv:13.0) Gecko/20100101 Firefox/13.0.1"
46.105.104.205 - - [10/Dec/2012:05:30:01 +0100] "GET / HTTP/1.0" 200 62504 "http://www.miosito.eu/" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.19 (KHTML, like Gecko) Chrome/18.0.1025.142 Safari/535.19"
46.105.104.205 - - [10/Dec/2012:05:30:09 +0100] "POST /index.php?PHPSESSID=7ujppn94lbgedsmnne7heglku7&action=login2 HTTP/1.0" 200 10639 "http://www.miosito.eu/" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.19 (KHTML, like Gecko) Chrome/18.0.1025.142 Safari/535.19"
78.131.55.82 - - [10/Dec/2012:05:30:28 +0100] "GET /http:/www.miosito.eu/index.php?action=profile;u=/index.php?action=profile;u=5 HTTP/1.1" 404 536 "http://www.miosito.eu/index.php?action=profile;u=5" "Mozilla/5.0 (Windows NT 5.2; rv:13.0) Gecko/20100101 Firefox/13.0.1"
201.249.25.118 - - [10/Dec/2012:05:31:27 +0100] "GET /http:/www.miosito.eu/index.php?action=profile;u=/index.php?action=profile;u=5 HTTP/1.0" 404 498 "http://www.miosito.eu/index.php?action=profile;u=5" "Mozilla/5.0 (Windows NT 5.2; rv:13.0) Gecko/20100101 Firefox/13.0.1"
66.23.230.236 - - [10/Dec/2012:05:31:43 +0100] "GET /index.php?PHPSESSID=n4ikp45ur9ina96s45h14j7q52&action=register HTTP/1.0" 200 10100 "http://www.miosito.eu/index.php?PHPSESSID=n4ikp45ur9ina96s45h14j7q52&action=register" "Opera/9.80 (Windows NT 6.1; WOW64; U; ru) Presto/2.10.289 Version/12.00"
115.61.121.17 - - [10/Dec/2012:05:31:46 +0100] "GET /http:/www.miosito.eu/index.php?action=profile;u=/index.php?action=profile;u=5 HTTP/1.0" 404 498 "http://www.miosito.eu/index.php?action=profile;u=5" "Mozilla/5.0 (Windows NT 5.2; rv:13.0) Gecko/20100101 Firefox/13.0.1"
65.55.24.220 - - [10/Dec/2012:05:32:44 +0100] "GET /index.php/board,36.0/sort,views.html HTTP/1.1" 200 4987 "-" "Mozilla/5.0 (compatible; bingbot/2.0; +http://www.bing.com/bingbot.htm)"
216.24.194.148 - - [10/Dec/2012:05:32:58 +0100] "GET /http:/www.miosito.eu/index.php?action=profile;u=/index.php?action=profile;u=5 HTTP/1.0" 404 498 "http://www.miosito.eu/index.php?action=profile;u=5" "Mozilla/5.0 (Windows NT 5.2; rv:13.0) Gecko/20100101 Firefox/13.0.1"
157.55.32.117 - - [10/Dec/2012:05:34:35 +0100] "GET /robots.txt HTTP/1.1" 404 506 "-" "Mozilla/5.0 (compatible; bingbot/2.0; +http://www.bing.com/bingbot.htm)"
91.223.75.100 - - [10/Dec/2012:05:34:45 +0100] "GET /index.php++++++++++++++++++++++++++++++++++++++++++++Result:+%F4%EE%F0%F3%EC+%ED%E5+%ED%E0%E9%E4%E5%ED+/+%ED%E5+%F3%E4%E0%EB%EE%F1%FC+%EE%EF%F0%E5%E4%E5%EB%E8%F2%FC+IP HTTP/1.0" 404 565 "http://www.miosito.eu/index.php++++++++++++++++++++++++++++++++++++++++++++Result:+%F4%EE%F0%F3%EC+%ED%E5+%ED%E0%E9%E4%E5%ED+/+%ED%E5+%F3%E4%E0%EB%EE%F1%FC+%EE%EF%F0%E5%E4%E5%EB%E8%F2%FC+IP" "Mozilla/5.0 (Windows NT 5.2; WOW64; rv:13.0) Gecko/20100101 Firefox/13.0.1"
91.223.75.100 - - [10/Dec/2012:05:34:45 +0100] "GET / HTTP/1.0" 200 62359 "http://www.miosito.eu/" "Mozilla/5.0 (Windows NT 5.2; WOW64; rv:13.0) Gecko/20100101 Firefox/13.0.1"
91.223.75.100 - - [10/Dec/2012:05:35:06 +0100] "GET /index.php HTTP/1.0" 200 56707 "http://www.miosito.eu/index.php" "Mozilla/5.0 (Windows NT 5.2; WOW64; rv:13.0) Gecko/20100101 Firefox/13.0.1"
91.223.75.100 - - [10/Dec/2012:05:35:17 +0100] "GET /index.php?action=register HTTP/1.0" 200 9355 "http://www.miosito.eu/index.php?action=register" "Mozilla/5.0 (Windows NT 5.2; WOW64; rv:13.0) Gecko/20100101 Firefox/13.0.1"
175.44.25.247 - - [10/Dec/2012:05:35:37 +0100] "GET /index.php HTTP/1.0" 200 62136 "http://www.miosito.eu/index.php" "Opera/9.80 (Windows NT 5.1; U; en) Presto/2.10.289 Version/12.00"
180.89.151.167 - - [10/Dec/2012:05:33:59 +0100] "GET /index.php HTTP/1.0" 500 24480 "http://www.miosito.eu/index.php" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/536.5 (KHTML, like Gecko) Chrome/19.0.1084.46 Safari/536.5"
180.89.151.167 - - [10/Dec/2012:05:36:13 +0100] "GET /index.php?PHPSESSID=sauo428hvl3ggtp5pmnt2etsg4&action=forum HTTP/1.0" 200 31020 "http://www.miosito.eu/index.php?PHPSESSID=sauo428hvl3ggtp5pmnt2etsg4&action=forum" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/536.5 (KHTML, like Gecko) Chrome/19.0.1084.46 Safari/536.5"
195.43.128.235 - - [10/Dec/2012:05:36:22 +0100] "GET /index.php++++++++++++++++++++++++++++++++++++++++++++Result:+%ED%E5+%ED%E0%F8%EB%EE%F1%FC+%F4%EE%F0%EC%FB+%E4%EB%FF+%EE%F2%EF%F0%E0%E2%EA%E8; HTTP/1.0" 404 553 "http://www.miosito.eu/index.php++++++++++++++++++++++++++++++++++++++++++++Result:+%ED%E5+%ED%E0%F8%EB%EE%F1%FC+%F4%EE%F0%EC%FB+%E4%EB%FF+%EE%F2%EF%F0%E0%E2%EA%E8;" "Opera/9.80 (Windows NT 5.1; U; MRA 5.10 (build 5310); ru) Presto/2.10.229 Version/11.64"
175.44.25.247 - - [10/Dec/2012:05:36:25 +0100] "GET /index.php?PHPSESSID=cu57bftiann2akmce3j2nerpf2&action=post;topic=1196.5 HTTP/1.0" 200 11324 "http://www.miosito.eu/index.php?PHPSESSID=cu57bftiann2akmce3j2nerpf2&action=post;topic=1196.5" "Opera/9.80 (Windows NT 5.1; U; en) Presto/2.10.289 Version/12.00"
195.43.128.235 - - [10/Dec/2012:05:36:23 +0100] "GET / HTTP/1.0" 200 62249 "http://www.miosito.eu/" "Opera/9.80 (Windows NT 5.1; U; MRA 5.10 (build 5310); ru) Presto/2.10.229 Version/11.64"
175.44.25.247 - - [10/Dec/2012:05:36:28 +0100] "GET /index.php?action=register HTTP/1.0" 200 9358 "http://www.miosito.eu/index.php?action=register" "Opera/9.80 (Windows NT 5.1; U; en) Presto/2.10.289 Version/12.00"
175.44.25.247 - - [10/Dec/2012:05:36:36 +0100] "POST /index.php?action=login2 HTTP/1.0" 200 10749 "http://www.miosito.eu/index.php?action=register" "Opera/9.80 (Windows NT 5.1; U; en) Presto/2.10.289 Version/12.00"
180.89.151.167 - - [10/Dec/2012:05:36:24 +0100] "GET /index.php/board,2.0.html HTTP/1.0" 200 41724 "http://www.miosito.eu/index.php/board,2.0.html" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/536.5 (KHTML, like Gecko) Chrome/19.0.1084.46 Safari/536.5"
157.55.32.117 - - [10/Dec/2012:05:36:41 +0100] "GET /index.php/redcap-download-a-guide HTTP/1.1" 302 609 "-" "Mozilla/5.0 (compatible; bingbot/2.0; +http://www.bing.com/bingbot.htm)"
218.6.9.60 - - [10/Dec/2012:05:36:12 +0100] "GET /index.php HTTP/1.0" 200 62250 "http://www.miosito.eu/index.php" "Opera/9.80 (Windows NT 6.1; U; Edition Yx; ru) Presto/2.10.289 Version/12.00"
218.6.9.60 - - [10/Dec/2012:05:36:42 +0100] "POST /index.php?PHPSESSID=falg9eqp95mm4739fcajuufc17&action=login2 HTTP/1.0" 200 10644 "http://www.miosito.eu/index.php" "Opera/9.80 (Windows NT 6.1; U; Edition Yx; ru) Presto/2.10.289 Version/12.00"
180.89.151.167 - - [10/Dec/2012:05:36:40 +0100] "GET /index.php/board,32.0.html HTTP/1.0" 200 25452 "http://www.miosito.eu/index.php/board,32.0.html" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/536.5 (KHTML, like Gecko) Chrome/19.0.1084.46 Safari/536.5"
195.43.128.235 - - [10/Dec/2012:05:36:41 +0100] "GET /index.php HTTP/1.0" 200 56701 "http://www.miosito.eu/index.php" "Opera/9.80 (Windows NT 5.1; U; MRA 5.10 (build 5310); ru) Presto/2.10.229 Version/11.64"
195.43.128.235 - - [10/Dec/2012:05:36:58 +0100] "GET /index.php?action=register HTTP/1.0" 200 9358 "http://www.miosito.eu/index.php?action=register" "Opera/9.80 (Windows NT 5.1; U; MRA 5.10 (build 5310); ru) Presto/2.10.229 Version/11.64"
180.89.151.167 - - [10/Dec/2012:05:36:51 +0100] "GET /index.php/board,22.0.html HTTP/1.0" 200 31612 "http://www.miosito.eu/index.php/board,22.0.html" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/536.5 (KHTML, like Gecko) Chrome/19.0.1084.46 Safari/536.5"
69.251.13.48 - - [10/Dec/2012:05:37:31 +0100] "GET /index.php?action=profile;u=356 HTTP/1.0" 200 10180 "http://www.miosito.eu/index.php?action=profile;u=356" "Opera/9.80 (Windows NT 6.1; U; Edition Ukraine Local; en) Presto/2.10.289 Version/12.00"
180.89.151.167 - - [10/Dec/2012:05:37:19 +0100] "GET /index.php/board,8.0.html HTTP/1.0" 200 46052 "http://www.miosito.eu/index.php/board,8.0.html" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/536.5 (KHTML, like Gecko) Chrome/19.0.1084.46 Safari/536.5"
180.89.151.167 - - [10/Dec/2012:05:37:45 +0100] "GET /index.php?action=register HTTP/1.0" 200 9570 "http://www.miosito.eu/index.php?action=register" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/536.5 (KHTML, like Gecko) Chrome/19.0.1084.46 Safari/536.5"
66.249.76.86 - - [10/Dec/2012:05:38:01 +0100] "GET /index.php?topic=329.5;wap2 HTTP/1.1" 200 1149 "-" "Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)"
24.147.198.89 - - [10/Dec/2012:05:38:14 +0100] "GET /index.php?PHPSESSID=1sh22bqd2dme8k0d2jalvjs6b6&action=register HTTP/1.0" 200 9358 "http://www.miosito.eu/index.php?PHPSESSID=1sh22bqd2dme8k0d2jalvjs6b6&action=register" "Opera/9.80 (Windows NT 6.1; U; Edition Ukraine Local; en) Presto/2.10.289 Version/12.00"
    0
  • wolf.otakar
    Consiglio Direttivo

    Ciao dead,

    @dead said:

    Il problema è che i robot che attaccano il sito continuano ad inviare richieste GET al sito consumando banda in maniera paurosa: da circa 1 Gb mese sono passato a 20Gb, ed il provider minaccia di oscurare il sito.

    non ci sono molti rimedi per evitare di diventare vittima di un attacco DoS. :mmm:

    Dai un'occhiata qui o prova a bloccare questi ip da .htaccess.

    In alternativa, una delle soluzioni potrebbe essere un "firewall di rete o iptables"; senti comunque il tuo provider.

    N.B. aggiorna CMS e Plugin! 😉

    :ciauz:

    0
Effettua l'accesso per rispondere