Sep 6, 2006

How to protect your site

Protect your website in realtime.
As seen on PC Magazine

Protect your PHP site and scripts from bad abusive robots that use up your bandwidth.

Have you checked your logs only to find you have more robot or unknown users than you have real visitors.

Examples of what is visiting your site
Robots watching to see if your domain expires
Robots from some startup search engine no one will ever use
Robots from search engines in languages you dont serve
Robots from companies trying to see if you volated some copyright
Robots from some government website monitoring for some unknown content
Robots trying to collect email addresses
Robots trying to hack into your site
Robots pinging your scripts in an atempt to get your software to list they came from
Robots probing for scripts called modules.php posting.php submit.php and others
Robots using random agents to avoid blocking.
Hackers trying to use union injections on your database

Copyright owners have the legal right under the DMCA to reserve the right to view content only to website visitors. Webmasters have the legal right under DMCA to block access to anyone who wants to store or copy website content. It is also a crime under US law to use any trick or false information to gain access to a computer system. Running a robot that pretends to be a user by faking its useragent is crime under US Law because it is using false information to gain access to a computer system.


M&M Autoban can be used as a Bot-Trap to autoban every ip that hits a trap listed in your robots file. It is included in all of your php scripts to check the user against the ip ban list and then verify that the visitor qualifies to visit your website.

You can not just send spam bots into a endless fake email loop unless you have unlimited bandwidth and you don't care about a slow server. And it doesn't hurt them anyway. A spam bot must be terminated ASAP with as little bandwidth being used as possible.


Works with Bad Behavior but BB is not required.

Works on all PHP scripts needs no database!
Prevents Union Injections and known hacks.
Tracks agents
Set blocking list anyway you like

Now works With Wordpress.

Clich on downloads to the right.

1 comment:

Darin said...

Thanks for the info!Any advice on how to implement on a FreeBSD server?