<div dir="ltr">I use the geo_ip module in apache to block china/russia/africa at the web server level. If you have access you may want to look into it.</div><div class="gmail_extra"><br><br><div class="gmail_quote">On Thu, Jun 6, 2013 at 7:44 AM, Earnie Boyd <span dir="ltr"><<a href="mailto:earnie@users.sourceforge.net" target="_blank">earnie@users.sourceforge.net</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div class="im">On Thu, Jun 6, 2013 at 4:03 AM, Franz Iberl wrote:<br>
> Am 06.06.13 08:51, schrieb Roger:<br>
>> Hi all<br>
>> Our Drupal 7 site is under constant attack from the Chinese.<br>
>> In Rails there is an easy way to redirect pretty much anything off site<br>
>> or to other page/s not in the system and hide the url.<br>
>><br>
>> Also is there a better way of hiding the url of user login<br>
>><br>
>> I have tried to set up Rules in Drupal 7 to simply redirect [Page not<br>
>> found] responses back to the front page or better still out of the<br>
>> Drupal 7 system completely.<br>
>> I've had no success.<br>
>><br>
>> Can someone please direct me on how to set up such a Rule on our site.<br>
><br>
> I have similar problems with lots of spam hits, feeling like a DoS-attac.<br>
><br>
> My "solution" to date is IP-blocking in the .htacess.<br>
><br>
<br>
</div>You could use the ip blocking tool in Drupal itself instead of .htaccess.<br>
<div class="im"><br>
> Drupal is helpful with statistics for that, the reports page has an entry for the most active visitors (statistics enabled, of course) with the IP-numbers shown.<br>
><br>
<br>
</div>Yes, this I use too.<br>
<div class="im"><br>
> All entries with time sum near (or even higher than) the google-bot normally are spammers. The ip-nr looked up in the searche engine mostly gives enough information to justify ip-blocking.<br>
><br>
<br>
</div>Correct, several accesses within the same second is a good clue.<br>
<div class="im"><br>
> The most effective way is the .htacess (manual work necessary, yes), if you cannot use .htacess, Drupal can block IPs too (from the report I mentioned above), but of course this consumes more server time.<br>
<br>
</div>There is also the restrict_ip module[1] which does the opposite of<br>
what the cor ip blocking function does and you have to provide the<br>
list of allowed addresses, everyone else gets access denied.<br>
<br>
[1] <a href="https://drupal.org/project/restrict_ip" target="_blank">https://drupal.org/project/restrict_ip</a><br>
<span class="HOEnZb"><font color="#888888"><br>
--<br>
Earnie<br>
-- <a href="https://sites.google.com/site/earnieboyd" target="_blank">https://sites.google.com/site/earnieboyd</a><br>
</font></span><div class="HOEnZb"><div class="h5">--<br>
[ Drupal support list | <a href="http://lists.drupal.org/" target="_blank">http://lists.drupal.org/</a> ]<br>
</div></div></blockquote></div><br></div>