On Thu, Jun 6, 2013 at 4:03 AM, Franz Iberl wrote:You could use the ip blocking tool in Drupal itself instead of .htaccess.
> Am 06.06.13 08:51, schrieb Roger:
>> Hi all
>> Our Drupal 7 site is under constant attack from the Chinese.
>> In Rails there is an easy way to redirect pretty much anything off site
>> or to other page/s not in the system and hide the url.
>>
>> Also is there a better way of hiding the url of user login
>>
>> I have tried to set up Rules in Drupal 7 to simply redirect [Page not
>> found] responses back to the front page or better still out of the
>> Drupal 7 system completely.
>> I've had no success.
>>
>> Can someone please direct me on how to set up such a Rule on our site.
>
> I have similar problems with lots of spam hits, feeling like a DoS-attac.
>
> My "solution" to date is IP-blocking in the .htacess.
>
Yes, this I use too.
> Drupal is helpful with statistics for that, the reports page has an entry for the most active visitors (statistics enabled, of course) with the IP-numbers shown.
>
Correct, several accesses within the same second is a good clue.
> All entries with time sum near (or even higher than) the google-bot normally are spammers. The ip-nr looked up in the searche engine mostly gives enough information to justify ip-blocking.
>
There is also the restrict_ip module[1] which does the opposite of
> The most effective way is the .htacess (manual work necessary, yes), if you cannot use .htacess, Drupal can block IPs too (from the report I mentioned above), but of course this consumes more server time.
what the cor ip blocking function does and you have to provide the
list of allowed addresses, everyone else gets access denied.
[1] https://drupal.org/project/restrict_ip
--
Earnie
-- https://sites.google.com/site/earnieboyd