On Thu, Jun 6, 2013 at 4:03 AM, Franz Iberl wrote:
Am 06.06.13 08:51, schrieb Roger:
Hi all Our Drupal 7 site is under constant attack from the Chinese. In Rails there is an easy way to redirect pretty much anything off site or to other page/s not in the system and hide the url.
Also is there a better way of hiding the url of user login
I have tried to set up Rules in Drupal 7 to simply redirect [Page not found] responses back to the front page or better still out of the Drupal 7 system completely. I've had no success.
Can someone please direct me on how to set up such a Rule on our site.
I have similar problems with lots of spam hits, feeling like a DoS-attac.
My "solution" to date is IP-blocking in the .htacess.
You could use the ip blocking tool in Drupal itself instead of .htaccess.
Drupal is helpful with statistics for that, the reports page has an entry for the most active visitors (statistics enabled, of course) with the IP-numbers shown.
Yes, this I use too.
All entries with time sum near (or even higher than) the google-bot normally are spammers. The ip-nr looked up in the searche engine mostly gives enough information to justify ip-blocking.
Correct, several accesses within the same second is a good clue.
The most effective way is the .htacess (manual work necessary, yes), if you cannot use .htacess, Drupal can block IPs too (from the report I mentioned above), but of course this consumes more server time.
There is also the restrict_ip module[1] which does the opposite of what the cor ip blocking function does and you have to provide the list of allowed addresses, everyone else gets access denied.
[1] https://drupal.org/project/restrict_ip