The Joomla! Forum ™

Download

Demo


Board index » Joomla! 2.5 - Ask Support Questions Here » Administration Joomla! 2.5

Forum rules


Forum Rules
Absolute Beginner's Guide to Joomla! <-- please read before posting, this means YOU.
Forum Post Assistant - If you are serious about wanting help, you will use this tool to help you post.



Post new topic Reply to topic  Page 1 of 1
  [ 3 posts ] 
  Print view Previous topic | Next topic 
Author Message
kili
PostPosted: Tue May 08, 2012 4:32 pm 
Joomla! Explorer
Joomla! Explorer

Joined: Sun Oct 23, 2005 5:17 pm
Posts: 401
Hi I would like your opinion .
I have decided due to persistent attempts to access some Joomla 2.5 sites I manage to block two countries by IP block by adding them to the .htaccess file for each site.

I have followed the 7 steps at http://docs.joomla.org/Security_Checklist_7 and have found simply adding an Ip to .htaccess does stop that person for a while but they just appear und a new IP address in that comyties block of IP's so I've decided to block the countries that there coming from one is Russia.

I have done this with one site at the moment and I cant see and problem with having so many IP address/blocks in the .htaccess file, there's no issues with load times etc..

Can anyone see a down side to this?
The sites would be of no value or interest to anyone from Russia or the other country I've blocked and these are not e-commerce sites but charity sites and a school site.

I realise that this in itself may not prevent a skilled hacker but it should at least stop the average pest who's acquired basic skills from a hacking site.

Your comments would be appreciated.

Thank You

Kili
Top
 Profile  
 
lowrykun
PostPosted: Tue May 08, 2012 7:20 pm 
Joomla! Intern
Joomla! Intern

Joined: Wed Jul 20, 2011 7:02 pm
Posts: 95
I did something very similar for a major eCommerce vendor who supported hundreds of small to medium businesses. These businesses would regularly have people try to purchase with fraudulent credit cards and try shipping to Romania, Russia, etc... Or we would regularly have script kiddies from those countries try accessing our servers.

Don't bother with individual IP addresses - they change all the time. Focus on blocking ISPs or even countries that are problematic. .htaccess is fine if that's all you have access to. Also - changes to .htaccess don't require a restart. If this list doesn't change often then it's better to create a separate file, then use 'Include' to add it to your Apache config file. This also has the benefit for doing it for all sites you're hosting, not just the one Joomla site.
Top
 Profile  
 
kili
PostPosted: Wed May 09, 2012 7:25 am 
Joomla! Explorer
Joomla! Explorer

Joined: Sun Oct 23, 2005 5:17 pm
Posts: 401
Thanks for the advice, unfortunately .htaccess is all I have to try and block these miscreants.

Proxy servers are another worry as you can block a country IP block but they just use a proxy based in another country.

It seems it's a never ending game.

kili
Top
 Profile  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  Page 1 of 1
  [ 3 posts ] 


Board index » Joomla! 2.5 - Ask Support Questions Here » Administration Joomla! 2.5

Who is online

Users browsing this forum: No registered users and 23 guests

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Jump to:  
Powered by phpBB® Forum Software © phpBB Group