Jump to content

Bad referer - Attacks


Recommended Posts

As all WHMCS users we have many attacs even to our pages or sql injections or bad users which try to add codes or ...


Last month we have many bad referers from a brazilian website in which they might add a code and we have about every second one hit - request,

the issue is that they use allmost all country's IPs so we can't ban all brazilians to access our site,

in the begining we see many server allerts from green to yellow or red and into our logs file we had hits to a specific image into one of our common orderforms,




we ban some IPs but as I said this wasn't working,

we delete this image and also we try to redirect all these hits but also wasn't work,

we had many 404 so the result it's the same,

we try with modsecurity bad caused other problems as like no connections with some registrars,



so we add into this template an .htaccess file


RewriteEngine On

RewriteCond %{HTTP_REFERER} actionprime\.net [NC]

RewriteRule .* - [F]


and now we have almost same issue as we have many 403 the result it's the same because 403 page comes out so server works for this...

403 - GET /templates/orderforms/supreme_comparison/img/9image.png HTTP/1.0


we try also to send back all request but we haven't any success,


at the end we add this code to our main .htaccess file and now we have,

one hit per IP and then gives a 500 with an Apache error


AH00124: Request exceeded the limit of 10 internal redirects due to probable configuration error. Use 'LimitInternalRecursion' to increase the limit if necessary. Use 'LogLevel debug' to get a backtrace., referer: https://actionprime.net/index.php?route=checkout/checkout



so any tip or proposal will be nice for us,

Thank you Ody.

Edited by ody
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Create New...

Important Information

By using this site, you agree to our Terms of Use & Guidelines and understand your posts will initially be pre-moderated