What's new

Welcome to Admin Junkies, Guest — join our community!

Register or log in to explore all our content and services for free on Admin Junkies.

Log in Register now
  • Admin Junkies is proud to announce 📣 an awesome ☀️ summer special on ✍️ Content Bundles for YOUR forums! Kickstart your discussions with a Content Bundle. For the entire month of June, use the promo code AJSUMMER 🎉 to receive 50% 🎁 off your content bundle. For example, a package that normally only costs 100 Credits will only cost 50 💰 credits. Full news here.

Site Management Do you review your site traffic?

For discussions on the overall management and administration of websites and forums.
Tracy

Tracy

Legendary member
Posting Machine 1-Year Membership Webmaster
Joined
Jan 5, 2023
Messages
1,563
Website
astrowhat.com
Credits
4,013
If not... you may want to start. It's a quick way to find out if/when your site is under a DDOS attempt.

I noticed that on my site I had 70 guest visitors (and climbing)... up from the normal 2-5 that I have normally (this does not include known bots).
After watching and checking I discovered that the majority of them were coming out of South America and similar. Odds are it's a BOT attack that someone has hired out.
I went from 600 entries in this CF WAF rule to over a thousand in about 15 minutes.

Screen Shot 2024-05-12 at 4.49.58 PM.png


Some of these passed the CF challenge, so they could be valid, but I generated no new content recently that would be of interest to anyone in South America or that area.
And the solve rate continues to drop but the connections climb. So pretty good idea it is a bot network of some type, as most of the connections appear to be from ISPs in the region which is typical for a bot attack using home users computers. I used CF to check ALL of South America (and a few other individual countries that are doing the same) and use a managed challenge.

Almost every one of them has been a hit on the style path ... misc/style where the style ID and latter sequence of numbers change.

Yes, these could be valid users (but I doubt that many in this short of time) as I do have a new user from Brazil that commented he was going to let some of his friends know about the site.
BUT... I'm getting similar connections out of Russia, Kazahkstan, Pakistan, Moldovia and South Africa.

Just one more reason to use CloudFlare if you don't already. I use the free tier and have had no issues with it, and it's great for blocking/managing stuff like this.

BTW, it climbed to this in the short time I have been writing this messgage.

Screen Shot 2024-05-12 at 5.23.50 PM.png
 
Last edited:
Advertisement Placeholder
I review traffic. Sometimes I even build my content strategy based on the what pages my visitors are checking and where my visitors are coming form,
 
Tracy said:
If not... you may want to start. It's a quick way to find out if/when your site is under a DDOS attempt.

I noticed that on my site I had 70 guest visitors (and climbing)... up from the normal 2-5 that I have normally (this does not include known bots).
After watching and checking I discovered that the majority of them were coming out of South America and similar. Odds are it's a BOT attack that someone has hired out.
I went from 600 entries in this CF WAF rule to over a thousand in about 15 minutes.

View attachment 3832

Some of these passed the CF challenge, so they could be valid, but I generated no new content recently that would be of interest to anyone in South America or that area.
And the solve rate continues to drop but the connections climb. So pretty good idea it is a bot network of some type, as most of the connections appear to be from ISPs in the region which is typical for a bot attack using home users computers. I used CF to check ALL of South America (and a few other individual countries that are doing the same) and use a managed challenge.

Almost every one of them has been a hit on the style path ... misc/style where the style ID and latter sequence of numbers change.

Yes, these could be valid users (but I doubt that many in this short of time) as I do have a new user from Brazil that commented he was going to let some of his friends know about the site.
BUT... I'm getting similar connections out of Russia, Kazahkstan, Pakistan, Moldovia and South Africa.

Just one more reason to use CloudFlare if you don't already. I use the free tier and have had no issues with it, and it's great for blocking/managing stuff like this.

BTW, it climbed to this in the short time I have been writing this messgage.

View attachment 3834
Click to expand...

I do this on daily basis! Created one simple rule to block every single robot that i have found while analyzing the traffic. This not just helped in increasing the site performance but also improved user experience on the forum. We block like 62K requests in a single day!

1716084772700.png
 
SoluDome said:
I do this on daily basis! Created one simple rule to block every single robot that i have found while analyzing the traffic. This not just helped in increasing the site performance but also improved user experience on the forum. We block like 62K requests in a single day!

View attachment 4276
Click to expand...
Some bots are not bad and you want them hitting your site.
What I referenced are not those type of bots and you have to block them based upon ASN/IP/Country/Region. They generally show as guests in your online user list, so you have to monitor that as most tools in scripts will not catch them.
They are usually part of a botnet that is being ran from consumer computers and they don't announce themselves like Sogu Spyder, GoogleBot and such.
 
Tracy said:
Some bots are not bad and you want them hitting your site.
What I referenced are not those type of bots and you have to block them based upon ASN/IP/Country/Region. They generally show as guests in your online user list, so you have to monitor that as most tools in scripts will not catch them.
They are usually part of a botnet that is being ran from consumer computers and they don't announce themselves like Sogu Spyder, GoogleBot and such.
Click to expand...
We don't block every bot. We just blocked those that are degrading site performance and only on our website to collect data like tiktok, chat gpt bot, ai bots and semrush etc.
 
SoluDome said:
We don't block every bot. We just blocked those that are degrading site performance and only on our website to collect data like tiktok, chat gpt bot, ai bots and semrush etc.
Click to expand...
Once more.. these bots were not reporting as bots. They show as guest users. They have no signature (user agent) that is consistent for a bot that software can catch. So unless you were monitoring for a sudden increase in traffic (visitors) you would never notice them.
 

Log in or register to unlock full forum benefits!

Log in or register to unlock full forum benefits!

Register

Register on Admin Junkies completely free.

Register now
Log in

If you have an account, please log in

Log in

Similar threads

Tracy
General IPv6 user connections
Replies
0
Views
168
Tracy
Tracy
Tracy
Use CloudFlare? Share your ASN blocks
2
Replies
22
Views
1K
Tracy
Tracy
Timgab
Do you still expose your email on sites
Replies
6
Views
550
Darth Cognus
Darth Cognus
Tracy
Do you block TOR access to your site
Replies
6
Views
296
Heatman
Heatman
Tracy
Xenforo - new users and bounced emails
Replies
13
Views
243
Tracy
Tracy
Who read this thread (Total readers: 16)

Unread Posts

New Threads

Would You Rather #9

  • Start a forum in a popular but highly competitive niche

    Votes: 5 18.5%

  • Initiate a forum within a limited-known niche with zero competition

    Votes: 22 81.5%
See comments…
Win this space by entering the Website of The Month Contest
13.1K
Threads
122.1K
Messages
7.4K
Members
Huda
Latest member

Theme editor

Theme customizations

Dark mode

Opt for a darker theme for a sleek look.

Wider view

Experience a wider, more expansive forum layout.

Grid view

You can switch to a grid view by changing the forums listing structure.

Illustrated grid view

You can turn on/off the background images assigned for forums in the grid view.

Open/Close sidebar

Close the sidebar for a cleaner forum view.

Sticky sidebar

Enjoy a scroll-sensitive sticky sidebar for easy navigation.

Header area animation

You can turn on/off the moving particles in the header area.

Graphic Backgrounds

Granite Backgrounds