Support

Admin Tools

#20460 Bandwisth hogs via awstats

Posted in ‘Admin Tools for Joomla! 4 & 5’
This is a public ticket

Everybody will be able to see its contents. Do not include usernames, passwords or any other sensitive information.

Environment Information

Joomla! version
n/a
PHP version
n/a
Admin Tools version
n/a

Latest post by nicholas on Tuesday, 08 July 2014 10:09 CDT

Tuesday, 08 July 2014 08:25 CDT

szymas
 we have a huge amount of traffic (bots I assume) from these ip address

sn093.s01.sjc01.qualys.com 275,466 275,774 7.15 GB 09 Jun 2014 - 05:51
64.39.104.110 61,516 486,619 7.56 GB 30 Jun 2014 - 19:19
107-194-106-212.lightspeed.wlfrct.sbcglobal.net 45,583 45,785 2.76 GB 21 Jun 2014 - 15:23

how do I go about banning them in admin tools? one of them is the honeypot which we put into admin tools..!!

Our site has slowed down.. not sure what to do!

Tuesday, 08 July 2014 10:09 CDT

nicholas
one of them is the honeypot which we put into admin tools..!!


I don't understand what you mean with this. The Project HoneyPot integration works at the DNS level, exactly because they want to reduce traffic flow (DNS queries are cached and much more lightweight than HTTP requests). It never shows any HTTP traffic which means that AWStats (which is where, I guess, you copied these lines from) do not report traffic for Project HoneyPot lookups. Not to mention that the hostnames I see have nothing to do with the Project HoneyPot lookup service to begin with!

Admin Tools does not have any feature which will cause a third party site to access your site over HTTP (which is what AWStats reports). It would be kinda pointless, wouldn't it? The idea is to block unnecessary traffic, not inflict an extra 18Gb of it per month.

I think you are confused as to what you did with Admin Tools, what you see in AWStats and what you want to do. I also cannot deduce what kind of traffic is caused by the three domains / IP addresses you pasted here. This is something you have to see in the drill-down views of AWStats and decide if it's legitimate traffic or a bot.

If it's a bot and really makes so many thousand requests per month (about 25,000 per day) I would recommend blocking the IPs using .htaccess, not Admin Tools. Using .htaccess is more efficient –meaning: less slowdown on your server– for blocking high frequency access. The reason is that Admin Tools has to wait for Joomla! to boot up, read the blocked IPs from the database and block traffic. .htaccess works a very long time before PHP has even the chance to load, making it faster by one to two orders of magnitude.

For more information on blocking IPs using .htaccess please refer to http://www.htaccesstools.com/block-ips/ If you are already using Admin Tools' .htaccess Maker paste the generated rules in the custom directives to place at the top of the file and remember to regenerate the .htaccess file for your rules to have any effect. If you are managing your own .htaccess you should paste the generated rules right below your .htaccess file's "RewriteBase" line.

Nicholas K. Dionysopoulos

Lead Developer and Director

🇬🇷Greek: native 🇬🇧English: excellent 🇫🇷French: basic • 🕐 My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

Support Information

Working hours: We are open Monday to Friday, 9am to 7pm Cyprus timezone (EET / EEST). Support is provided by the same developers writing the software, all of which live in Europe. You can still file tickets outside of our working hours, but we cannot respond to them until we're back at the office.

Support policy: We would like to kindly inform you that when using our support you have already agreed to the Support Policy which is part of our Terms of Service. Thank you for your understanding and for helping us help you!