To help others could you share the user-agent that was causing the problems and how you blocked it.
Code: Select all
54.151.36.231
54.153.6.129
54.153.93.94
54.176.48.83
54.176.94.197
54.177.178.14
54.177.39.219
54.183.144.10
54.183.166.109
54.183.225.109
54.183.247.91
54.193.189.188
54.193.220.19
54.193.76.168
54.198.175.129
54.202.126.67
54.215.223.163
54.215.93.15
54.219.129.132
54.219.168.168
54.219.26.211
54.219.62.104
54.67.114.231
54.67.123.108
54.67.18.72
54.67.59.208
34.220.21.228
52.26.166.208
54.190.167.123
34.220.66.220
54.219.83.224
54.198.189.60
54.193.155.136
54.241.218.125
13.56.249.197
Code: Select all
3.82.143.228
3.83.83.99
3.83.97.232
3.83.140.249
3.83.142.184
3.83.176.144
3.84.148.1
3.85.165.14
3.86.23.4
3.86.98.217
3.86.163.247
3.87.24.1
3.87.44.252
3.87.193.35
3.87.217.177
3.88.8.40
3.91.180.111
3.92.226.106
18.204.17.216
18.212.7.243
34.201.46.66
34.207.129.242
34.230.38.26
34.238.51.156
34.238.52.110
34.238.53.191
34.239.127.61
35.171.160.204
35.173.233.104
35.174.113.155
35.175.244.229
44.201.195.188
44.201.206.44
44.201.206.104
44.202.67.240
44.202.231.238
44.203.193.229
44.204.11.183
44.204.18.189
44.204.34.89
44.204.56.127
44.204.71.109
44.204.92.192
44.204.150.68
44.204.171.180
44.204.192.97
44.206.228.216
44.208.23.40
44.210.130.108
44.211.127.193
44.211.152.25
44.212.75.53
52.23.228.217
52.70.149.73
52.87.241.16
52.90.83.75
52.91.200.40
52.207.239.155
54.88.95.94
54.89.242.118
54.147.124.252
54.152.227.58
54.157.41.163
54.160.7.218
54.166.109.84
54.172.213.72
54.174.247.108
54.175.160.203
54.196.82.247
54.204.108.69
54.205.36.117
54.205.94.222
54.211.145.240
54.243.7.168
100.26.195.119
100.26.206.191
184.72.194.146
I had the following code hanging around from a previous issue. I uncommented it and added okhttp, taking care of the problem.
Code: Select all
RewriteEngine on
RewriteCond %{QUERY_STRING} .
RewriteCond %{HTTP_USER_AGENT} 11A465|Ahrefs|ArchiveBot|AspiegelBot|Baiduspider|bingbot|BLEXBot|Bytespider|CCBot|Curebot|Daum|Detectify|DotBot|Grapeshot|heritrix|Kinza|LieBaoFast|Linguee|LMY47V|MauiBot|Mb2345Browser|MegaIndex|MicroMessenger|MJ12bot|MQQBrowser|PageFreezer|PiplBot|Riddler|Screaming.Frog|Search365bot|SearchBlox|Seekport|SemanticScholarBot|SemrushBot|SEOkicks|serpstatbot|Siteimprove.com|Sogou.web.spider|trendictionbot|TurnitinBot|UCBrowser|weborama-fetcher|Vagabondo|VelenPublicWebCrawler|YandexBot|YisouSpider|Facebot|Twitterbot|Amazonbot|neevabot|okhttp [NC]
RewriteRule ^.* - [F,L]
With Cloudflare you can actually block AWS's entire range using single NAT rule. One thing to be aware of when using such rules is it's a sledgehammer. DuckDuckGO uses AWS and you'll blocking them if you don't whitelist their IP's.Noxwizard wrote: ↑Sun Mar 19, 2023 9:54 pm Those IPs belong to Amazon EC2. You should reach out to their abuse address ([email protected]) with those IP addresses and timestamps. Whether they'll do anything about that customer is another story.