Claudebot attack

Do not post support requests, bug reports or feature requests. Discuss phpBB here. Non-phpBB related discussion goes in General Discussion!
Get Involved
deninho32
Registered User
Posts: 201
Joined: Tue May 21, 2019 8:57 am

Claudebot attack

Post by deninho32 »

Since today my board has 150 bots online, almost all are claudebot. I can't find anything about it on this forum yet.

I've tried to add the following line to my .htaccess file, but without success. Anyone who can help?

Code: Select all

BrowserMatchNoCase "claudebot" bad_bot
Last edited by Mick on Wed May 01, 2024 8:09 am, edited 1 time in total.
Reason: Solved.
phpBB 3.3.7 | PHP Version 8.2.4 | Milk Theme
User avatar
Mick
Support Team Member
Support Team Member
Posts: 26639
Joined: Fri Aug 29, 2008 9:49 am

Re: Claudebot attack

Post by Mick »

You can try robots.txt to stop any AI bots, whether or not they respect it is a different thing. You could also ask your host as they may have something in place for this kind of bot.
  • "The more connected we get the more alone we become" - Kyle Broflovski©
  • "The good news is hell is just the product of a morbid human imagination.
    The bad news is, whatever humans can imagine, they can usually create.
    " - Harmony Cobel
User avatar
HiFiKabin
Community Team Member
Community Team Member
Posts: 6700
Joined: Wed May 14, 2014 9:10 am
Location: Swearing at the PC, UK
Name: James

Re: Claudebot attack

Post by HiFiKabin »

The Block Bad Bots HTACCESS I have on my extensions board might block it as it is, and/or you can add Claudebot to the list of blocked bots
User avatar
P_I
Community Team Member
Community Team Member
Posts: 2387
Joined: Tue Mar 01, 2011 8:35 pm
Location: Western Canada 🇨🇦

Re: Claudebot attack

Post by P_I »

This definitely seems like a new one and I'm seeing many instances on my boards.

What does your .htaccess do with bad_bot?

Here's the tail end of mine that denies anything defined as bad_bot

Code: Select all

# 28-Mar-24, P_I, another one to banish
BrowserMatchNoCase "claudebot" bad_bot
Order Deny,Allow
Deny from env=bad_bot
Normal people… believe that if it ain’t broke, don’t fix it. Engineers believe that if it ain’t broke, it doesn’t have enough features yet. – Scott Adams
User avatar
HiFiKabin
Community Team Member
Community Team Member
Posts: 6700
Joined: Wed May 14, 2014 9:10 am
Location: Swearing at the PC, UK
Name: James

Re: Claudebot attack

Post by HiFiKabin »

P_I wrote: Thu Mar 28, 2024 6:00 pm What does your .htaccess do with bad_bot?
Its a HTACCESS script by Jeff Star

The 8G Firewall is a carefully crafted set of security rules for Apache and Nginx servers. It can be applied via your site’s public root .htaccess file, or added via server configuration. Once added, 8G provides powerful server-level protection against a wide range of malicious requests, bad bots, automated attacks, spam, and many other types of threats and nonsense. It’s a lightweight (only 17KB) strong firewall that improves site security and peace of mind.
User avatar
P_I
Community Team Member
Community Team Member
Posts: 2387
Joined: Tue Mar 01, 2011 8:35 pm
Location: Western Canada 🇨🇦

Re: Claudebot attack

Post by P_I »

HiFiKabin wrote: Thu Mar 28, 2024 6:08 pm
P_I wrote: Thu Mar 28, 2024 6:00 pm What does your .htaccess do with bad_bot?
Its a HTACCESS script by Jeff Star
Our posts crossed. I was asking the OP.

I have posted this a number of times that I've been using Blocking aggressive Chinese crawlers/scrapers/bots - John Large .co.uk, particularly this version.
Normal people… believe that if it ain’t broke, don’t fix it. Engineers believe that if it ain’t broke, it doesn’t have enough features yet. – Scott Adams
deninho32
Registered User
Posts: 201
Joined: Tue May 21, 2019 8:57 am

Re: Claudebot attack

Post by deninho32 »

This is in my .htaccess

Code: Select all

BrowserMatchNoCase "libwww-perl" bad_bot
BrowserMatchNoCase "wget" bad_bot
BrowserMatchNoCase "LieBaoFast" bad_bot
BrowserMatchNoCase "Mb2345Browser" bad_bot
BrowserMatchNoCase "zh-CN" bad_bot
BrowserMatchNoCase "MicroMessenger" bad_bot
BrowserMatchNoCase "zh_CN" bad_bot
BrowserMatchNoCase "Kinza" bad_bot
BrowserMatchNoCase "Bytespider" bad_bot
BrowserMatchNoCase "Baiduspider" bad_bot
BrowserMatchNoCase "Sogou" bad_bot
BrowserMatchNoCase "Datanyze" bad_bot
BrowserMatchNoCase "AspiegelBot" bad_bot
BrowserMatchNoCase "adscanner" bad_bot
BrowserMatchNoCase "serpstatbot" bad_bot
BrowserMatchNoCase "spaziodat" bad_bot
BrowserMatchNoCase "undefined" bad_bot
BrowserMatchNoCase "claudebot" bad_bot
Order Deny,Allow
Deny from env=bad_bot
phpBB 3.3.7 | PHP Version 8.2.4 | Milk Theme
User avatar
cabot
Registered User
Posts: 721
Joined: Sat Jan 07, 2012 4:16 pm

Re: Claudebot attack

Post by cabot »

P_I wrote: Thu Mar 28, 2024 6:00 pm Here's the tail end of mine that denies anything defined as bad_bot

Code: Select all

# 28-Mar-24, P_I, another one to banish
BrowserMatchNoCase "claudebot" bad_bot
Order Deny,Allow
Deny from env=bad_bot
Thx!

I had the same problem today, and this solved it.
User avatar
P_I
Community Team Member
Community Team Member
Posts: 2387
Joined: Tue Mar 01, 2011 8:35 pm
Location: Western Canada 🇨🇦

Re: Claudebot attack

Post by P_I »

deninho32 wrote: Thu Mar 28, 2024 6:52 pm This is in my .htaccess
That looks correct. Are you still seeing claudebot instances active on your board?
Normal people… believe that if it ain’t broke, don’t fix it. Engineers believe that if it ain’t broke, it doesn’t have enough features yet. – Scott Adams
deninho32
Registered User
Posts: 201
Joined: Tue May 21, 2019 8:57 am

Re: Claudebot attack

Post by deninho32 »

Yes, even more now.

Edit: I've added them to the following lines and that solved it.

Code: Select all

##spammers
Options +FollowSymLinks
RewriteEngine On
RewriteBase /
RewriteCond %{HTTP_USER_AGENT} AhrefsBot/6.1|Ahrefs|Baiduspider|BLEXBot|SemrushBot|claudebot|YandexBot/3.0|Bytespider|YandexBot|Mb2345Browser|LieBaoFast|zh-CN|MicroMessenger|zh_CN|Kinza|Datanyze|serpstatbot|spaziodati|OPPO\sA33|AspiegelBot|PetalBot [NC]
RewriteRule ^ - [F,L]
Thanks for helping out.
phpBB 3.3.7 | PHP Version 8.2.4 | Milk Theme
Lady_G
Registered User
Posts: 273
Joined: Fri Jun 08, 2012 12:38 pm
Location: US

Re: Claudebot attack

Post by Lady_G »

Yes, thank you!

I block bad bots from my HAProxy load balancer. It's configured to read a "bad bot" text file.

I added claudebot to the file and phpBB went from over 100 bots to zero.
User avatar
ssl
Registered User
Posts: 1746
Joined: Sat Feb 08, 2020 2:15 pm
Location: Le Lude, Pays de la Loire - France
Name: Fred Rimbert

Re: Claudebot attack

Post by ssl »

cabot wrote: Thu Mar 28, 2024 7:28 pm
P_I wrote: Thu Mar 28, 2024 6:00 pm Here's the tail end of mine that denies anything defined as bad_bot

Code: Select all

# 28-Mar-24, P_I, another one to banish
BrowserMatchNoCase "claudebot" bad_bot
Order Deny,Allow
Deny from env=bad_bot
Thx!

I had the same problem today, and this solved it.
Glad for you
Sorry for my English ... I do my best!

phpBB: 3.3.11 | PHP: 8.2.16
[Kill spam on phpBB] - [Some French translation of extensions]
"Mistress, Mistress someone is bothering me in pm"
User avatar
german-german
Registered User
Posts: 76
Joined: Sun Jan 15, 2017 1:56 am
Location: Buenos Aires - Argentina
Name: Germán A. Sassone

Re: Claudebot attack

Post by german-german »

Mirrabeau
Registered User
Posts: 14
Joined: Tue Oct 05, 2021 2:27 pm

Re: Claudebot attack

Post by Mirrabeau »

P_I wrote: Thu Mar 28, 2024 6:00 pm This definitely seems like a new one and I'm seeing many instances on my boards.

What does your .htaccess do with bad_bot?

Here's the tail end of mine that denies anything defined as bad_bot

Code: Select all

# 28-Mar-24, P_I, another one to banish
BrowserMatchNoCase "claudebot" bad_bot
Order Deny,Allow
Deny from env=bad_bot
This works perfectly. After restarting Apache of course.
User avatar
lurttinen
Translator
Posts: 4729
Joined: Tue Sep 21, 2004 12:05 pm

Re: Claudebot attack

Post by lurttinen »

They train their AI and rape your website while dong it. :lol:

"helpful, honest, and harmless AI system" as they say it is.

We can skew their training by blocking access to the data. ;)
Signature is here

Return to “phpBB Discussion”