Claudebot attack

Do not post support requests, bug reports or feature requests. Discuss phpBB here. Non-phpBB related discussion goes in General Discussion!
Get Involved
timeforhelp1
Registered User
Posts: 309
Joined: Thu Feb 19, 2009 5:34 pm

Re: Claudebot attack

Post by timeforhelp1 »

I found this which may help people...
Block Country from Visiting Website with .htaccess
User avatar
ssl
Registered User
Posts: 1979
Joined: Sat Feb 08, 2020 2:15 pm
Location: Le Lude, Pays de la Loire - France
Name: Fred Rimbert

Re: Claudebot attack

Post by ssl »

We can never repeat enough that blocking IP addresses is useless and can be counterproductive, the solution to blocking bad bots is here in this subject: viewtopic.php?p=16006000#p16006000
Sorry for my English ... I do my best! :anger_right:

:point_right_tone3: phpBB: 3.3.13 | PHP: 8.3.9
:point_right_tone4: [Kill spam on phpBB] - [Some French translation of extensions]
"Mistress, Mistress someone is bothering me in pm"
User avatar
thecoalman
Community Team Member
Community Team Member
Posts: 6284
Joined: Wed Dec 22, 2004 3:52 am
Location: Pennsylvania, U.S.A.

Re: Claudebot attack

Post by thecoalman »

timeforhelp1 wrote: Tue Sep 03, 2024 3:42 pm Thanks.

I'm on cloudflare and my host has just "switched the under attack mode on and redirected all Chinese traffic away from the website".
Asking him to do Singapore now.

Fingers crossed!

If you are on Cloudflare go to security section, then click WAF link and then the custom rules link.

New rule link, from drop downs Country >> equals >> China. Under action you can just set it to JS Challenge but you can select block if you want. If you want to add more countries use the "OR" function.
“Results! Why, man, I have gotten a lot of results! I have found several thousand things that won’t work.”

Attributed - Thomas Edison
User avatar
thecoalman
Community Team Member
Community Team Member
Posts: 6284
Joined: Wed Dec 22, 2004 3:52 am
Location: Pennsylvania, U.S.A.

Re: Claudebot attack

Post by thecoalman »

nou nou wrote: Wed Sep 04, 2024 12:56 am
Tried setting up CloudFlare today but CF completely breaks my board as soon as I turn it on.
I've been using for years without issues. The one thing you need to do is restore the original IP. Ideally you have root access and can install remote_ip, you can contact your host if you are on shared hosting to see if they can help you out.

Optionally there is two extensions for this but they are older and I don't know if they still work. remote_ip is better route because it works for everything, e.g. logs.
“Results! Why, man, I have gotten a lot of results! I have found several thousand things that won’t work.”

Attributed - Thomas Edison
timeforhelp1
Registered User
Posts: 309
Joined: Thu Feb 19, 2009 5:34 pm

Re: Claudebot attack

Post by timeforhelp1 »

ssl wrote: Wed Sep 04, 2024 10:46 am We can never repeat enough that blocking IP addresses is useless and can be counterproductive, the solution to blocking bad bots is here in this subject: viewtopic.php?p=16006000#p16006000
IP addresses at .htaccess is good tho yes?
User avatar
Mick
Support Team Member
Support Team Member
Posts: 26822
Joined: Fri Aug 29, 2008 9:49 am

Re: Claudebot attack

Post by Mick »

This works well.
  • "The more connected we get the more alone we become” - Kyle Broflovski© 🇬🇧
User avatar
[Dimetrodon]
Registered User
Posts: 462
Joined: Tue Aug 30, 2022 3:29 am
Location: Paleozoic Era

Re: Claudebot attack

Post by [Dimetrodon] »

P_I wrote: Thu Mar 28, 2024 6:00 pm This definitely seems like a new one and I'm seeing many instances on my boards.

What does your .htaccess do with bad_bot?

Here's the tail end of mine that denies anything defined as bad_bot

Code: Select all

# 28-Mar-24, P_I, another one to banish
BrowserMatchNoCase "claudebot" bad_bot
Order Deny,Allow
Deny from env=bad_bot
Thank you for this, as I just had an attack by that bot tonight. This fixed it.
HiFiKabin wrote: Thu Mar 28, 2024 6:00 pm The Block Bad Bots HTACCESS I have on my extensions board might block it as it is, and/or you can add Claudebot to the list of blocked bots
8G is very good so I use it, but it does not block this bot. I decided to block Claudebot with a different set of lines separate from that, the same code that P_I uses, since I do not feel skilled enough to tamper with 8G itself.
User avatar
HiFiKabin
Community Team Member
Community Team Member
Posts: 6767
Joined: Wed May 14, 2014 9:10 am
Location: Swearing at the PC, UK
Name: James

Re: Claudebot attack

Post by HiFiKabin »

[Dimetrodon] wrote: Sun Sep 08, 2024 1:05 am 8G is very good so I use it, but it does not block this bot. I decided to block Claudebot with a different set of lines separate from that, the same code that P_I uses, since I do not feel skilled enough to tamper with 8G itself.
You just add any bot (Claudbot included) in the same way as all of the other listed bots. eg within the

# 8G:[USER AGENT]

FIND

Code: Select all

	RewriteCond %{HTTP_USER_AGENT} (checkpriv|cheesebot|cherrypick|chinaclaw|choppy|clshttp|cmsworld|copernic|copyrightcheck|cosmos|crescent|datacha|(\b)demon(\b)|diavol|discobot|dittospyder) [NC,OR]
FIND

Code: Select all

|choppy|
AFTER ADD

Code: Select all

ClaudeBot|
SAVE UPLOAD PURGE BOARDS CACHE

(you can of course add new bots anywhere within that # 8G:[USER AGENT], but keeping them in alphabetical order makes it easy to find at a later date if you needed to )
User avatar
[Dimetrodon]
Registered User
Posts: 462
Joined: Tue Aug 30, 2022 3:29 am
Location: Paleozoic Era

Re: Claudebot attack

Post by [Dimetrodon] »

HiFiKabin wrote: Sun Sep 08, 2024 8:58 amYou just add any bot (Claudbot included) in the same way as all of the other listed bots.
Will do that, Thanks!

Return to “phpBB Discussion”