Welcome to the GoFuckYourself.com - Adult Webmaster Forum forums.

You are currently viewing our boards as a guest which gives you limited access to view most discussions and access our other features. By joining our free community you will have access to post topics, communicate privately with other members (PM), respond to polls, upload content and access many other special features. Registration is fast, simple and absolutely free so please, join our community today!

If you have any problems with the registration process or your account login, please contact us.

Post New Thread Reply

Register GFY Rules Calendar Mark Forums Read
Go Back   GoFuckYourself.com - Adult Webmaster Forum > >
New Webmasters ask "How-To" questions here. This is where other fucking Webmasters help.

 
Thread Tools
Old 12-07-2017, 12:28 AM   #201
Barry-xlovecam
It's 42
 
Barry-xlovecam's Avatar
 
Industry Role:
Join Date: Jun 2010
Location: Global
Posts: 18,092
as root

Code:
$ ./ufw_deny_all.sh
Code:
#!/bin/bash 
#-vx
file=server-ban-ufw-list.csv
for line in $(cat $file)  ; do

ufw deny from $line to any
sleep 1

done < ${file}
This script will stop after 30 entries sonetimes ^s ^q will restart it
you can try
Code:
$ ./ufw_deny_all.sh || true
that may help
bash error checking is
Code:
#!/bin/bash -vx
There a lot of setup tutorials on UFW

I added allow to ssh (22) only my static ips
I DID NOT allow ftp (I only use sftp and scp on 22)
I allow ftp when necessary I have a worpress on one server that needs it to update, After up dating I block ftp
You need to allow http and https

--------

Code:
[email protected]:~$ host 51.15.40.0
0.40.15.51.in-addr.arpa domain name pointer 0-40-15-51.rev.cloud.scaleway.com.
[email protected]:~$ host 37.9.114.0
Host 0.114.9.37.in-addr.arpa. not found: 3(NXDOMAIN)
[email protected]:~$ whois 37.9.114.0
Quote:

inetnum: 37.9.64.0 - 37.9.127.255
netname: RU-YANDEX-20111214

country: RU
org: ORG-YA1-RIPE
You want to block the *right* ips or CIDR /24 /20 etc.
I only block single IPs for abusive ISP users and not servers -- I will cut off whole datacenters on some servers -- without looking back. However I know i may lose some VPN users that are legit buyer (collateral damage).

On mail servers you need to only block some single IPs of spam servers (etc).

you need to allow the ports your mail server needs (<incoming)

Code:
#!/bin/bash 
#-vx
file=server-ban-ufw-list.csv
for line in $(cat $file)  ; do

echo host $line
sleep 1

done < ${file}
WHO THE IPs that resolve ARE!
https://pastebin.com/28QEjW6B

Ahrefs and Semrush are spybots -- SEO for simpletons.

What bots look like IRL


The ones that do not resolve are servers in datacenters probably with no hostname entry.
If you don't want to do business with them -- block them -- that is up to you. Most legit (not all) ISP users (people) IP's resolve to hostnames.

$resolveip [ip] [hostname]

$man resolveip
__________________
Vive la résistance -- Carpe diem

"If you only knew the power of the dark side." ...Darth Vader
Sk.why.pe: barry_555_5 -- ICQ: three1896three617
Barry-xlovecam is offline   Share thread on Digg Share thread on Twitter Share thread on Reddit Share thread on Facebook Reply With Quote
Old 12-07-2017, 02:54 PM   #202
porn-update
Confirmed User
 
porn-update's Avatar
 
Industry Role:
Join Date: Apr 2014
Posts: 354
This s**t doesn't work...

Yesterday I set all the rules in Iptables, today the bastard who clones My sites is back, its IP enters and exits without problems in my server, although in my iptables there is this rule that blocks its IP.
Code:
iptables -A INPUT -s 93.105.187.11 -j DROP
It's not working, just as it didn't work in UFW doesn't even work iptables.

I reset everything again and entered a single rule in iptables and now the IP of the bastard is properly locked...

I believe that in Digitalocean there is a limit on the number of rules that can be entered in UFW or iptables, those beyond the limit are ignored.

Even Nixstat, who needs HTTPS, after adding all the rules did not work anymore, removing the rules back to work. Perhaps the rules that allow HTTPS traffic is beyond the limit.

Now my firewall only blocks the IP of the bastard., but I want to be able to block at least the traffic from China

In Digitalocean There is something called "Cloud Firewall" https://www.digitalocean.com/communi...loud-firewalls, with this inscription: Limits: Total incoming and outgoing rules for Firewall: 50.

The Digitalocean firewall limit may also be applied to UFW and Iptables?
porn-update is offline   Share thread on Digg Share thread on Twitter Share thread on Reddit Share thread on Facebook Reply With Quote
Old 12-11-2017, 03:44 PM   #203
porn-update
Confirmed User
 
porn-update's Avatar
 
Industry Role:
Join Date: Apr 2014
Posts: 354
So, after countless tutorial guides, iptable templates, etc etc etc etc etc etc etc etc and so on UFW and iptables etc., nothing ever works... as soon as the rules increase they begin to be ignored.

Now my rules.v4 is this: http://porn-update.com/temp/rules.v4, as simple as possible, only blocks the IP of the bastard and Baidu.

The server works well, the sites are online, everything looks wonderful, until I go to see the visits...



I'm losing about half of my normal visits.

It is true that the cloned sites were closed, and removed from the DMCA results in Google that probably created confusion even in statistics.

And maybe even in Webmaster tools.



But perhaps the most important thing is that the clicks that arrive at the pop-unders and the affiliate services have not diminished much



I noticed that most of the visits I lost in the server 14.04 (which contains my sites with more turnout), more or less 50% on 14.04 and about 30% on 16.04.

At this point the doubt comes, something is wrong with my iptables? Is it blocking something that shouldn't?

How can I understand/verify if the firewalls are doing more than necessary?

(I wouldn't even know exactly what I should look over HTTP, https, and SSH...)


Summary:
Applied new simple Rules. V4 in Iptables.
Closing clone sites and removing results (DMCA).
Loss about 50% visits (especially in 14.04).
Click to pop-unders and affiliations, almost constant.


The Doubts:
What the f*** is going on?
How can I check if the firewalls in my server are working properly or are blocking too much?
porn-update is offline   Share thread on Digg Share thread on Twitter Share thread on Reddit Share thread on Facebook Reply With Quote
Old 12-11-2017, 04:03 PM   #204
sarettah
I'll make you famous...
 
Industry Role:
Join Date: Oct 2002
Location: Kansas City, Misery
Posts: 7,089
Did you keep track anywhere of referrals? Meaning do you know where the traffic was coming from before so that you can compare it to where it is coming from now?

That might tell you a lot.

You say you pretty much killed the clones. Is it possible that some of the clones included links to you that you have now killed?

Just some ideas to look at that have nothing to do with whether your set up is right or now.

.
sarettah is online now   Share thread on Digg Share thread on Twitter Share thread on Reddit Share thread on Facebook Reply With Quote
Old 12-11-2017, 07:22 PM   #205
porn-update
Confirmed User
 
porn-update's Avatar
 
Industry Role:
Join Date: Apr 2014
Posts: 354
It is difficult to understand who are the referal, because that moron who copied my sites has left my code anlytics, my code Yandex metrica, my Google Webmaster Tools verification Code, my advertising codes etc.

Also one of the cloned sites is this: Adult Hashtag, which sends visits to all my sites.

Of all this mess, what remains are just a lot of doubts...
porn-update is offline   Share thread on Digg Share thread on Twitter Share thread on Reddit Share thread on Facebook Reply With Quote
Old Yesterday, 05:47 PM   #206
Barry-xlovecam
It's 42
 
Barry-xlovecam's Avatar
 
Industry Role:
Join Date: Jun 2010
Location: Global
Posts: 18,092
Enable logging for iptables

https://tecadmin.net/enable-logging-...les-on-linux/#
__________________
Vive la résistance -- Carpe diem

"If you only knew the power of the dark side." ...Darth Vader
Sk.why.pe: barry_555_5 -- ICQ: three1896three617
Barry-xlovecam is offline   Share thread on Digg Share thread on Twitter Share thread on Reddit Share thread on Facebook Reply With Quote
Post New Thread Reply
Go Back   GoFuckYourself.com - Adult Webmaster Forum > >

Bookmarks

Tags
vps, centos, cwp, thinking, line, free, command, software, advice, direction, cpanel, memcache, guides, correct, reverse, varnish, tool, litespeed, proxy, initial, acpu, opcache, apache, web, past
Thread Tools




©2000-, AVN Media Network Inc



Powered by vBulletin
Copyright © 2000- Jelsoft Enterprises Limited.