Announcement

Collapse
No announcement yet.

Spambots attacking my site - please help!

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Spambots attacking my site - please help!

    For the past couple of weeks, spam bots have been attacking my site, fraudulently subscribing email addresses to my newsletter (over 50 per day, not initiated by the email owner) and raising the number of visitors to my site, thus raising my bandwidth use and ultimately the amount of money that I have to pay 3dCart because they're saying that my store is "flourishing" and I'm exceeding my allowance. 3dCart support says there is nothing I can do to stop this. Is that true? Has anyone else experienced this? Please tell me there is something I can do because I can't continue like this. Thanks in advance.

  • #2
    You could perhaps get the ip address of the bots, and block them using the tool on the admin:

    https://support.3dcart.com/Knowledge...ssing-my-store

    ----------------------------
    Gonzalo Gil
    3dCart Support
    800-828-6650 x111

    Comment


    • #3
      How do I get the ip address? Is that logged somewhere?

      Comment


      • #4
        Well, if they are just coming to the home page, signing up for the newsletter, and leaving. Then, the only way would be to download the web logs.
        But, most likely, they are spiders, and they would also be browsing the site, creating incomplete orders with alot of items, if you see that, then, the order will have the IP, and you can then ban that ip.
        ----------------------------
        Gonzalo Gil
        3dCart Support
        800-828-6650 x111

        Comment


        • #5
          Ok thanks. There are some incomplete orders, about 25 within the time frame that this started from various IP addresses so I will ban those and hope that helps. How are they getting email addresses to signup for the newsletter? I have received numerous emails from people saying that they never signed up. Is there a way to add Captcha or something else to prevent that?

          Comment


          • #6
            Originally posted by kidsdesign View Post
            How do I get the ip address? Is that logged somewhere?
            What Gonzalo says is correct and would work, but you could inadvertently ban people like me who stare at an item in their cart for days and wonder if they should buy it.

            Instead, you can check with support to see if your service plan comes with access to SmarterStats. If so, ask support for the login credentials and access the stats.

            Go to Site Activity > Visitors > IP Addresses:

            SmarterStats.png


            The date defaults to the past 30 days. Change this to the day(s) you experienced the influx of traffic and re-generate the report. Take a look at the top results based on page views. Those at the top should be 3dcart, cloud service / data security providers, and things of this nature. You can copy/paste IP addresses into Google to research them, and ban accordingly. Good luck.
            - Dean P. e-commerce and small business consulting

            Comment


            • #7
              You can also block many bad blocks by clicking the "Marketing", then clicking "SEO Tools", then click "Edit Robots.txt File" (it will be in green lettering under the Robots,txt area, then we enter the following in the Robots.txt area. this has cut down significantly on bots hitting our site and also our bandwidth is much better. There are many more "bad" bots per se - we add them along the way.

              # Disallow all crawlers access to certain pages.

              User-agent: *
              Disallow: /checkout.asp
              Disallow: /add_cart.asp
              Disallow: /view_cart.asp
              Disallow: /error.asp
              Disallow: /shipquote.asp
              Disallow: /rssfeed.asp
              Disallow: /mobile/
              Disallow: /admin/


              # Block Yandex from crawling site
              User-agent: Yandex
              Disallow: /

              # Block Yeti
              User-agent: Yeti
              Disallow: /

              # Block NextGenSearchBot
              User-agent: NextGenSearchBot
              Disallow: /

              # Block ia-archiver from crawling site
              User-agent: ia_archiver
              Disallow: /

              # Block Baiduspider from crawling site
              User-agent: Baiduspider
              Disallow: /

              # Block PicScout Crawler from crawling site
              User-agent: PicScout
              Disallow: /

              # Block MJ12bot from crawling site
              User-agent: MJ12bot
              Disallow: /

              # Block 008 from crawling site
              User-agent: 008
              Disallow: /

              # Block AhrefsBot from crawling site
              User-agent: AhrefsBot
              Disallow: /

              # Block CCBot Crawler from crawling site
              User-agent: CCBot
              Disallow: /

              # Block BLEXBot Crawler from crawling site
              User-agent: BLEXBot Crawler
              Disallow: /

              # Block TinEye from crawling site
              User-agent: TinEye
              Disallow: /

              # Block Sogou Spider from crawling site
              User-agent: Sogou Spider
              Disallow: /

              # Block Exabot from crawling site
              User-agent: Exabot
              Disallow: /

              # Block Nutch from crawling site
              User-agent: Nutch
              Disallow: /

              # Block MJ12bot as it is just noise
              User-agent: MJ12bot
              Disallow: /

              # Block Python-urllib
              User-agent: Python-urllib
              Disallow: /

              # Block dotbot
              User-agent: dotbot
              Disallow: /

              # Block SEOkicks
              User-agent: SEOkicks-Robot
              Disallow: /

              # Block BlexBot
              User-agent: BLEXBot
              Disallow: /

              # Block SISTRIX
              User-agent: SISTRIX Crawler
              Disallow: /

              # Block Uptime robot
              User-agent: UptimeRobot/2.0
              Disallow: /

              # Block Ezooms Robot
              User-agent: Ezooms Robot
              Disallow: /

              # Block Perl LWP
              User-agent: Perl LWP
              Disallow: /

              # Block netEstate NE Crawler (+http://www.website-datenbank.de/)
              User-agent: netEstate NE Crawler (+http://www.website-datenbank.de/)
              Disallow: /

              # Block WiseGuys Robot
              User-agent: WiseGuys Robot
              Disallow: /

              # Block Turnitin Robot
              User-agent: Turnitin Robot
              Disallow: /

              # Block Heritrix
              User-agent: Heritrix
              Disallow: /

              # Block pricepi
              User-agent: pimonster
              Disallow: /
              User-agent: Pimonster
              Disallow: /
              User-agent: Pi-Monster
              Disallow: /

              # Block Eniro
              User-agent: ECCP/1.0 ([email protected])
              Disallow: /

              # Block YandexBot
              User-agent: Yandex
              Disallow: /

              # Block Baidu
              User-agent: Baiduspider
              User-agent: Baiduspider-video
              User-agent: Baiduspider-image
              Disallow: /

              # Block SoGou
              User-agent: Sogou Spider
              Disallow: /

              # Block Psbot
              User-agent: Psbot
              Disallow: /

              # Block Youdao
              User-agent: YoudaoBot
              Disallow: /

              # BLEXBot
              User-agent: BLEXBot
              Disallow: /

              # Block NaverBot
              User-agent: NaverBot
              User-agent: Yeti
              Disallow: /

              # Block Psbot
              User-agent: Psbot
              Disallow: /

              # Block Mediapartners-Google
              User-agent: Mediapartners-Google
              Disallow: /

              #Block Googlebot-Image
              User-agent: Googlebot-Image
              Disallow: /

              # Block ZBot
              User-agent: ZBot
              Disallow: /

              # Block Vagabondo
              User-agent: Vagabondo
              Disallow: /

              # Block LinkWalker
              User-agent: LinkWalker
              Disallow: /

              # Block Xenu Link Sleuth
              User-agent: Xenu Link Sleuth
              Disallow: /

              # Block SimplePie
              User-agent: SimplePie
              Disallow: /

              # Block Wget
              User-agent: Wget
              Disallow: /

              # Block Pixray-Seeker
              User-agent: Pixray-Seeker
              Disallow: /

              # Block BoardReader
              User-agent: BoardReader
              Disallow: /

              # Block Unknown Bot
              User-agent: Unknown Bot
              Disallow: /



              Comment


              • #8
                ebeegirl, how to you identify the bad bots?
                Jim

                Comment


                • #9
                  years of dealing with them and also watching their activity. we do not sell overseas so we block overseas bots - there are many more as I add 1-2 per month. You can even google bad bots etc and you'll find hundreds. If you see a spider you do not know in your statcounter you can google it and research it prior to block it.

                  Comment


                  • #10
                    You can also look at at service like: https://www.incapsula.com/pricing-and-plans.html

                    We use their business plan, but their free or pro plan also does have bot protection. The customer support is slow (usually 1-2 day for a response), but they do have a great system. They are part of Imperva which is a leading company in their field.

                    I highly recommend looking into this. Any of you with sizeable traffic/sales should have this (or another like service) in place already.

                    Rob

                    Comment

                    Working...
                    X