A question about ahrefs.com/robot/) & host.colocrossing.com

  • Resolved xprt007

    (@xprt007)


    6 years, 1 month ago

    Hi there

    I would like to thank you for your plugin which helps keep away vermin from several sites I manage.

    I have 2 questions:

    This “AhrefsBot/6.1; +https://ahrefs.com/robot/)” seems to be permanently in live traffic and I’m not an expert on this, but have the impression it’s up to no good. Do you know what it is and just in case it is not good or necessary, what code can be used to block it in .htaccess or any option in the free version of Wordfence?

    Secondly, through the many attempted logins/password recovery attempts, etc blocked by Wordfence, I look at them & permanently block all non-existent usernames IPs. I have done so to thousands, but the crooks never give up, with always changing hosts & IPs.

    Some however have something in common I noted and the host name always has something prepended to host.colocrossing.com.
    Someone gave me some code which was supposed to block all colocrossing.com based bots:

    
order allow,deny
deny from 23.95.99.*
allow from all

    In spite of that Wordfence reported these in the last couple of hours:

    A user with IP addr 192.227.216.151 has been locked out from signing in or using the password recovery form for the following reason: Used an invalid username
    laurencew34167′ to try to sign in.
    The duration of the lockout is 1 day.
    User IP: 192.227.216.151
    User hostname: 192-227-216-151-host.colocrossing.com
    User location: Buffalo, United States

    A user with IP addr 23.94.226.126 has been locked out from signing in or using the password recovery form for the following reason: Used an invalid username ‘laurencew34167’ to try to sign in.
    The duration of the lockout is 1 day.
    User IP: 23.94.226.126
    User hostname: 23-94-226-126-host.colocrossing.com
    User location: Los Angeles, United States

    I have no reason to believe there’s any innocent traffic from colocrossing.com, who I think are exclusively a prolific source of harmful bots.

    Is there any effective way to block whatever form or IP of any traffic from colorossing.com with the free version and if not what code would do that effectively in .htacess?

    Thank you in advance.

Viewing 1 replies (of 1 total)

  • Hi @xprt007,

    1. Is AhrefsBot a good bot? If it’s not a good bot, how do I block it?

    The link that AhrefsBot sends you (https://ahrefs.com/robot) is its own website, and of course it will state Bot Type: Good. I looked online and saw a decent amount of other people saying that it is bad.

    If you want to block this bot, you can follow these steps:

    a) Go to Wordfence -> Firewall -> Blocking -> Custom Pattern
    b) Enter *AhrefsBot* for Browser User Agent
    c) Enter a custom block reason

    For example: https://i.imgur.com/p0vSBTD.png

    2. How do I block all requests from host.colocrossing.com?

    Colocrossing is a server provider, they aren’t attacking you. However, people who rent servers from them are setting up bots that randomly scan and hit websites.

    You can choose to block all requests from host.colocrossing.com by using the steps above, but instead type *host.colocrossing.com* for Hostname.

    Dave

Viewing 1 replies (of 1 total)
  • The topic ‘A question about ahrefs.com/robot/) & host.colocrossing.com’ is closed to new replies.