Advise

OK real pain in but so far as stats go, hopefully ok as far as security goes so i will live with it try and find out more, maybe report site to the hosting company as the site looks iffy to me wanting you to log in with only social log ins

Yeah will look into this

Example:

if is not X
load the counter.js file
else
die punk/redirect somewhere else/etc

LOL
Cheers

just odd same referrer, but different ips, different countries and lots of them

You still have not told me what X is. if you can tell me that then I can post the code condition/wrap here.

Example:
HTTP_REFERER ?
REQUEST_URI ?
QUERY_STRING ?

Even though the IP address is different all of the URLS are the same correct? What is the common denominater? What field is it? Referer, Request URI or Query String?

Do you a log entry in your BPS Security Log that you can post?
Do you have a Server log entry that you can post?
Do you have a Stats log entry that you can post?

Can i post all security log ? anything in it i should not or can i mail it?

actually can’t be anything loggin these as nothing with todays date shows in BPS log

Where did you get the original info? What field is it that all of those entries have in common?

server log just shows https://semalt.com/competitors_review.php?u
Server stats top referrer `
https://semalt.com/competitors_review.php`

Originally picked it up from my statcounter Cpanel,
the only thing in common is the referrer. everything else is different, i.e the ip, the country, the browser etc etc
Serra,Espirito Santo, Brazil 177.206.36.95 semalt.com/competitors_review.php?u

and
Barrosas,Porto,Portugal 188.250.101.61 semalt.com/competitors_review.php?u

and so on all different apart from referer

Not to worry taking far to much of your time hopefully it will reduce in visits over time

Ok well trying to block by Referer in php code is very iffy and not accurate like .htaccess code so give this code a try, but it may not do a damn thing.

if the Referer is NOT semalt.com then load the counter.js file. I did not bother with doing an “else” since your goal is just to not have these entries logged.

if ( !preg_match('/semalt\.com/', $_SERVER['HTTP_REFERER']) ) {
// your statcounter code goes here
}

Ok thank you will give that a bash, will let you know

<!-- Start of StatCounter Code -->
if ( !preg_match('/semalt\.com/', $_SERVER['HTTP_REFERER']) ) {

	<script type="text/javascript">
	<!--
		var sc_project=xxxxxx;
		var sc_security="e9exxxxx";
		var sc_invisible=1;
	//-->
	</script>
	<script type="text/javascript" src="https://www.statcounter.com/counter/counter_xhtml.js"></script>
<noscript><div class="statcounter"><a title="web analytics" href="https://statcounter.com/"><img class="statcounter" src="https://c.statcounter.com/xxxxxxxx/" alt="web analytics" /></a></div></noscript>
	}<!-- End of StatCounter Code -->

Since the Stat counter code is javascript you will need to do your PHP code conditional wrap like this:

<?php if ( !preg_match('/semalt\.com/', $_SERVER['HTTP_REFERER']) ) { ?>
// your statcounter code goes here
<?php } ?>

<!-- Start of StatCounter Code -->
<?php if ( !preg_match('/semalt\.com/', $_SERVER['HTTP_REFERER']) ) { ?>
	<script type="text/javascript">
	<!--
		var sc_project=<?php echo $sc_project; ?>;
		var sc_security="<?php echo $sc_security; ?>";
<?php
if($sc_invisible==1) {
	echo "		var sc_invisible=1;\n";
}?>
	//-->
	</script>
	<script type="text/javascript" src="https://www.statcounter.com/counter/counter_xhtml.js"></script>
<noscript><div class="statcounter"><a title="web analytics" href="https://statcounter.com/"><img class="statcounter" src="https://c.statcounter.com/<?php echo $sc_project; ?>/0/<?php echo $sc_security; ?>/<?php echo $sc_invisible; ?>/" alt="web analytics" /></a></div></noscript>
	<?php } ?><!-- End of StatCounter Code -->

give it a go logs mine so works still lets see if the semalt gets hit then

What’s your website URL. I attack it right now as semalt.com. ??

Site removed think you have it

`At&t U-verse (108.213.xx.xx) Chrome 32.0
Win7
1600×900