Trying to stop a person/company from accessing my website

This person/company is up to no good from what I see they're doing on my website (spminiatures.com)

This is the information on the "whose online page"
Host: ecs-101-44-249-182.compute.hwclouds-dns.com

I have put in my htaccess file the following:
deny from hwclouds
deny from huaweicloud.com
deny from hwclouds-dns.com
deny from 101.44.248.0-101.44.251.255
deny from 101-44-248-0-101-44-251-255

Obviously I'm not sure of what I'm doing.

Any thoughts?
Thanks
Carol

Some ideas that may help:

https://docs.zen-cart.com/user/troub...csf-and-cphulk

[QUOTE=swguy;1398820]Some ideas that may help:

https://docs.zen-cart.com/user/troub...csf-and-cphulk[/QUOTETh

Thank you. I was really looking for a simpler solution and I wondered why what I've done isn't working.

Carol

Lots of wide-range IP addresses from (xxx.compute.hwclouds-dns.com) keep scanning my fresh-installed ZC v1.5.8, so I add this to .htaccess:

<RequireAll>
Require all granted
Require not host compute.hwclouds-dns.com
</RequireAll>

My firewall only denies access from specific IP addresses, not domains, so I'm still looking for a way to work on the firewall side.

Update:

I collect about 100 IP addresses that try to scan my ZC from ecs-xxx.compute.hwclouds-dns.com, and figure out that all of them are from Singapore. Since I never have any customers from SG, I put my firewall to block all access from SG, and enjoy my coffeee.

Quote:

---

Originally Posted by siliconbug

Lots of wide-range IP addresses from (xxx.compute.hwclouds-dns.com) keep scanning my fresh-installed ZC v1.5.8, so I add this to .htaccess:

<RequireAll>
Require all granted
Require not host compute.hwclouds-dns.com
</RequireAll>

My firewall only denies access from specific IP addresses, not domains, so I'm still looking for a way to work on the firewall side.

---

The host has a wildcard

It's formatted like

ecs-139-9-35-91.compute.hwclouds-dns.com

Quote:

---

Originally Posted by mprough

The host has a wildcard

It's formatted like

ecs-139-9-35-91.compute.hwclouds-dns.com

---

Yes, I understand it's a wildcard.
I don't know why someone(?) uses at least 100 different IP addresses to scan my ZC within an hour, and I'm uncomfortable with it, so I decide to block all connections from *.compute.hwclouds-dns.com

Now I block all connections from Singapore from my firewall, not .htaccess.

Quote:

---

Originally Posted by siliconbug

Yes, I understand it's a wildcard.
I don't know why it uses at least 100 different IP addresses to scan my ZC within an hour, and I'm uncomfortable with it, so I decide to block all connections from *.compute.hwclouds-dns.com

---

It's a public Internet service. The statement you supplied

*.compute.hwclouds-dns.com

Has not worked for me. Hosts are easily spoofed, you can literally send any host info your heart desires. The only effective way is to block their CIDR... which for the life of me I cannot find =(

Quote:

---

Originally Posted by mprough

It's a public Internet service. The statement you supplied

*.compute.hwclouds-dns.com

Has not worked for me. Hosts are easily spoofed, you can literally send any host info your heart desires. The only effective way is to block their CIDR... which for the life of me I cannot find =(

---

Just compute.hwclouds-dns.com
don't put *. before it.

I use it on apache v2.4 and it works.

FYI: https://help.dreamhost.com/hc/en-us/...-htaccess-file

Quote:

---

Originally Posted by siliconbug

Just compute.hwclouds-dns.com
don't put *. before it.


I use it on apache v2.4 and it works.

FYI: https://help.dreamhost.com/hc/en-us/...-htaccess-file

---

Is this the .htaccess file in the root folder for the zencart install ? I am also getting hammed by that domain (compute.hwclouds-dns.com). I am getting thousands of connections a day. I am also on dreamhost with a VPS. Please help. I added it to the .htaccess in root and i still see them adding random items in cart and then leaving. The access blocker plugin also seems to not stop them either. I have gone as far as blocking singapore via the plugin ,but i still see them trying to connect some how.

> I am also on dreamhost with a VPS.

Can you not use cpHulk?
https://docs.zen-cart.com/user/troub...csf-and-cphulk

I am ashamed to admit , thats the first i have heard of it. Going to read up on your link now. Thank you so much swguy.

Update:

Looks like thats not available on dreamhost for me. I used the access blocker plugin and the post starters

<RequireAll>
Require all granted
Require not host compute.hwclouds-dns.com
</RequireAll>


at the same time and that seems to have done the trick. They have not connected in the past 5 mins. which is amazing because they where non stop for months up too to this point.

and they are back. lol . Adding stuff to cart.

If you have a VPS you ought to have cpHulk or CSF or something. Call Dreamhost and complain.

Worst case you can start using Cloudflare. https://docs.zen-cart.com/user/security/cloudflare/

Quote:

---

Originally Posted by swguy

If you have a VPS you ought to have cpHulk or CSF or something. Call Dreamhost and complain.

Worst case you can start using Cloudflare. https://docs.zen-cart.com/user/security/cloudflare/

---

Just got off the found with Dreamhost. They said they don't have access to cpHulk because they are using their own GUI. Pretty much the only real option the left me with is cloudflare like you said.

From the docs "cPHulk is focused on protecting cPanel and WHM from brute-force attacks." - cphulk has nothing to do with blocking traffic to websites, it is used to block brute force attacks against email ports, webmail, cpanel, whm... server service ports, not website stuff.

CSF is a firewall, that can be installed on your server if the host allows it and you have root access.

Block 101.44.248.0/22