The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Watch for eCatch

Discussion in 'General Discussion' started by dgbaker, Nov 2, 2002.

  1. dgbaker

    dgbaker Well-Known Member
    PartnerNOC

    Joined:
    Sep 20, 2002
    Messages:
    2,578
    Likes Received:
    3
    Trophy Points:
    38
    Location:
    Toronto, Ontario Canada
    cPanel Access Level:
    DataCenter Provider
    Our server took a hammering last night/early this morning. After going through logs and trying to figure out what h@ll happened. We found that someone for 3 solid hours was hammering using eCatch which is basically an offline browser/explorer.

    I'm trying now to find a way to block eCatchers from hitting the site. Anyone have any thought on how to do this?

    In the domlogs you grep for eCatch/3.0

    This particular one was someone nailing ispcheck.com with it, and getting us as we are/were listed. So far we traced it back to somewhere in France with wannado.

    So watch out for these.
     
  2. dgbaker

    dgbaker Well-Known Member
    PartnerNOC

    Joined:
    Sep 20, 2002
    Messages:
    2,578
    Likes Received:
    3
    Trophy Points:
    38
    Location:
    Toronto, Ontario Canada
    cPanel Access Level:
    DataCenter Provider
    Hmm. It looks like the eCatch did more damage to ispcheck.com as they seem to completly off the air.
     
  3. Website Rob

    Website Rob Well-Known Member

    Joined:
    Mar 23, 2002
    Messages:
    1,506
    Likes Received:
    0
    Trophy Points:
    36
    Location:
    Alberta, Canada
    cPanel Access Level:
    Root Administrator
    eCheck sounds like what I call a &Site Grabber& program, there are a lots available. The problem I have found is that they work just like Browser, only, instead viewing a page it downloads them instead. Some will obey a &robots.txt& file and some will not. You would need to the know the name of the program and some do allow for ignoring the &robots.txt& file.

    I gave up on trying to block them and instead, put files to be download only from the Web site, within protected directories. Even just requiring a Mouse click will defeat these programs, as there is no way they can do it. Although the page will display on someone's computer and show the link / button there, if you've setup Hotlink protection they will be stopped.
     
  4. Tom Pyles

    Tom Pyles Well-Known Member

    Joined:
    Apr 26, 2002
    Messages:
    254
    Likes Received:
    0
    Trophy Points:
    16
    You could try your .htaccess file. I've blocked a bunch of them and really cut down on the issue you are having. You will have to put yours on the list ;)

    ###STOP ROBOT DOWNLOADERS - BEGIN
    ###RewriteEngine on
    ###RewriteBase /
    ###RewriteCond %{HTTP_USER_AGENT} ^JetCar.* [NC]
    ###RewriteCond %{HTTP_USER_AGENT} ^FlashGet.* [NC,OR]
    ###RewriteCond %{HTTP_USER_AGENT} ^Teleport.* [NC,OR]
    ###RewriteCond %{HTTP_USER_AGENT} ^NetAnts.* [NC,OR]
    ###RewriteCond %{HTTP_USER_AGENT} ^WebZIP.* [NC,OR]
    ###RewriteCond %{HTTP_USER_AGENT} ^Offline.* [NC,OR]
    ###RewriteCond %{HTTP_USER_AGENT} ^GetRight.* [NC,OR]
    ###RewriteCond %{HTTP_USER_AGENT} ^Go!Zilla.* [NC,OR]
    ###RewriteCond %{HTTP_USER_AGENT} ^GoZilla.* [NC,OR]
    ###RewriteCond %{HTTP_USER_AGENT} ^WebReaper.* [NC,OR]
    ###RewriteCond %{HTTP_USER_AGENT} ^ia_archiver.* [NC,OR]
    ###RewriteCond %{HTTP_USER_AGENT} ^wget.* [NC,OR]
    ###RewriteCond %{HTTP_USER_AGENT} ^HTTrack.* [NC,OR]
    ###RewriteCond %{HTTP_USER_AGENT} ^WebStripper.* [NC,OR]
    ###RewriteCond %{HTTP_USER_AGENT} ^WebCapture.* [NC,OR]
    ###RewriteCond %{HTTP_USER_AGENT} ^Scooter-W3.* [NC,OR]
    ###RewriteCond %{HTTP_USER_AGENT} ^WebCopier.* [NC,OR]
    ###RewriteCond %{HTTP_USER_AGENT} ^FlashGe.* [NC,OR]
    ###RewriteCond %{HTTP_USER_AGENT} ^Webdupe.* [NC,OR]
    ###RewriteCond %{HTTP_USER_AGENT} ^NetAnts.* [NC,OR]
    ###RewriteCond %{HTTP_USER_AGENT} ^Pockey.* [NC,OR]
    ###RewriteCond %{HTTP_USER_AGENT} ^DiscoPump.* [NC,OR]
    ###RewriteCond %{HTTP_USER_AGENT} ^InternetNinja.* [NC,OR]
    ###RewriteRule .* - [F,L]
    ###STOP ROBOT DOWNLOADERS - END
     
  5. Website Rob

    Website Rob Well-Known Member

    Joined:
    Mar 23, 2002
    Messages:
    1,506
    Likes Received:
    0
    Trophy Points:
    36
    Location:
    Alberta, Canada
    cPanel Access Level:
    Root Administrator
    That's a nice list you got going there, Tom.

    You find it effective for shutting down the Site Grabber programs listed -- it works everytime or sometimes?
     
  6. dgbaker

    dgbaker Well-Known Member
    PartnerNOC

    Joined:
    Sep 20, 2002
    Messages:
    2,578
    Likes Received:
    3
    Trophy Points:
    38
    Location:
    Toronto, Ontario Canada
    cPanel Access Level:
    DataCenter Provider
    Wow, what a list. I'm curious to as to the overall effectiveness of it.
     
  7. Tom Pyles

    Tom Pyles Well-Known Member

    Joined:
    Apr 26, 2002
    Messages:
    254
    Likes Received:
    0
    Trophy Points:
    16
    Sorry for the delay in responding. It seems to me to be 100% effective. The grabbers I used to have problems with are no longer a factor...of course an occasional new one pops up that I wasn't aware of, just like the one in this thread.
     
  8. furquan

    furquan Well-Known Member

    Joined:
    Jul 27, 2002
    Messages:
    425
    Likes Received:
    0
    Trophy Points:
    16
    Hey tom thans for the listing,

    my question is can i use this script of yours on my server as a whole to proctect all the sites on my server or will i have to individually add it to every account ?

    and if for the whole server how do i do it ?

    Regards /-
     
Loading...

Share This Page