Ban Web Server Traffic

Web Server Traffic Should be Banned

Opinions will differ about putting a ban on web server traffic. There are those who want their blogs and websites free from malicious activity, safe and secure for genuine valuable visitors. Then there are those who think there should be no restrictions on web traffic and activity (some even think spam is not bad).

Let’s clarify the web traffic we’re talking about. We’re not talking of banning referer traffic i.e. traffic from good back-links from websites resulting in genuine visitors.

We are talking about banning traffic generated by other websites loading your files, including scripts and images, as if you are providing a free CDN for these sites.

We are talking about banning web servers that are hosting the multitude of useless, malicious and spy bots that have seen a growth boom in the last few years. We are talking of banning web server traffic where websites are used by hackers and botnets trying to inject malicious scripts to your site.

No Good Reason For Traffic from Web Servers

There’s no good reason for most traffic from other web servers (unless the hosted site also belongs to you). Ask yourself these questions;

• What benefit do I get allowing other web sites to load files from my site?
• What benefit do I get by allowing bots, other than the major search engines, to crawl my site?
• What benefit do I get from allowing bad hosts (Hosts known to let users do as they wish; spamming, hacking and general bad behaviour) access to my site?

If the answer to any of these questions is “no benefit at all”, or “I don’t know”, then you have a good reason to ban web server traffic.

Ban Web Server Traffic – Reduce Spam

Are you one of those people who hate spam comments? If so, then you definitely want to ban web server traffic. A large percentage of spam comments these days is generated by bots. Bots need a place to operate from – and web servers are the places many of these spam-bots call home.

Granted, there are still many spammers using their desktop computer and an internet connection to run spam-bots. If their internet service provider permits that activity – it’s a “bad host” and should also be banned anyway.

Botnets Use Web Servers Too

The last year has seen a big rise in the number of web servers hacked by botnets; sites hosted on these servers becoming part of the botnet, used by the botnet to spread their malware, hack into other sites.

Banning web servers from accessing your site reduces the likelihood a botnet will hack your site.

Hackers Use Web Servers

Hackers also use web servers for their malicious activity. It’s easier for them to run a bot looking for vulnerable scripts from a web server that’s connected to a broadband backbone permanently, than to run it from their desktop computer (they do that as well of course).

Banning all web server traffic puts a spanner in their works; their bots are unable to reach your site, can’t get a list of files, can’t inject malicious scripts.

DOS type Attacks

The impact of Denial of Service attacks can be reduced by banning web server traffic sources in advance.

Think about it – If you’ve banned only the large, well-known web servers, a DOS attack (These days usually a botnet is involved), a significant number of DOS hits will get stopped outside the front door – a “403 access denied” uses only a small fraction of your web site server resources, takes a fraction of the time, compared to the server having to look for the bad link, or run through the scripts looking to see if the source can login to the site with the user name and passwords being thrown at the site, then respond to the bad request.

Banning Web Servers – Part of an Over-all Security Plan

Putting the ban on web server traffic is an essential part of an overall website security campaign. Along with using a good host, secure server, banning bad regions and individual bad IPs, keeping the site scripts up-to-date, regular anti-malware scans and constant vigilance monitoring your website server activity.

Banning web server traffic is not going to stop all malicious activity, make your site spam and hack proof – but banning web servers will make your site just that little bit more secure.

More Resources for Genuine Visitors

Another compelling reason to ban web server traffic is keeping the resources available for the visitors you want; those likely to become customers, those who you want to read your blog posts, interact with your site.

How to Ban Web Server Traffic

Generally speaking, web servers use assigned blocks of IP addresses or CIDRs (Classless Inter-Domain Routing) ranges.

Effective banning of web server traffic is best done by banning the full CIDR range used by the hosting service for their web hosting. Banning the full CIDR range is much more efficient than just banning individual IPs. When you see bad activity from an IP – look up the Whois record (we use Domain Tools mostly). Domain Tools will give you the information needed – the owner of the IP, the IP range assigned to the block, and the region.

Domaintools won’t always give you the CIDR though (there are other Whois tools that will), but that’s not a problem. We use CIDR Utility Tool to convert the range to the CIDR.

The CIDR is then added to the banned list e.g. Apache .htaccess, firewall or server rules.

Force Hosts To Take Action

Lastly, when sufficient site owners and bloggers ban web server traffic, ban bad hosts, ban stupid bots; we shut down a large part of the net available to the hosts clients.

And we must tell the world why these sources are banned. Let them and their customers know why traffic from their servers is banned.

When enough of us do that, the hosting company (or service provider) will have no choice except to bow to the demands of customers to clean up their service; stop bad activity, suspend domains used for malicious reasons.

Advertisements