United States now leads as origin point for the most web bots

In the latest statistical analysis of the Botscout.com web bot attacks, the United States now leads over Russia, the Ukraine and China as the number one origin point for attacking web bots.

The majority of web bots attempt to infiltrate through email attacks.

However, a growing number of bots are also responsible for attacking dynamic websites, using a slow but overt brute force attacks against passwords.

In many cases these attacks against websites occur by repeatedly attempting logins each hour.

It is relatively easy to determine if your business website is under attack when you identify a specific IP range attempting to access only one single page (your login page) on the website over a period of days.

Thwart attacks against your business website

Dealing with these types of attacks includes a three fold approach:

1. IDENTIFY ORIGIN OF PERPETRATORS

Review your web logs daily to identify hack attacks and their IP address range. Use tools like these to identify where the origin point and who owns the IP:

http://coolwhois.com/

http://www.ip2location.com/free.asp

2. BAN BAD IPS FROM CONTENT MANAGEMENT SYSTEM

Within your website Content Management System, use the Ban or Block security option to stop immediately any further attempts at hacking the login. If you do not use a CMS for your website, move on to next item.

3. ENSURE YOU HAVE A ROBOTS.TXT FILE

Create a robots.txt file and include any overt robots which your web logs indicate are attacking. Also ensure you deny ALL robots from your /login page (use your actual properly formed URL) such as:

User-agent: *
Disallow: /login
Disallow: /wusage

4. MORE AGGRESSIVE SECURITY - IP RANGE BLOCKING

Within your web server's main http be sure to include a .htaccess file. You can get details with regard to this on the internet. But a simple .htaccess file would include the following:


order allow,deny
deny from 62.29.0.0/17
allow from all

To determine the IP range, use tools like this:
http://www.ipdeny.com/ipblocks/

Some websites have ended up blocking entire nations due to their beligerant laws regarding internet security. However, you risk blocking readers/users of your website, so a cautious phased approach should be taken when blocking IPs.

Utilising these four key ingredients, most business websites can address the increasing web attacks.

Finally, it is always essential to ensure client data is never divulged on the internet, and any business that gathers or uses client data should spend the time and money to protect it using SSL and other forms of encryption.

Enquiries

For a free quote regarding your IT needs, please call:


0800 777 771



Or you can Email Us

Testimonials

"We have nothing but praise for Mark and the team. Mark redesigned our website, worked to our budget and far exceeded our expectations. See our website www.bigplantdepot.co.nz or call us (035440613) for a reference." - Steve & Cath



"I so appreciate all the great website work you have done and also the database work for us. The combination of both will make a huge difference to our business." Karen - www.aflextechnology.com

Guaranteed Service

Our quotation prices are guaranteed, each stage of your IT project is documented, and you receive a complete user guide when finished.

To gain the benefits of a professionally managed IT solution, call us. Quotes are free, our prices are very competitive, and our services are guaranteed.

AdvancedComputing.co

Advancedcomputing.co is a division of Computertemps.co.nz with primary business clients located in Wellington and Nelson, New Zealand.


For enquiries please telephone 0800 777 771.

Or you may send documents to:

Computertemps.co.nz
PO Box 3767
Richmond, 7050

Email Us

Navigation

Certified Specialists

All of our engineers have recent certifications including Computer Hardware Technician, Javascript and HTML certifications.

User Login

Terms of Services

ALL services, products, and support are provided based explicitly on our Updated Terms of Services.


We do not offer, nor provide any service or support outside of the provisions and specific limitations of these published terms.


Read your quote, invoice, or contract carefully, as any engagement with one of our consultants means you agree with and approve of our Terms of Services that are included with every document we supply.