0

Despite having recaptcha on the site we're being attacked by hundreds of transaction from Vietnamese IP addresses running stolen credit cards. I'm trying to block all of Vietnam in but can't figure out how to do it with wildcards or ranges.

It seems we need to include a rule in ModSecurity to block IP range.

halfer
  • 19,824
  • 17
  • 99
  • 186
josemin jose
  • 1
  • Are you saying your attackers are getting past your Recaptcha device? – halfer Jun 14 '17 at 10:15
  • What IP range for Vietnam would you like to block - perhaps put that in your question? – halfer Jun 14 '17 at 10:15
  • If you have not found a specific range, could you block one by one? Assuming you mean cPanel, does that run on Apache? If so, can you set up some `Deny` rules? – halfer Jun 14 '17 at 10:18
  • This [might be helpful](https://stackoverflow.com/questions/33611280/apache-mod-security-blocking-country), if you have `mod_security` installed already. [Also this](http://www.wizcrafts.net/chinese-blocklist.html), though it looks old. – halfer Jun 14 '17 at 10:19
  • 1
    Possibly more appropriate for `security.stackexchange.com` or `serverfault.com`. – Clonkex Jun 14 '17 at 12:17
  • Why don't you block those ip at firewall level and try with mod_security? – Bogdan Stoica Jun 30 '17 at 10:01

0 Answers0