- Manual order of categories by dragging
- Feature request: Set Post Date, Description, and Keywords for Post by Email
#1 May 23, 2014 16:40
Hostgator is one of the hosts listed as a recommended host on this site. I have a b2evolution blog running on Hostgator. Hostgator *constantly* disables my account because of the amount of bots slamming the site. I suspect many other hosts do the same when php apps overload their servers, and the cache system in b2evolution *does not* help with this problem.
I suggest b2evolution employs a new built-in system called a bot trap or honey-pot. Basically it is a three-part trap system.
1. An invisible 1px image is added to the page, with a link pointing to a specific directory under the blog root. This directory name should be customizable (and thus unique to every blog) so that it can't be discovered and avoided by bot programmers. (Ideally, a system would be included which is able to dynamically rename the linked folder and the url in the link, every few days or weeks, to maintain randomness).
2. That directory under the blog root contains a php script that handles the bot-banning. This script does whois lookups on incoming IPs hitting that directory, and adds them to a ban list.
3. Finally, that directory is added to robots.txt with an explicit Disallow rule. This means:
A. Human visitors to the blog will never see the link in the first place.
B. Good bots will respect the robots.txt rule and skip that folder.
C. Only bad bots will follow that link and, thus, be banned. It's a one-chance to follow the rules, or you're out, system.
There are many similar systems out there. Some of them add a Deny rule to htaccess instead of maintaining their own separate list in the subfolder.
This is, of course, not my idea or invention. I've been looking at this system specifically: http://perishablepress.com/blackhole-bad-bots/
However, when I try to paste their PHP Include into my index.main.php all I get is a completely white page when the blog reloads. (if anyone can offer guidance on how to add that php include it would be much appreciated because my installation is currently crippled by the amount of bots hitting it.)
b2evolution *desperately* needs a functioning and comprehensive system for banning bots. I understand the desire to continually add shiny new features and functions, but a core function like bot-banning is an absolute must-have. The cache system is not nearly enough on today's web where even brand new blogs can be slammed with endless waves of bots.
Please place a comprehensive bot-banning system at the top of the to-do list for the next release.