NopIPFilter - Security tool to block unwanted visitors by country, IP address or IP ranges

I set my Hackers pattern to this:

Any advice or suggestions ?

was not found or does not implement icontroller,
Error 404. The requested page (/contact_us.asp) was not found,
Antibot protection (register),
Antibot protection (ContactUs),
Error 404. The requested page (/wp-admin.php) was not found,
Error 404. The requested page (/wp-admin/install.php) was not found,
Error 404. The requested page (/wp-login.php) was not found,
A bot detected. Honeypot.,
Error 404. The requested page (/pc_product_detail.asp) was not found,
Error 404. The requested page (/pc_combined_results.asp) was not found,
Error 404. The requested page (/administrator/) was not found,
Error 404. The requested page (/admin.php) was not found,
Error 404. The requested page (/security_logon.asp) was not found,
Error 404. The requested page (/download/) was not found,
Error 404. The requested page (/content/contact_us.asp) was not found,
Error 404. The requested page (/pages/contact/) was not found,
Error 404. The requested page (/contactus.html/) was not found,
Error 404. The requested page (/pages/contact-us/) was not found,
Error 404. The requested page (/contact-us/) was not found,
Error 404. The requested page (/contact-us.html/) was not found,
Error 404. The requested page (/contact.html/) was not found,
Error 404. The requested page (/contact/) was not found,
Error 404. The requested page (/pages/contactus/) was not found,

You could use your patterns.
If the bot uses the same IP address then the plugin will block the IP address.
You could use the next plugin Anti Bot
https://www.foxnetsoft.com/nopantibot
This plugin will protect the site from fake accounts and many fake messages.

Yes, using NopAntibot too.
With both the plugins we are able to block 90% of spam traffic.

The Nop Antibot list i use:

.ru,prokonto.pl,yandex.ua,incubic.pro,bcxvn.fun,parkll.xyz,go2.pl,mailsterm.com,yahnah.ml,pharusa.biz,forexsu.com,.xyz,fastmailtoyougo.site,4serial.com,thefmail.com,nexttrend.site,.surf,.link,mail.ru,inbox.ru,bk.ru,meta.ua,dynainbox.com,tinyurl.com,bit.ly,.cc,.buzz,.cfd,.cyou,.cam,.bar,.click,.ml,.gq,.top,.link,.fit,.cn,.live,boostleadgeneration.com,forms.gle,rambler.ru,quanphosanec.ga,aiwritingmachine.com,fiverr.com,litani.ru,yandex.ru,dzen.ru,dizaer.ru,yandex.com,dop-pom.bizml.ru,alyuminievie-fasadi.ru,notifyparty.ru,sakhpubo.ru,bizml.ru,aiwritingmeta.com,contabo.de,a1.bg,

I am interesting in improving this plugin.
Could you write to me in PM and send me some information about other 10% bots?

Messaged you 😇

foxnetsoft wrote:


Maybe the plugin should include monitoring Logs, banning their IPs automatically, and emailing the admin about an active in-progress attack.

Settings:
- Frequency of check: Number (in minutes)
- Minimum number of logs to be classified as an attack: Number of new log records in past x minutes
- Log type to monitor: The type of error message
- Log text to monitor: Error 404. The requested page (X) was not found
   Note: (X) can be a pattern. Example: *.php
- Send active attack email alert to admin: Check box (if checked, sends an email to admin about the active alert)

Admin sets the below configuration:

-> Frequency of check (in minutes): 10
-> Minimum number of logs to be classified as an attack: 15
-> Log type to monitor: Error 404
-> Log text to monitor: Error 404. The requested page (*.php) was not found
-> Send active attack email alert to admin: Checked

Functionality:

-> Run the monitoring task every 10 minutes.
-> Select all log records inserted in the past 10 minutes and Group them by Customer ID and IP address. Example: "Guest" on IP "192.168.1.1"
-> If it is found that the number of logs for a given guest in the past 10 minutes is more than 15 (as set by the admin), then automatically ban this guest user's IP address. Insert a log about banning this guest user IP for future auditing.
-> Send an email to the admin that an active attack is happening along with the IP address information

Note:

- Should not ban search engine crawlers and built-in search engine bots. Usually .PHP and wp-folder (WordPress) logs indicate a malicious intent attack. If I'm not wrong, the search engine crawlers and built-in search engine bots wouldn't look for such files as no such file folders or file extension URLs would be available in the nopcommerce sitemap.

Thank you for your suggestions.