Block abusive user attacking ut.php?

pancakehollow · October 7, 2023, 2:14pm

Hello.

When I check my logs I see hundreds of hits from different IP addresses (all iphone proxy ip addresses) requesting the same ut.php file. They look like this:

/lists/ut.php?u=xxxxxxxxx

The above has obscured the UniqueID.

It looks like it’s some kind of rotating bot. Maybe even an attempt to force me to block those ip’s which would then block a lot of legitimate iphone users. . .

Is there way to block this kind of activity? I blacklisted but as a test I also blacklisted a dummy user and they are still able to hit the ut.php file.

Thanks.

danwaterloo · October 25, 2023, 9:19am

There is no setting in phpList to do the blocking. You would need to use another program on the server, such as Fail2Ban, or something similar to this .htaccess file…

pancakehollow · October 25, 2023, 1:52pm

@danwaterloo. Thank you for that useful information. I’ve never tried the .htaccess method relying solely on configserver. I will try out the .htaccess but so many of these things are bots and rotating their ip address that I’m afraid I may just have to live with it.