Despite having recaptcha on the site we're being attacked by hundreds of transaction from Vietnamese IP addresses running stolen credit cards. I'm trying to block all of Vietnam in but can't figure out how to do it with wildcards or ranges.
It seems we need to include a rule in ModSecurity to block IP range.
Related
Suppose you wanna analyze your access log files in order to check users activities. One common way is to assume that a same IP address corresponds to a same user.
However, several internet providers use CGNAT. Which, briefly, allows multiple end users to use a common public IP address.
In that case, users behind a CGNAT and sharing the same public address might be confused with each other. Therefore, causing problems to calculate view counts and to ban disruptive traffic.
Question
Any alternative to mitigate that?
(Preferably using only Apache)
You could consider unique users are unique combinations of IP+user-agent. It would be a bit better but still wouldn't be able to differentiate users on the same IP and using the same browser, on the same platform.
Other than that, you'd need to use a server side scripting technology and track sessions. That would require cookies tho, which is not too much of a biggie. You can't track static assets using that method tho.
I have been searching around a lot and I can't seem to figure this out.
I want to create a transaction with a custom P2SH address by using Bitcoin Core's RPC calls. I found there is a redeemScript field in signrawtransaction so I'm assuming this is where I should send a hex encoding of my script. But this needs a txid, so should I first use createrawtransaction with the output being the address I want to send to and then sign the transaction with the script included?
I saw there is already a createmultisig call and since that is also P2SH it seems there should be something similar for other P2SH transactions.
Any idea how I can solve this or where I can find more information on this?
If I understand it correctly according to this section of the bitcoin book, you are supposed to create a hash out of your script and then convert this hash into an address which allows you to use the regular sendtoaddress rpc call to send coins to the address.
Another important part of the P2SH feature is the ability to encode a script hash as an address, as defined in BIP-13. P2SH addresses are Base58Check encodings of the 20-byte hash of a script, just like bitcoin addresses are Base58Check encodings of the 20-byte hash of a public key. P2SH addresses use the version prefix "5," which results in Base58Check-encoded addresses that start with a "3."
Now, Mohammed can give this "address" to his customers and they can use almost any bitcoin wallet to make a simple payment, as if it were a bitcoin address. The 3 prefix gives them a hint that this is a special type of address, one corresponding to a script instead of a public key, but otherwise it works in exactly the same way as a payment to a bitcoin address.
P2SH addresses hide all of the complexity, so that the person making a payment does not see the script.
Take a look at the whole section for how to convert the script to a hash.
You can download the executable that is used in the book here: https://github.com/libbitcoin/libbitcoin-explorer/releases
I was wondering if its possible to edit an individual accounts firewall?
Currently we block a few countries via CSF to cut down on spam and so on.
But one client would like all countries to see his site.
Is it possible?
Thanks
It's not possible to exclude one cPanel account from CSF firewall rules. You will have to remove that countries from firewall if you want to enable that for any single account.
For my web app, I was wondering how to improve the accuracy of the country lookup based on IP address. Has anyone tried using a number of the API services in parallel and taking a vote, i.e. if 4 out of 5 return 'GB' and one returns 'US' then go with 'GB'. Statistically this should improve accuracy, but that depends on the independence of the IP databases behind each API.
Would this be a feasible approach?
You can maintain database for mapping of IP address to country and check on each request to determine the country associated with IP address.
As IP address's are always assigned country-wise so you wont face any problems following this approach,make sure you update this database from time to time.
I have 5 digit zip codes, these are retrieved from Google Maps Api.
My dilemma is that I have to connect to a remote database which also contains addresses. If the address does not exist in that database, I have to write it, if it does exist then I do nothing except store the ID that database has assigned to the address. The problem arises since the api to check this database does not take wildcards, the addresses in that database have 9 digit zip codes (5+4) and will not return that the rest of the address matches my address with 5 digit zip codes.
The remote system will tell me that the address does not exist with the ones I send it.
So to prevent duplicate addresses from being written to the database I would need to find the 9 digit version of the zip code I have before sending it.
How would this be done? Is there a formula for determining what the last 4 digits of a 5 digit address are? Does the USPS have an API? Does the Census have a giant table?
Insight appreciated
You are only allowed to use the USPS API for information if you are using the USPS to send out mail...
But you could check out SmartyStreets (I used to work there) or another CASS-Certified vendor. They are licensed for address verification, and you can also perform city-state and ZIP code lookups without an address (depending on who you choose).
I think you'll find them much easier and more comprehensive than the default USPS web service.
Here's some sample code... take your pick: https://github.com/smartystreets/LiveAddressSamples
The US Postal Service have a number of APIs. Their "Address Information APIs" include:
Address Standardization
Eliminate addressing errors and help ensure accurate and timely delivery. This tool corrects errors in street addresses, including abbreviations and missing information. It also supplies a ZIP+4® Code.
ZIP Code™ Lookup
Find matching ZIP Codes or ZIP+4 Codes for any given address, city, and state in the U.S.
City/State Lookup
Use a ZIP Code to get accurate city and state information.
The Address Information APIs require permission to use.