Block unwanted bots from accessing your site
All kind of bots are walking around the internet these days searching for personal information or other information which is not targeted for the general public. In this article we will show you how you can protect your site from such malicious bots.
Prerequisites
We will be using the Project Honey Pot service, so you will need to register there and obtain your API Key. Head over to http://www.projecthoneypot.org/ and click on the “SIGN UP FOR FREE” button. Follow the instructions and you will have your key in a minute.
What does this service do?
Project Honey Pot is a global effort to provide us with a way to recognize malicious visitors quickly. It works based on IP address and the IP database is updated real-time. Everybody can set-up a trap for the bots and when a visitor is caught in that trap, their IP address is being reported. This is how the information is kept up to date.
Connect your site to Project Honey Pot
We are happy to announce that we created the BotBlocker extension for OpenCart stores running on versions 2.0.1.0 or later, which allows you to connect to Project Honey Pot in a matter of seconds. All you need to do is grab a copy of the extension and install it in your site. Then go to Extensions > Modules > BotBlocker enter your API Key and choose your preferred settings. You are ready to go. You can choose what type of bots you want to block which can be any of the following four options:
-
Search Engines - bots which crawl the content of your site and use the information to help people find about you
-
Suspicious - these are IP addresses which have been caught in malicious activities, but this has happened rarely
-
Harvesters - bots which crawl your site looking for email addresses
-
Comment Spammers - bots which look for form elements and use them to post malicious comments
In case you chose to block search engines, you have the option to specify which search engines exactly would you like to block. The available options here are 13:
-
Undocumented
-
AltaVista
-
Ask
-
Baidu
-
Excite
-
Google
-
Looksmart
-
Lycos
-
MSN
-
Yahoo
-
Cuil
-
InfoSeek
-
Miscellaneous
You can also set the how old should be the oldest data you want to trust. This option is set in days and the default value is 15. That means that when a particular IP is trying to access your site, if the Project Honey Pot return information older than 15 days, BotBlocker will ignore the response and will grant access to that particular IP.
On a higher level, BotBlocker shows you nice graphs about the bot traffic distribution on your site, so you can have a better visual overview of how often bots are trying to get information from your site.
There is also a list with all the IP addresses which have accessed your site, so you can manually allow or block any the known IPs. Feel free to play with BotBlocker on its demo page here: http://botblocker.demo.isenselabs.com/admin/index.php?route=module/botblocker
We hope you will find this article helpful and should you have any questions, feel free to leave them in the comments section below.
