May 26, 2008

Mozilla/5.0 (MrCarlito-0.1

403 Required header 'Accept' missing
Agent: Mozilla/5.0 (MrCarlito-0.1

MrCarlito-0.1 is an experimental spider that collects header & link information from web pages. The spider is written in PERL (Practical Extraction and Report Language), and uses the LWP::UserAgent Class. Currently this spider does not delve into websites, it simply obtains the headers & hostnames contained in your web page index.

Humm you had better fix this broken bot if you plan on using it for a real website.
Your blocked because you were detected loading webpages not headers.

Mozilla/5.0 (compatible; zermelo; + [

Mozilla/5.0 (compatible; zermelo; + [

blocked by bad-behavior
403 Required header 'Accept' missing
Agent: Mozilla/5.0 (compatible; zermelo; + []

Another broken bot running on

Wow another corp snoop bot. see


It does not follow robots.txt file so you have to email someone to tell them to stop buring up your bandwidth. Hu?

I really hate these corp PR snoops that think you have to sever content to them.
I wonder if they ever thought about the fact that taking my content and serving it up to subscribers (charging for it) without my permission is a criminal copyright violation.

May 15, 2008

IncrediBILL's Random Rants: Impact On Your Bandwidth Will Be Minimal My Ass

This just about sums up where trafic is going today.

IncrediBILL's Random Rants: Impact On Your Bandwidth Will Be Minimal My Ass open proxy service


See orginal post here This site
is a proxy for moble content. Will allow users that you have banned to bypass your ban and use this site as a proxy.

bad behavior blocks no longer blockes this site. And its domain has changed.
Also no longer inserts adverts around your content but strips out your adverts.

Old ones
New ones so far

Likely more.

Add the domain name to the domain ban file of MMAUTOBAN,proxy,proxy

And add the ip block to your htaccess file.
deny from

May 10, 2008 bot

yandex/1.01.001 (compatible; win16; h)
Last Hit From
First Hit From

Violates robots file see

This company says "we employ a small army of PhDs" But they know nothing about building bots. The blog they run won't even take comments without giving a error page.

bad-behavior 403 Required header 'Accept' missing
Agent: Mozilla/5.0 (compatible; zermelo; + [] keeps showing up in my logs. It looks like this is a web hosting div of amazon so we may be able to ban it without banning amazon.

May 1, 2008

List of hacker servers

I ran into this site that is keeping a list of the sites hosting the scripts used to attack your site. The user tries to get your site to run a script located on one of these sites and once it does he can take over your site.
The hacking is explained here

List is here

You should add the domains from this list to the hackers.txt file in MMAUTOBAN to users attempting to inject these scripts on your server.

Free submit script for your website.

Ran into this its a free submit form. I dont use it since wrote my own perhaps when I have the time I will make a free version of it.

This one looks like it works just dont use the reply to user options. Since you should never have a form reply to someone because it can be used to relay spam via your server.

GBCF-v3 Secure & Accessible Form Script

While your at it never take input from a form and use that input to create a message headers like To: and subject: always hard code the headers and put the inputed fields inside the body of the message.