API requests for the Site Defender module site protection

The module can work for free, but then it will not block spam traffic from unnecessary countries.
Free version here, it has 10,000 API requests for testing

1000r = 1 million requests, for a small site with little traffic - this will last forever, for a large site for a long time.

Main Functionality

1 Spam traffic
Bots that pretend to be people and crawl around the site, they can create a significant load on the server, the site will work slower, these bots scan the site with HEAD queries looking for vulnerabilities, simply parse the content and update it, try to log inadmin panel and much more, they are of no use, they are not visible in the metric counters.
To block bots you need to select countries that you do not need and the module will block them.

2 DDOS attacks, parsers, price monitoring
The module has a function to limit requests per minute and per day.
If you are under a severe DDOS attack from a small number of addresses, enable this function and it will block the attacker.
To protect against parsers, price monitoring and other bots you don’t need, you need to set a limit per day; an ordinary person will not look at 100 pages a day, but the parser will and will block him.

3 SQL injections and other spam in queries
Filtering links if the links contain words that are used in SQL injections - for exampleselect+from+update = the module will not allow such a request.
The list of such words is small; you can find it on the Internet or ask it from an AI.

4 Manual blocking - In the blocked section you can add IP addresses that you want to block, and you can unblock them there
 
Installation and configuration instructions 
1 Install the module and update modifiers
2 Go to the modules - site defender should appear there (conrl+f and enter site defender to quickly find it)
3 You will get 10,000 requests to the API (if it doesn’t, write to support, there is a button in the module).
4 Either immediately block all countries you don’t need, or wait 1 day and you will see from which countries spam traffic is coming from in the statistics section (even if you block them immediately, you will still see wherespam is coming).
5 Get a list of IP addresses of Google and Yandex bots (there is a button for this in the module) - and set them to allowed IPs, these lists sometimes change and you need to update it from time to time (not often).
6 set prohibited urls like this
union+select
union+update
select+and
A more complete list will tell you, and if there are several words they are written with +, if all words are found in the query line - the module will block the visitor.
7 in the User Agent Indicators field (each in a new line) - bot must be specified (so that Api does not eat up its limit on bots) - if bot is entered in this field - bots are completely ignored by the module, spam bots are not signed by bots, the module will still filter them.
8 Go to the blocking settings section and choose what to do withblocked users, simply block (by default), redirect (it is not recommended to send them to other people's sites, they will see where they came from), or HTML code (you can install a beautiful form with contacts).
=====
9 - The event threshold is the number of requests before blocking, you can not use it, but check the box - block immediately, this reduces the consumption of API requests, but if a real person from Brazil, for example, wants to go to your site, he will not be able to. (it’s better to enable it, because spam bots have hundreds of thousands of addresses)
10 The request limit should be enabled only to protect against DDOS attacks or price and content parsers, you just don’t need it, it will block your administrators and managers (their IP addresses must be added to the allowed list).
===If you have the OpenCart Lightning module installed
You need to add its ip to the exclusion list - 178.62.216.127 (or don't block the Netherlands).
Other modules that send requests to your site also need to be added there with a list of their ip (there are very few such modules, I don’t know any others besides lighting).
The ip exception list supports address ranges.
=====
Removal
It can be removed like a regular module, but you need to manually remove these lines from the index.php file
// SiteDefender immediate check
require_once(DIR_SYSTEM . 'library/site_defender_boot.php');
siteDefenderBootCheck();
They are used to block the visitor before calling any other code.

Write a review

Your Name:


Your Review: Note: HTML is not translated!

Rating: Bad           Good

Enter the code in the box below: