In htaccess how would I block no cookie hits..?

I'm not sure of proper format, but are you<br />absolutely sure you want to do that ? <img border="0" title="" alt="[Confused]" src="confused.gif" />

I've been getting about 700 no cookie hits/day to my CJII site, I'd assume those are hitbot traffic?<br /><br />Is my assumption incorrect?

To block the non cookie traffic isn't good idea, you will lose some traffic.<br /><br />nasko

Its difficult for me to say yes or no here<br />without seeing any stats etc. But I wouldnt<br />recommend blocking it based on the fact that<br />you dont know for sure. Many people (surfers)<br />have cookies disabled plus there are other<br />reasons for no cookie traffic other than hitbots,<br />seems that alot of hitbotters support cookies now<br />from my minimal research into them.<br /><br />now 700 per hour would be bad <img border="0" title="" alt="[Eek!]" src="eek.gif" /> <br /><br />maybe someone else with more knowledge in that<br />area than me can post their thoughts?

Here's my storey on nocookie traffic and UCJ.<br />Three times in the past few weeks I have caught different ip's in the nocookie repetitive outs with huge hits and this has ranged from 300 to 16,000. The last one happened when I was away for a few days and even last night I left the computer for an hour and there was a ripe net ip with 900 clicks.<br />So I add their IP to my htaccess and my productivity comes back and my traffic begins to grow again. Two scenerios. If I find xxx.xxx.xx as <br />one of the cheaters and I block xxx.xxx. in htaccess I may be cutting off a pile of legit surfers so I add the original and then keep my eye on things to see if they try it again with another ip off of the main and then add the whole thing if they do.<br />Their stats will stay in UCJ for a couple of days it seems until it depletes itself.<br />Does that sound right to anybody? That is how I deal with nocookie cheaters. They aren't trading partners that is for sure and I have a whole pile of file sharing programs blocked so it is obviously something else.<br /><br />An example:<br /><br />order allow,deny<br />allow from all<br />deny from 218.42.78.147<br /><br />And then keep adding them, btw the examnple is an ip that had over 900 clicks.<br /><br />Burtman

lot of times no cookie traffic is someonet using IE6 and not allowing cookies in the browser

I've been having similar problems (Don't we all ;( With hitbotters and "site suckers"<br /><br />I tried quite a few different things including putting "unclickable" links on my pages which trigger a script which then blocks thier IP#.<br /><br />I came up with a new system (Actually a hack/patch to UCJ) which tracks (Actually it uses the data UCJ already collects) hits in and out and if more than 10 hits in or out are from the same IP# in the 2 minutes between UCJ updates it blocks that IP#.<br /><br />Seems to be working pretty good. A relativly small number of people are actually getting blocked and it seems to be a very high % of no cookie/no reffer / site sucker traffic <img border="0" title="" alt="[Wink]" src="wink.gif" /> <br /><br />Since I can't sell patches to UCJ this might not help too much but just to let people know what I've come up with which actually seems to work. (I showed it to tim too so MAYBE he'll add something like this to next UCJ version but maybe not since it might need to be custom to your server setup since it uses .htaccess to do the blocking.)<br /><br />I wouldn't suggest blocking all non cookie traffic though if you DID want to do this I think you'ld have to write a little script for this.<br /><br />sonic

Not sure if they stats will help determine anything or not..<br /><br /> <img src="http://www.teenie-movies.net/stats.gif" alt="" />

i just had a meeting with some people you all know that are putting together a hitbot protection script that they will offer as a free service.... stay tuned for details...

I typically use a piece of dry, white toast to stop hitbots to my domains...

dialerentertainment-<br />dude, those look fine. You have to remember that CJU and a lot of scripts set their cookies with Javascript (BARF) instead of sending the cookie with the page's http headers. why they do this, i have NO idea. So basically, all of your nocookie traffic with CJU (or any script that sets cookies with JS) is also your no javascript traffic. <br /><br />notes to script authors:<br />1) use a real reg-ex to strip the domain! <br />( s/www\.//i is not a real regex )<br />i'm totally sick of trying to sign up my sites on subdomains, and not knowing whether or not "domain" means "mysite.com" or "pissing.mysite.com"<br />2) go read the apache cookie docs and learn to set them by sending a header<br /><br />laters<br />donger<br />laters<br />donger

</font><blockquote><font size="1" face="Verdana, Arial">quote:</font><hr /><font size="2" face="Verdana, Arial">Originally posted by donger:<br /><strong>dialerentertainment-<br />dude, those look fine. You have to remember that CJU and a lot of scripts set their cookies with Javascript (BARF) instead of sending the cookie with the page's http headers. why they do this, i have NO idea. So basically, all of your nocookie traffic with CJU (or any script that sets cookies with JS) is also your no javascript traffic. <br /><br />notes to script authors:<br />1) use a real reg-ex to strip the domain! <br />( s/www\.//i is not a real regex )<br />i'm totally sick of trying to sign up my sites on subdomains, and not knowing whether or not "domain" means "mysite.com" or "pissing.mysite.com"<br />2) go read the apache cookie docs and learn to set them by sending a header<br /><br />laters<br />donger<br />laters<br />donger</strong></font><hr /></blockquote><font size="2" face="Verdana, Arial">Well, if all scripts would set cookies by http headers, they would worth shit. Look twice in that apache cookie docs and you'll find the answer.