PHP :: Bug #64857 :: Our IP 160.44.248.164 is blocked

Bug #64857	Our IP 160.44.248.164 is blocked
Submitted:	2013-05-16 10:00 UTC	Modified:	2013-05-16 16:59 UTC
From:	sven dot neumann at de dot trumpf dot com	Assigned:	danbrown (profile)
Status:	Closed	Package:	Website problem
PHP Version:	Irrelevant	OS:	Irrelevant
Private report:	No	CVE-ID:	None

View Developer Edit

[2013-05-16 10:00 UTC] sven dot neumann at de dot trumpf dot com

Description:
------------
Our IP 160.44.248.164 is blocked

We cannot access most pages on php.net. This affects all European subsidiaries of TRUMPF. Our worldwide sites are not affected, they use different proxies.

Example page with access allowed:
http://de1.php.net/

Example pages with access forbidden (403):
http://php.net/manual/de/function.mysql-escape-string.php
http://php.net/manual/de/configuration.changes.php
http://php.net/archive/2012.php#id2012-12-21-1
http://php.net/manual/en/book.bc.php

The block is active since before 2013/01/11 until now. I tested with different browsers (ie, firefox, crome) and with OS independent network analyzer.

I posted a HTTP analyzer report to "Actual result". It was OCRed from a picture (sorry no other way) so it may contain errors.

There may be a connection to Bug Report #64772 - but i dont know if it is the same probleme there.

Actual result:
--------------
Hypertext Transfer Protocol 
	HTTP/1.1 403 Forbidden\r’\n 
		[Expert Info (chat/sequence): HTTP/1.1 403 Forbidden\r\n] 
			[Message: HTTP/1.1 403 Forbidden\r\n] 
			[severity level: chat] 
			[Group: sequence] 
		Request version: HTTP/1.1 
		status code: 403 
		Response Phrase: Forbidden 
	Date: Fri, 25 Jan 2013 08:27:12 GMT\r\n 
	server: Apache/2.2.21 (FreessD) mod_ssl/2.2.21 openssL/0. 9. 8q PHP/5.4.11-dev\r\n 
	vary: Accept-Encoding\r\n 
	content-Length: 351\r\n 
	content-Type: text/html; charset=iso-8859-1\r\n 
	Proxy-connection: Keep-Al i ve\r\n 
	connection: Keep-Al i ve\r\n 
	content-Encoding: gzi p\r\n 
	Age: 0\r\n 
	\r \n 
	content-encoded entity body (gzip): 351 bytes -> 475 bytes 
Line-based text data: text/html 
	<!DOcTYPE HTML PUBLIC “-//IETF//DTD HTML 2.0//EN”>\n 
	<html >czhead>\n 
	<title>403 Forbidden</title>\n 
	</head><body>\n 
	<hl>Forbi dden</hl>-\n 
	<p>You don’t have permission to access /manual/de/configuration.changes.php\n 
	on this server.</p>\n 
	<p>Additionally, a 403 Forbidden\n 
	error was encountered while trying to use an ErrorDocument to handle the request..</p>\n 
	<hr>\n 
	<address>Apache/2.2.21 (FreeesD) mod_ssl/2.2.21 openssL/0.9.8q PHP/5.4.11—dev server at php.net Port 80</address>-\n
	</body>c/html >\n

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports

[2013-05-16 16:59 UTC] danbrown@php.net

-Status: Open +Status: Closed -Assigned To: +Assigned To: danbrown

[2013-05-16 16:59 UTC] danbrown@php.net

You are correct with your timing.  Your IP address was blacklisted on 11 
January, 2013, at 15:34 UTC due to suspicious traffic patterns.  The IP was 
responsible for numerous "spider-like" requests in very quick succession.

In good faith, I've manually de-listed the IPv4 address from our filters.

Please be advised, though, that if the IP is detected with suspicious patterns 
again, it will be blacklisted again, and removal from the filters will no longer 
be a possibility.

Thank you.

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2025 The PHP Group All rights reserved.	Last updated: Wed Nov 19 22:00:02 2025 UTC