Can I disable magereport and magescan scanning for my website?
-
21-03-2021 - |
Question
I have a Magento 1 website and I don't want magereport or magescan to be able to scan this website.
How can I do this?
Any help would be appreciated.
Thanks.
No correct solution
OTHER TIPS
As far as Magereport is concerned you can block scans by blocking the magereport
user-agent. You can do this in your nginx or apache config for example.
For nginx:
if ($http_user_agent = "magereport"){
return 403;
}
For apache (make sure a2enmod rewrite
is enabled):
RewriteEngine on
RewriteCond %{HTTP_USER_AGENT} ^.*magereport.*$
RewriteRule . - [R=403,L]
Please make sure you restart the respective service once you've made these changes.
For mage scan the same goes. You can block it by blocking the Mage Scan
user-agent. You can follow the same steps as above, but change the user-agent correctly.
Disclaimer: I work on magereport.
Please add below two line into your magento 1 setup .htaccess file and try to scan your website from magereport or magescan.
Deny from magescan.com
Deny from magereport.com
You can disable access from .htaceess files, see below 2 example for reference.
In the following example, all IP addresses and domains are accepted, except for xxx.xxx.xxx.xxx and example.com:
allow all except those indicated here
<Files *>
order allow,deny
allow from all
deny from xxx.xxx.xxx.xxx
deny from .*example\.com.*
</Files>
This next example provides steps to block unwanted visitors based on the referring domain. Simply replace "baddomain01″ and "baddomain02″ with the offending domains of your choice:
block visitors referred from indicated domains
RewriteEngine on
RewriteCond %{HTTP_REFERER} baddomain01\.com [NC,OR]
RewriteCond %{HTTP_REFERER} baddomain02\.com [NC]
RewriteRule .* - [F]
Below I've taken from magereport website
- These are the current production IPs for Magereport probe servers.
They change often, so if you want to update your firewall, you might want to automate this.
- 188.166.64.179
- 178.62.230.112
Try above method and let us know if it is working for you.