Hello all. I have a website that sells auto ac parts. The tools on it allow me to analyse the visits to my site and where they're coming from; which page they enter or exit from; how long visitors stay..etc
Recently I noticed that one of the product page kept receiving a lot of visits. But no sales were generated. Plus the length of the visits indicate 0. 😕 So looking deeper I could see that that product page visits were all from the same IP address. So it seems someone keeps coming to my website through that page; at least that is the way I interpret it.
My problem is that it messes up the stats about the visits on my site. So I got frustrated 😠 and did some search to learn about IPs and that 's how I found your site. So I am a rookie on the subject, looking to learn more.
I also decided to change that product page URL to see what will happen and sure enough I see that the visits from that IP address have increased-7times just yesterday 11/05/12- I am trying to understand what this person wants (Because further investigation has revealed that the same page has received visits for the last 3 months (90 visits in October). How can I know who that is? and maybe block whoever it is.
I thank you in advance for your help.
Thanks for your question Vacp.
Your concerns are legitimate and your questions are good.
This could be someone trying to find a way in to your website for illicit purposes or it could be a crawler or bot just indexing the page based on connections to some other website or page.
Is this on a Windows server or a Linux server. If it's on a Linux server, you should be able to acquire the http logs which should show if they are just looking or if they are trying to "POST" something. If they are trying to post something, they are probably trying to get in to the site to do bad things.
Either by way of iptables or htaccess files you should be able to block the single IP or block the entire range of IP's they are coming in on if necessary.
I run my own Linux servers and use both of the above suggestions and firewall blocking in my router as well as IP blocking in the httpd.conf file. Between the four methods, I feel that I have fairly good control over my websites. On occasion I still get people attempting to access the admin area but they get blocked in short order because I monitor my log files daily.