Block Trend Micro’s Bots

Trend Micro is a company famous for its anti-virus software, yet not very famous for its invasive website crawling. It isn’t exactly something that the company would want to make public, considering how hypocritical the actions are.
Websites have files named robots.txt, which tells search engines and other bots areas that are off limits, but Trend Micro ignores these. Additionally, Trend Micro doesn’t identify itself as a bot, but rather tries to disguise itself as a user. Trend Micro behaves exactly the same way that hackers do, and that’s not cool.

Trend Micro operates on two IP ranges, based out of America and Japan. Block these ranges in your web server’s config file.

deny 216.104.0.0/19
deny 150.70.0.0/16

Next, take a look at these koala gifs. My God, they are so cute. They are like walking teddy bears!
Koala walkingKoala lookingkoala haters gonna hatekoala stare

9 thoughts on “Block Trend Micro’s Bots

  1. Basically you cannot trust even the anti-virus people to play fair. The safest thing you can do is unplug your computer and burn it with thermite.

  2. Our imageboard was scanned for “cp” and “dora” by their bots. Pretty damn creepy if you ask me.
    For anyone who doesn’t know the meanings of cp and dora, they mean child porn and Dora, the 4 year old from Dora the Explorer.
    It’s noble that they are trying to find those things, but really creepy in how they go about it.

    • If you are using Apache, find the .htaccess file and put the lines in there. If you are using Nginx, it’s the same syntax but with a semicolon at the end of each line, and the config file is probably not accessible if you are on shared hosting.
      If you are using Lighttp, I don’t know! It looks really complicated, and you are probably using Apache, but I am having so much fun typing right now that I simply cannot sto

  3. I use an open source stats program (piwik) and detected some strange real-time behaviour from a ‘user’. Turned out to be Trend Micro. IPs: 150.70.173.40, 150.70.173.50, etc.

    Changed IPs very quickly. Bastards. Banned.

    Thanks!

    • Hey, I’m really happy that this helped you out.
      It’s annoying how invasive Trend Micro is with their scanning techniques.

      Actually, just a month ago, we were finishing up a form for a client that would submit the form data via AJAX. Everything seemed to be working fine, but the client was telling us that his submissions were being duplicated. Since we were unable to recreate the situation, but were able to confirm that duplicate data was appearing in the database…and as much as 3 minutes apart, we thought for certain that the client was hitting the back button and resubmitting the same information.
      After a lot of confusion, we checked the server logs and found that the second submission was occurring from other IP addresses belonging to Trend Micro.
      Goddammit Trend Micro.

    • These fucks were creeping on my website, I need a coder to help me, I am ok with them on the site because I know they should be doing what they should and I have Trend Micro router security, hit me up over at http://www.gamingserverforum.com, Also, I have had Amazon bots on my website? Any reason for that?

  4. Can somebody explain to me why Trend Micro is still on my website with IP 150.70.97.121 but I already have blocked this IP for some weeks now?

    deny from 150.70.97.
    ….should do the trick, but I can still see them… :-(

Leave a Reply to eli Cancel reply

Your email address will not be published. Required fields are marked *