You won't be having any issues if you would have been using IPHUB.
{"ip":"45.35.114.213","asn":40676,"isp":"AS40676","countryCode":"US","countryName":"United States","hostname":"45.35.114.213","
block":1}
There are A LOT of bot attacks from VPNS using different IPS and coin addresses.
Basically, when you look at the logs, you see one claim per IP per coin address and you wouldn't know that was a bot or not.
The only thing they have in common is that they are coming from VPN providers.
This is where IPHUB comes into place, it blocks anything listed as VPN/Proxy (99,99% of bot attacks).
Not sure if this will work but you could try adding this code to your index.php right under <?php
if (!empty($_POST)) {
$whitelist = array('17.17.0.37', '54.87.138.13');
if (!in_array($_SERVER['REMOTE_ADDR'], $whitelist)) {
$ip = $_SERVER['REMOTE_ADDR'];
$name = $user['address'];
$time = date("d-m-Y h:i:sa ");
$handle = fopen("blockedips.txt","a");
$ch = curl_init();
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_URL, 'http://v2.api.iphub.info/ip/'.$ip);
curl_setopt($ch, CURLOPT_HTTPHEADER, array('X-Key: YOUR-IPHUB-API'));
$result = curl_exec($ch);
curl_close($ch);
$obj = json_decode($result, true);
if($obj['block'] == '1'){
fwrite($handle, "". $time . " : " . $ip . " : FB-BTC : " . $name . "\n");
fclose($handle);
header("Location: http://address.com/blocked.php");
die();
}
}
}
Just edit the YOUR-IPHUB-API key with your own (u need to create an account to get an api key- it's free)
Also, you can create a custom blocked.php page where visitor blocked is notified that he has been blocked due to vpn use
Good luck!