homepage Welcome to WebmasterWorld Guest from
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Become a Pro Member

Visit PubCon.com
Home / Forums Index / Code, Content, and Presentation / Apache Web Server
Forum Library, Charter, Moderators: Ocean10000 & incrediBILL & phranque

Apache Web Server Forum

Help me redirect strange referer

 2:54 pm on Nov 3, 2010 (gmt 0)


my website gets a lot of traffic from this referer, its almost like spam, i want to redirect it to different url but its not working

i tried:

RewriteEngine On
RewriteCond %{HTTP_REFERER} ^http://query\.us\.kikin\.com [OR]
RewriteCond %{HTTP_REFERER} ^http://query\.ie\.kikin\.com [OR]
RewriteCond %{HTTP_REFERER} ^http://*\.kikin\.com [OR]
RewriteCond %{HTTP_REFERER} ^http://*.kikin\.com [OR]
RewriteCond %{HTTP_REFERER} ^http://*.kikin\.com
RewriteRule .* http://www.shibumi.org/eoti.htm[R=301,L]

what im doing wrong ?



 3:16 pm on Nov 3, 2010 (gmt 0)

What's not working?
What do your error logs say?

Is the page that your attempting to redirect to located within your own website (s)?
If not and your redirecting to another server (a bad practice) your view of a solution is no different than the refer's offense.

All your RewriteCond lines (five in all) may be eliminated and replaced with a solitary line:

# Refer contains the word kikin
RewriteCond %{HTTP_REFERER} kikin

Your closing line should function OK.

Please note that refer based redirects are not 100% effective. Many browsers, servers and even direct page requests are absent (blank) the referral field.


 3:21 pm on Nov 3, 2010 (gmt 0)

i've taken this code from web, i want to redirect this traffic to my website, this is just an example

thanks for reply


 4:24 pm on Nov 3, 2010 (gmt 0)

redirection is not working and there is nothing in error logs..


 5:41 pm on Nov 3, 2010 (gmt 0)

You always need a space before the flag(s)...




filename.htm [R=301,L]

FWIW, I've recently seen too many suspicious http://query.us.kikin.com/ (etc.) referrers coming from just one address, so I'm also redirecting the address (to an e-mail-me-for-access page) as well as doing basically the same thing wilderness indicated --

RewriteCond %{HTTP_REFERER} kikin [NC]

There's just something too fishy about the kikin referrers -- they don't include my site(s), but rather include another site that has nothing to do with mine. Always.

My guess is there may be some log-spamming going on, plus the who-knows-what stuff associated with sites affiliated with/hosted by Amazon (kikin.com = = amazon.com)... [webmasterworld.com...] We shall see...


 6:19 pm on Nov 3, 2010 (gmt 0)

You always need a space before the flag(s)...

I seem to recall that issue causing a 500 error, one time or another.

My only current site is a pro bono that doesn't get much traffic or even variety, unlike my former sites.



 6:34 pm on Nov 3, 2010 (gmt 0)

Ralf Engelschall's original docs (and most posts here; and my own htaccess files) show a space:

Apache 2.0 [httpd.apache.org...]
Apache 1.3 [httpd.apache.org...] [httpd.apache.org...]

I'd suspect that no space means the rule fails because there are no flags. Also, neither would a 'right side' file name or link exist with brackets and such 'in' it. Or maybe the latter is why you got a 500 error? (I'll defer to Jim on all this stuff, of course:)


 7:37 pm on Nov 3, 2010 (gmt 0)

I would not redirect those requests to a new URL. That's extra work for your server if you have to service a second request. It's also clutter for your server logs and analytics.

I would rewrite (that's rewrite, not redirect) those requests to a very-small-byte-size html file with an short error message, or else simply invoke
RewriteRule . - [F] here.

 3:10 am on Nov 4, 2010 (gmt 0)

The OP and I both mention redirecting to a new URL...

If you're speaking to -- me? I redirect iffy visitors to specific message pages on/in another IP in the same CIDR. The essentially quarantined visitors are thus prevented from running amuck on the mostly dynamic-page site and the message pages log diagnostics beyond the original site's. Not speaking to me? Um, to quote Roseanne Roseannadanna, "Nevermind."


 11:39 am on Nov 4, 2010 (gmt 0)

damn this redirection is still not working, code looks fine.. i dont know what is going on...


 1:10 pm on Nov 4, 2010 (gmt 0)

If you condensed your five (5) RewriteCond lines down to the one I suggested?
Did you accidenatlly include the [OR] flag?
If so remove.


 12:25 am on Nov 5, 2010 (gmt 0)

problem solved, its working now, propably ive made some typo in code, thanks guys

grandma genie

 2:03 am on Nov 10, 2010 (gmt 0)

Found the similar referer in today's logs:

92.252.127.nn - - [09/Nov/2010:13:39:56 -0500] "GET /favicon.ico HTTP/1.1" 403 302 "http://query.ie.kikin.com/query-server/K/Query/?ksu=http%3A//www.init.com/&returnType=html" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB6.6; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.2; .NET4.0C)"

Was thinking of banning such referers in htaccess like this:

# Return 403-Forbidden response for kikin referers
RewriteCond %{HTTP_REFERER} kikin [NC]
RewriteRule ^ - [F]

Will this work? Is this a proper response to these types of referers or is this overkill?


 2:28 am on Nov 10, 2010 (gmt 0)

Those look a lot like real users.

You are aware what their service is?

You could be cutting a whole class of users off (especially so if your site has something to do with Ireland)!

grandma genie

 4:20 am on Nov 10, 2010 (gmt 0)

I don't think so. Whoever it was they were from Germany and only going after the favicon.ico with maybe 50 attempts at the same thing. Got 403's but I had not blocked them. Maybe it was my hotlinking ban that caused the 403s. Didn't act like a real person. More like a bot.

grandma genie

 4:27 am on Nov 10, 2010 (gmt 0)

That link goes to a page of javascript. I'm pasting it below. Don't know what it is supposed to do:

<html xml:lang="en" xmlns="http://www.w3.org/1999/xhtml" lang="en" xmlns:kikin="http://www.kikin.com/">

<!-- Additional JavaScript injection scope -->

<!-- JavaScript Codes -->

<script type="text/javascript"><!--
// <kikin:script type="template">
var timeBeforeBootstrap = new Date().getTime();
var KikinBootstrap = {};
KikinBootstrap.addHeadElement = function (element) {
var headElement = document.getElementsByTagName('head')[0];
if (headElement != undefined) {
KikinBootstrap.addExternalJavaScript = function (script) {
var element = document.createElement("script");
element.setAttribute('src', script);
element.setAttribute('type', 'text/javascript');
return element;
KikinBootstrap.addInlineJavaScript = function (script) {
var element = document.createElement("script");
element.setAttribute('type', 'text/javascript');
element.innerHTML = script;
return element;
// </kikin:script>

<!-- Programmatical global JavaScript injection -->

<!-- HTML Markup -->
<kikin:extend extensionPoint="extension.top">




 1:36 am on Nov 13, 2010 (gmt 0)

Perhaps you will get better help understanding that in the JavaScript Forum [webmasterworld.com].

Global Options:
 top home search open messages active posts  

Home / Forums Index / Code, Content, and Presentation / Apache Web Server
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved