homepage Welcome to WebmasterWorld Guest from 54.145.209.80
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Pubcon Platinum Sponsor 2014
Home / Forums Index / WebmasterWorld / Professional Webmaster Business Issues
Forum Library, Charter, Moderators: LifeinAsia & httpwebwitch

Professional Webmaster Business Issues Forum

    
How to block malicious automated traffic?
virtualreality

5+ Year Member



 
Msg#: 4572578 posted 6:05 am on May 10, 2013 (gmt 0)

I get tons of "traffic" from .ru and other links. I know this is a common problem for many webmasters so I was wondering what is the best way to stop this malicious automated traffic? My host recommended me CloudFlare. Have someone used that?

When I tied to install it on one of my sites via Cpanel I got the following "The installer is still in beta. There is a risk that it will cause a redirect loop or negatively impact your site. We recommend preforming the installation during low traffic periods." which did not sounds too good to me?

Also is there a way to block automated traffic with .htaccess?

Thanks!

 

lucy24

WebmasterWorld Senior Member lucy24 us a WebmasterWorld Top Contributor of All Time Top Contributors Of The Month



 
Msg#: 4572578 posted 6:46 am on May 10, 2013 (gmt 0)

There are lots of things you can do. One of the easiest (don't cut and paste, this is simply my current version):

# fake or unwanted referers (.mobi used only by Ukrainians, no real .biz)
RewriteCond %{HTTP_REFERER} \.(ru|ua)(/|$) [NC]
RewriteCond %{HTTP_REFERER} !(google|yandex|mail)\.
RewriteRule (^|\.html|/)$ - [F]

RewriteCond %{HTTP_REFERER} http://example\.com [NC,OR]
RewriteCond %{HTTP_REFERER} \.(su|mobi|biz)(/|$) [NC,OR]
RewriteCond %{HTTP_REFERER} yandsearch\?text=(www\.)?example\.com [OR]
RewriteCond %{HTTP_REFERER} (badref1|badref2|badref3)
RewriteRule (^|\.html|/)$ - [F]

"http://example.com" is the wrong form of my domain name. If it shows up as a referer, it's fake. There are legitimate visits from yandex, but the ones giving my domain name are fake; it's just a mild spin on the auto-referer.

There's no such thing as mail.ua; I just put it that way to keep the rules simpler. (This week's rule: block mail.ru from images but let them see pages.)

"badref1" etc is a floating list. They make pests of themselves for a few months and then go away; now and then I check and update.

I constrain the rule to page extensions that I actually use (note position of anchors). There's an entirely separate set of blocks and/or rewrites for image files.

virtualreality

5+ Year Member



 
Msg#: 4572578 posted 9:21 am on May 10, 2013 (gmt 0)

Thank you for your reply lucy24. What do you think of CloudFlare? Or is making adjustments to the .htaccess the better option?

lorax

WebmasterWorld Administrator lorax us a WebmasterWorld Top Contributor of All Time 10+ Year Member



 
Msg#: 4572578 posted 8:30 pm on May 10, 2013 (gmt 0)

CloudFlare is a good service. I use them for several clients sites and my own.

Global Options:
 top home search open messages active posts  
 

Home / Forums Index / WebmasterWorld / Professional Webmaster Business Issues
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved