homepage Welcome to WebmasterWorld Guest from 54.204.59.230
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Pubcon Platinum Sponsor 2014
Visit PubCon.com
Home / Forums Index / WebmasterWorld / Professional Webmaster Business Issues
Forum Library, Charter, Moderators: LifeinAsia & httpwebwitch

Professional Webmaster Business Issues Forum

    
How to block malicious automated traffic?
virtualreality




msg:4572580
 6:05 am on May 10, 2013 (gmt 0)

I get tons of "traffic" from .ru and other links. I know this is a common problem for many webmasters so I was wondering what is the best way to stop this malicious automated traffic? My host recommended me CloudFlare. Have someone used that?

When I tied to install it on one of my sites via Cpanel I got the following "The installer is still in beta. There is a risk that it will cause a redirect loop or negatively impact your site. We recommend preforming the installation during low traffic periods." which did not sounds too good to me?

Also is there a way to block automated traffic with .htaccess?

Thanks!

 

lucy24




msg:4572593
 6:46 am on May 10, 2013 (gmt 0)

There are lots of things you can do. One of the easiest (don't cut and paste, this is simply my current version):

# fake or unwanted referers (.mobi used only by Ukrainians, no real .biz)
RewriteCond %{HTTP_REFERER} \.(ru|ua)(/|$) [NC]
RewriteCond %{HTTP_REFERER} !(google|yandex|mail)\.
RewriteRule (^|\.html|/)$ - [F]

RewriteCond %{HTTP_REFERER} http://example\.com [NC,OR]
RewriteCond %{HTTP_REFERER} \.(su|mobi|biz)(/|$) [NC,OR]
RewriteCond %{HTTP_REFERER} yandsearch\?text=(www\.)?example\.com [OR]
RewriteCond %{HTTP_REFERER} (badref1|badref2|badref3)
RewriteRule (^|\.html|/)$ - [F]

"http://example.com" is the wrong form of my domain name. If it shows up as a referer, it's fake. There are legitimate visits from yandex, but the ones giving my domain name are fake; it's just a mild spin on the auto-referer.

There's no such thing as mail.ua; I just put it that way to keep the rules simpler. (This week's rule: block mail.ru from images but let them see pages.)

"badref1" etc is a floating list. They make pests of themselves for a few months and then go away; now and then I check and update.

I constrain the rule to page extensions that I actually use (note position of anchors). There's an entirely separate set of blocks and/or rewrites for image files.

virtualreality




msg:4572625
 9:21 am on May 10, 2013 (gmt 0)

Thank you for your reply lucy24. What do you think of CloudFlare? Or is making adjustments to the .htaccess the better option?

lorax




msg:4572862
 8:30 pm on May 10, 2013 (gmt 0)

CloudFlare is a good service. I use them for several clients sites and my own.

Global Options:
 top home search open messages active posts  
 

Home / Forums Index / WebmasterWorld / Professional Webmaster Business Issues
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved