blocking a request

Forum Moderators: phranque

Message Too Old, No Replies

blocking a request

JoeHeinenDC

10:28 pm on Aug 24, 2007 (gmt 0)

Is there a way to block a request?

I have a spammer bot thats bogging down the server.

the request is GET /topsites/button.php?u=viphikaye HTTP/1.1

I no longer have the topsites...but the requests keep coming

wilderness

6:56 pm on Aug 25, 2007 (gmt 0)

Is there a way to block a request?

NO!

You may deny access, however the requests will still take place and the requests (not access; i.e, 200) will still appear in your visitor logs.

Please note; both of the below require additional lines of data:

SetEnvIfNoCase Referer topsites keep_out
or
RewriteCond %{HTTP_REFERER} topsites [OR]

jdMorgan

8:14 pm on Aug 25, 2007 (gmt 0)

In both cases, the variable to be tested is the requested URL, not the referrer. So the code should read:


SetEnvIfNoCase Request_URI "^/topsites" keep_out
or
RewriteCond %{REQUEST_URI} ^/topsites [OR]

As Wilderness noted, these lines are intended to be added to previously-existing access-denial routines in your .htaccess file. The result will be that the server will respond with a 403-Forbidden response to any access request. However, the request will still be logged.

You could conceivably ask your host to completely block these access attempts at the server firewall. However, many firewalls don't have the capability to block per-URL, and hosts generally will only add blocks to the firewall when the abuse level rises to that of a Denial-Of-Service attack, or if it affects many sites on the same physical server.

Jim