Actually, we have not seen a hit in 3 hours! Maybe using an IP takes time to resolve or something? Whatever the case, beyond the call of duty and I am in our debt! I will ask that my boss make a donation to this wonderful site!

Me again ;-)

There is a link I cannot block. Does anyone know how I need to type it in the htacess code?

http://anonym.to/?http://www.OURSITE.com/2009.htm

Thank you,
S

[edited by: jdMorgan at 2:33 am (utc) on April 16, 2009]
[edit reason] de-linked [/edit]

Please post the code you tried. Our intention here is to help you learn to do this yourself.

Thanks,
Jim

RewriteCond %{HTTP_REFERER} anonym.to\.? [NC,OR] Did not work.

RewriteCond %{HTTP_REFERER} anonym.to\.com [NC,OR] Did not work.

I read that this is an anonymous server/proxy thing they are using so i am unsure how to do this one. I have been blocking many with the code you taught me how to use ;-)

RewriteCond %{HTTP_REFERER} http://anonym.to\.? [NC,OR]

I tried that as well.

[edited by: jdMorgan at 2:33 am (utc) on April 16, 2009]
[edit reason] de-linked [/edit]

RewriteCond %{HTTP_REFERER} anonym.to\.ru [NC,OR]
RewriteCond %{HTTP_REFERER} anonym.to\.en [NC,OR]
RewriteCond %{HTTP_REFERER} anonym.to\.nl [NC,OR]
RewriteCond %{HTTP_REFERER} anonym.to\.de [NC,OR]
RewriteCond %{HTTP_REFERER} anonym.to\.es [NC,OR]

I tried this since the site anonym site shows how to generate their code but no go. Am I getting warmer or?

All literal periods in regular-expressions patterns *should* be escaped by preceding them with a backslash. But failure to do so will result in unexpected matches, rather that unexpected failures to match.

So I see nothing hat would have kept at least one of your attempts from working.

If the country-code on the referrer can change, just leave it off and use something like:

RewriteCond %{HTTP_REFERER} anonym\.to [NC,OR]

The only other things I can think of are to re-iterate that the first line I posted (i.e. RewriteCond %{REQUEST_URI} !^/path-to-custom-403-document\.html ) and the last RewriteCond in your bad-referrer list must NOT have an [OR] in their flags, and to be sure to completely-flush your browser cache after making any change to your server-side code.

Jim

I will omit the big list of BAD SITES and show you what is on the htacess file now.

Options +FollowSymlinks
#

RewriteCond %{REQUEST_URI} !^/403.shtml
RewriteCond %{HTTP_REFERER} badsite1\.com [NC,OR]
RewriteCond %{HTTP_REFERER} anonym\.to [NC,OR]
RewriteCond %{HTTP_REFERER} badsite2\.com [NC]
RewriteRule .* - [F]

All of the sites (list not shown) are blocked. The anonym\.to is not working.

S

The posted code is correct and should work -- as long as anonym.to is the HTTP Referer. That is, if the page with a link to your site is hosted on anonym.to.

It won't work if the request comes *from* the server anonym.to itself -- For that, you need to check %{REMOTE_HOST}

Jim

Options +FollowSymlinks
#

RewriteCond %{REQUEST_URI} !^/403.shtml
RewriteCond %{REMOTE_HOST} anonym\.to [NC,OR]
RewriteRule .* - [F]

CAUSED 500 ERROR BECAUSE OF THE [NC,OR] I ASSUME.

AND

Options +FollowSymlinks
#

RewriteCond %{REQUEST_URI}!^/403.shtml
RewriteCond %{REMOTE_HOST}anonym\.to [NC]
RewriteRule .* - [F]

DID NOT WORK! :-(

Here's some info on this anonym.to

The advantages of anonymizing your external links with anonym.to
Webmasters can use this tool to prevent their site from appearing in the server logs of referred pages as referrer. The operators of the referred pages cannot see where their visitors come from any more.
Using the referrer removal service is quite easy:
http://anonym.to/?http://www.example.com/ produces an anonymous link to example.com which prevents the original site from appearing as a referrer in the logfiles of the referred page.

Again: The link they are using is, http://anonym.to/?http://www.OURSITE.com/nv2009.htm

[edited by: Sara_Page at 2:03 am (utc) on April 16, 2009]

[edited by: jdMorgan at 2:23 am (utc) on April 16, 2009]
[edit reason] example.com [/edit]

If this means that you do not see a referrer in your raw server access log files, then there's nothing you can do about it using mod_rewrite or any other HTTP-connection-based access controls. If the visitors' activity is illegal in any way, you could put a lawyer on it, but your server can act only upon the relevant information that it receives -- most of which it logs in the raw access log file.

Consider putting your protected content behind an authorization script, and requiring either a visit to one of your own site's pages (which sets a short-lived cookie to be checked by the script before it will display the protected content) or you could require visitors to log in before the script will serve protected content.

The basis of the Web is that it is open. It was originally designed for use by academics and government employees. For this reason, many of the foundations of the Web lack restrictive access controls, except by adding additional layers of code on the server.

Jim

We have password protect some of our pages but it does hurt valid users. Hard to get our attorney to fight all of Russia, etc. Basically, they have pirated some of our software products and, if that's not bad enough, they post a link to our site so you can read all about it before you steal it. What a world! Rapid Share kills the links once we report them but the bad sites just make new ones. Any bad site that is linking to us without this anonym.to are getting our message about piracy and then they are banned. That is thanks to your help ;-)

Anyway, I will check logs and see if there's any info there that may help. Protection is out there for our type of products but it is very costly and we have seen that hacked too.

Thanks you again!

[edited by: Sara_Page at 2:32 am (utc) on April 16, 2009]