Welcome to WebmasterWorld Guest from 23.22.173.239

Forum Moderators: Ocean10000 & incrediBILL & phranque

Message Too Old, No Replies

Is this correct code for blocking referer spam?

     

proboscis

5:45 pm on May 11, 2012 (gmt 0)

10+ Year Member





If "example" is the domain name will this block referer spam from example dot anything plus subdomains?


SetEnvIf Referer example. bad_referer=1

deny from env=bad_referer

wilderness

6:31 pm on May 11, 2012 (gmt 0)

WebmasterWorld Senior Member wilderness is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month



you don't have to use the complete domain name and/or extension.

1) your env setting is ok.
2) change this to (IF REFEr contains example):
SetEnvIf Referer example bad_referer

Note; you may use other words that come from the refers line as well, the use is not limited to domain name, just as long as you USE "contains", rather than the "begins with" or "ends with" anchors.

This belongs in the SSID forum [webmasterworld.com]

proboscis

6:17 pm on May 12, 2012 (gmt 0)

10+ Year Member



Okay, thanks wilderness. I don't need the dot there I guess?

lucy24

10:40 pm on May 12, 2012 (gmt 0)

WebmasterWorld Senior Member lucy24 is a WebmasterWorld Top Contributor of All Time Top Contributors Of The Month



In this specific context the dot won't do any harm, but it isn't needed... UNLESS there exist sites called, say, exampleofgoodstuff.com and you don't want to block those. Then it can make a big difference.

SetEnvIf and the shortcut BrowserMatch both use Regular Expressions. That means an unescaped dot . means "any character at all". If you need it to mean "only a dot and nothing else" then you have to escape it with a backslash like this \.

proboscis

2:28 am on May 13, 2012 (gmt 0)

10+ Year Member



Okay, I think I've got it. Thanks!