> When I upload my .htaccess file and try and view my website with both wild card and specific Spammer URL's in the .htaccess I see an error page thrown up saying ACCESS DENIED.

I'm sorry, it isn't clear how or why this response differs from what you expect. The error page is the usual response to a request that is handled with the [F] flag in RewriteRule.

Jim

Hi
The rule is should only be actioned if one of the above URL's tries to access my site. Since I am not accessing my site from any of those URL's I am not expecting the error page.

This code works (i.e. no error page is thrown up)

RewriteEngine On #only include this line once to enable the rewriting engine

deny from 62.*.221.174
RewriteCond %{HTTP_REFERER} ^http://(www\.)?.*(-¦.)poker(-¦.).*$ [OR]
RewriteCond %{HTTP_REFERER} ^http://(www\.)?referrer-script.*$ [OR]
RewriteCond %{HTTP_REFERER} ^http://www14\.blogspot.*$ [OR]
RewriteCond %{HTTP_REFERER} ^http://(www\.)?yahh+oo.*$
RewriteRule .* - [F,L]

However if I add a line of code to the above wild card list excluding a SPECIFIC url I see the error page when I try to access my site.

JohnB

[edited by: jdMorgan at 5:08 pm (utc) on Feb. 16, 2005]
[edit reason] Removed specifics. [/edit]

Let's keep the examples within the terms of service and short, please.

Now, using the shortened example in your last post, you would exclude a specific URL like this:

Deny from 62.*.221.174
# only include this line once to enable the rewriting engine
RewriteEngine On
RewriteCond %{HTTP_REFERER} ^http://(www\.)?.*(-¦.)poker(-¦.).*$ [OR]
RewriteCond %{HTTP_REFERER} ^http://(www\.)?referrer-script.*$ [OR]
RewriteCond %{HTTP_REFERER} ^http://www14\.blogspot.*$ [OR]
RewriteCond %{HTTP_REFERER} ^http://(www\.)?yahh+oo.*$ [b][OR][/b]
[i]RewriteCond %{HTTP_REFERRR} ^http://www\.specfic_referer\.com/specific_page\.html$[/i]
RewriteRule .* - [F,L]

And note some cleanups/speedups are possible by eliminating unnecessary/redundant regex and a flag:

Deny from 62.*.221.174
# only include this line once to enable the rewriting engine
RewriteEngine On
RewriteCond %{HTTP_REFERER} ^http://(www\.)?.*[-.]poker[-.] [OR]
RewriteCond %{HTTP_REFERER} ^http://(www\.)?referrer-script [OR]
RewriteCond %{HTTP_REFERER} ^http://www14\.blogspot [OR]
RewriteCond %{HTTP_REFERER} ^http://(www\.)?yahh+oo [OR]
RewriteCond %{HTTP_REFERRR} ^http://www\.specfic_referer\.com/specific_page\.html$
RewriteRule .* - [b][F][/b]

The main change is that there is no need to end-anchor a "wildcard" pattern. That is ".*$" changes nothing, whether it is present or omitted. The [L] flag, when used with [F] is redundant.

Jim

Hi Jim
Thanks for that.

I included the full black list so that other members of the forum who read this post may be able to use it if they wished and therefore I tought it would be of benefit.

I want to block on entire specific domain but I notice that you last line is dealing with a specific page on a specific domain - which is not what I was after. How would I modify this so that it would block a whole specific domain?

Please note Jim that all of this code looks totally alien to me so please forgive the basic questioning here. All I need is a template that I can work with and then I can modify it as the SMAMMING domains appear in my log files.

Thank you

JohnB.

Some of the domains/words in that list are not suitable for posting here.

We have to be careful with the terminology here, for a couple of reasons.

First, when you say you want to block a domain, are you talking about blocking all *referrals* from that domain (which is what the code you have already does), or are you talking about blocking visitors from a specific country, ISP, corporate network, or private domain? And if so, do you really have to block by domain, or can you get the IP address or IP address range and use that instead?

Blocking by domain is horribly inefficient, since your serve must do a reverse-dns request to get the domain name based on the IP address of the requestor. Blocking by IP is more efficient.

These subjects are covered in the mod_rewrite docuentation (see link in our Forum Charter), but here are two examples:

# block visitors from IP address range 192.168.10.0 thru 192.168.10.255
RewriteCond %{REMOTE_ADDR} ^192\.168\.10\. [OR]
# block users of AOL hosting service
RewriteCond %{REMOTE_HOST} aol\.com [OR]

Second, when we talk about blocking, the methods we're discussing here are not going to keep these requests out of your log files. If you have access to httpd.conf, you can use the CustomLog directive to prevent logging under certain circumstances. If not, you can ask your host to block IP addresses at the router that feeds your server.

I recommend that you study the resources cited in our Forum Charter (link at upper left). I also recommend tht you never install code on your server that you don't understand; If you do, and it causes subtle, infrequent problems, then what?

Hopefully, the above examples will get you started towards a solution.

Jim

Hi Jim
Thanks for your comprehensive answer.

I would love to understand all the code that I use but I am not a programmer and don't have those types of skills.

I spent half a day researching and reading different articles on the web and what I found was the code presented. The articles had a brief explanation on how to use it.

Sometimes we have to trust what others say if we don't have that expertise. If I were to study to understand precisely how that code is made up and functions it would take me several months.

All I want to do is block the URL's of the sites that are spamming my log files. I thought it would be easy to achieve but now I have to admit to being more confused than when I started.

I will read your suggestions and try and fathom out what to do. My ISP was not much help hence the posting here.

Anyway thanks for taking the time to reply

Regards,

John B