htaccess syntax for blocking referrer spam - Apache Web Server forum at WebmasterWorld - WebmasterWorld

Forum Moderators: phranque

Message Too Old, No Replies

htaccess syntax for blocking referrer spam

annoyed, mainly

molecularr

9:08 pm on Mar 20, 2005 (gmt 0)

10+ Year Member

Hi,

I'm experiencing a moderate referrer spam problem, and while it's not a major bandwidth issue (currently), it's annoying me enough that I want to stop as much as I can. I've read several different ways to use .htaccess and Apache's RewriteEngine to accomplish, but I've only succeeded in completely blocking access to the site in question. (I got it back by removing the RewriteRule, but I can't seem to make a RewriteRule that blocks what I want it to.)

I suspect this is just a syntax issue or something, but I just can't make it work. Can someone take a look at the following and tell me why it might give every access attempt a 403?


RewriteEngine On
RewriteCond %{HTTP_REFERER}!^http://(www\.)?my-site\.org/ [NC]
RewriteCond %{HTTP_REFERER}!google\. [NC] 
RewriteCond %{HTTP_REFERER}!^$
RewriteRule \.(jpe?g¦gif¦bmp¦png)$ images/nohotlink.jpg [L]
RewriteCond %{HTTP_REFERER} (keywords) [NC,OR]
RewriteRule .* - [F,L]

The first part is a thing to prevent hotlinking, but I included it in case it's throwing off the second set of rules.

Thanks.

ogletree

9:13 pm on Mar 20, 2005 (gmt 0)

WebmasterWorld Senior Member

10+ Year Member

Top Contributors Of The Month

You can also try to contact the person that is hitting you. They don't want to waste their time hitting your site if you are going to block it anyhow. Also don't make your logs public.

molecularr

9:21 pm on Mar 20, 2005 (gmt 0)

10+ Year Member

The logs aren't public, so the spammers aren't getting anything out of me. I'm a little afraid to contact some of these people since some of the content of their sites range from "objectionable" to "clearly illegal." Anyway, do you find that spammers will respond to such requests? I figure if they're spamming, they've already demonstrated their unscrupulousness (is that a word?).

At any rate, I'm mainly frustrated with myself that this Rewrite thing should be working but isn't for some reason.

jdMorgan

1:04 am on Mar 21, 2005 (gmt 0)

WebmasterWorld Senior Member

10+ Year Member


RewriteCond %{HTTP_REFERER} (keywords) [NC,OR]
RewriteRule .* - [F,L]

Never use the [OR] flag on the last RewriteCond -- It makes no logical sense, and will cause the rule to fail.
Also, [L] used with [F] is redundant, so you can remove the [L] on the rule.

Jim

molecularr

4:37 pm on Mar 21, 2005 (gmt 0)

10+ Year Member

Ah yes, that did it, of course.

Thanks very much.

Chair

1:47 am on Mar 22, 2005 (gmt 0)

10+ Year Member

I have the same problem, just a few days ago my site get these hits from this particular site. I uses .htaccess to block the URL and everytime i add the URL to block it, the new URL comes up.But it's the same pattern. It is annoying.. How will you stop this log spamming

# Options +FollowSymlinks
RewriteEngine On
RewriteCond %{HTTP_REFERER} ^http://(www\.)?example.com.*$ [OR]
RewriteCond %{HTTP_REFERER} ^http://(www\.)?example.com.*$ [NC,OR]
RewriteCond %{HTTP_REFERER} ^http://(www\.)?example.com*$ [NC,OR]
RewriteCond %{HTTP_REFERER} ^http://(www\.)?example.com.*$ [NC]
RewriteCond %{HTTP_REFERER} ^http://(www\.)?example.com*$ [NC]
RewriteRule .* - [F,L]

thanks...hope to hear from you

[edited by: engine at 9:28 am (utc) on Mar. 22, 2005]

[edited by: jdMorgan at 1:01 am (utc) on Mar. 23, 2005]
[edit reason] examplified [/edit]

jdMorgan

2:14 am on Mar 22, 2005 (gmt 0)

WebmasterWorld Senior Member

10+ Year Member

It's not likely that you *can* stop log spamming... Once it's in your logs, they have accompished their goal, so it does not matter if you return a 200-OK response or a 403-Forbidden response.

The code you posted won't work unless you add the [OR] -- or [NC,OR] -- flag to all but the last RewriteCond.

Jim