Welcome to WebmasterWorld Guest from 3.227.233.55

Forum Moderators: Ocean10000 & phranque

Message Too Old, No Replies

.htaccess to block log spammer

is this the best way?

     

dcrombie

6:08 pm on Nov 9, 2003 (gmt 0)

Inactive Member
Account Expired

 
 


I started seeing strange UA entries in the logs for one of our sites. The UAs were all www.somesite.us and all came from the same IP address. At first I thought they would go away as no valid pages were being requested. When they didn't, I created an .htaccess file:

<Limit GET>
order allow,deny
deny from <snip>
allow from all
</Limit>

A bit more research and I realised these <expletive deleted>s were hitting the site in order to get their domains to appear in the /stats/ report ("log spamming"). Sending a 403 wasn't enough as they still make it into the logs.

I've protected the /stats/ dir using .htaccess so the incentive for them is gone. At the same time I changed the site .htaccess file to:

RewriteEngine On
RewriteCond %{REMOTE_ADDR} ^<snip>
RewriteRule .* - [N]

Question - is this going to cause problems on our server (hope not), or on their server (hope so). Is there another way to palm them off or send them into a loop?

[edited by: engine at 6:28 pm (utc) on Nov. 9, 2003]
[edit reason] No specifcs thanks. See TOS [webmasterworld.com] [/edit]

6:40 pm on Nov 9, 2003 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:Dec 2, 2002
posts:1167
votes: 0


Shutting the stats off from public view is the best move, and you indicate that's already been done.

I don't see anything that would cause problems on your server, and do yourself a major favor and forget about trying to cause problems on their server. It's bad form, and you already know you can spend your time far more productively.

8:29 pm on Nov 9, 2003 (gmt 0)

Senior Member

WebmasterWorld Senior Member jdmorgan is a WebmasterWorld Top Contributor of All Time 10+ Year Member

joined:Mar 31, 2002
posts:25430
votes: 0


dcrombie,

You really don't want to do this...


RewriteEngine On
RewriteCond %{REMOTE_ADDR} ^192\.****\.0\.1$
RewriteRule .* - [N]

The [N] flag means to restart the rewriting process from the beginning. Since you did not modify the URL in the RewriteRule, this will indeed "loop forever" on your server until the client browser/spider gives up.

I agree 100% with kevinpate... Issue a 403 for all requests from this IP address 'til they go away, block access to your stats to remove the incentive for future log spammers, and then forget about these guys. There are hundreds or thousands more just like them out there.


RewriteEngine On
RewriteCond %{REMOTE_ADDR} ^192\.****\.0\.1$
RewriteRule .* - [b][F][/b]

Jim
11:21 pm on Nov 9, 2003 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:Dec 2, 2002
posts:1167
votes: 0


Jim's eyes and noggin' are mucho superior to mine. I dinna EVEN catch that the original posted code was listed as [N] instead of [F]
Pardon me while I slide off to find a wet noodle to swat myself a few times.
 

Join The Conversation

Moderators and Top Contributors

Hot Threads This Week

Featured Threads

Free SEO Tools

Hire Expert Members