Forum Moderators: LifeinAsia

Message Too Old, No Replies

How to block malicious automated traffic?

         

virtualreality

6:05 am on May 10, 2013 (gmt 0)

10+ Year Member Top Contributors Of The Month



I get tons of "traffic" from .ru and other links. I know this is a common problem for many webmasters so I was wondering what is the best way to stop this malicious automated traffic? My host recommended me CloudFlare. Have someone used that?

When I tied to install it on one of my sites via Cpanel I got the following "The installer is still in beta. There is a risk that it will cause a redirect loop or negatively impact your site. We recommend preforming the installation during low traffic periods." which did not sounds too good to me?

Also is there a way to block automated traffic with .htaccess?

Thanks!

lucy24

6:46 am on May 10, 2013 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member Top Contributors Of The Month



There are lots of things you can do. One of the easiest (don't cut and paste, this is simply my current version):

# fake or unwanted referers (.mobi used only by Ukrainians, no real .biz)
RewriteCond %{HTTP_REFERER} \.(ru|ua)(/|$) [NC]
RewriteCond %{HTTP_REFERER} !(google|yandex|mail)\.
RewriteRule (^|\.html|/)$ - [F]

RewriteCond %{HTTP_REFERER} http://example\.com [NC,OR]
RewriteCond %{HTTP_REFERER} \.(su|mobi|biz)(/|$) [NC,OR]
RewriteCond %{HTTP_REFERER} yandsearch\?text=(www\.)?example\.com [OR]
RewriteCond %{HTTP_REFERER} (badref1|badref2|badref3)
RewriteRule (^|\.html|/)$ - [F]

"http://example.com" is the wrong form of my domain name. If it shows up as a referer, it's fake. There are legitimate visits from yandex, but the ones giving my domain name are fake; it's just a mild spin on the auto-referer.

There's no such thing as mail.ua; I just put it that way to keep the rules simpler. (This week's rule: block mail.ru from images but let them see pages.)

"badref1" etc is a floating list. They make pests of themselves for a few months and then go away; now and then I check and update.

I constrain the rule to page extensions that I actually use (note position of anchors). There's an entirely separate set of blocks and/or rewrites for image files.

virtualreality

9:21 am on May 10, 2013 (gmt 0)

10+ Year Member Top Contributors Of The Month



Thank you for your reply lucy24. What do you think of CloudFlare? Or is making adjustments to the .htaccess the better option?

lorax

8:30 pm on May 10, 2013 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member Top Contributors Of The Month



CloudFlare is a good service. I use them for several clients sites and my own.