Jump to content
Science Forums

Recommended Posts

Posted

When adding rewriteCond covering three different aspects do I have to start each with the :

 

RewriteEngine on

 

example:

1st instruction

# RewriteEngine on

# RewriteCond %{HTTP_REFERER} !^$

# Blah

# blah

# blah

# RewriteRule .*.(gif|GIF|jpg|JPG|bmp|BMP|wav|mp3|wmv|avi|mpeg)$ - [F]

 

2nd instruction:

 

# RewriteEngine on

# RewriteCond %{HTTP_REFERER} nasty.com [NC,OR]

# Blah

# blah

# RewriteRule .* - [F]

 

3rd instruction:

 

# RewriteEngine On

# RewriteCond %{HTTP_USER_AGENT} ^BadBot [OR]

# RewriteCond %{HTTP_USER_AGENT} ^AnotherBadBot [OR]

# Blah

# blah

# RewriteRule ^.* - [F,L]

 

Do I leave off the second and third Rewrite Engine On part

or Does htaccess need each rewrite on to initiate the separate commands?

or

Leave it on each , it wont affect how htaccess is handled?

Posted

And there are a bunch of bad! tutorials out there.

 

I managed to block everyone from the website (not sure if it was wildcards or escape) Fixed now.

 

Screwed up the No-Hot-Linking (fixed now)

 

Managed to block image linking within the website (fixed now).

 

Thought my head was gonna explode for a while there, but I am better now.

  • 6 months later...
Posted

OK I have a spammer. I dug up info and managed to get my htaccess to block the creep sometimes. My question is how to use wildcards in this piece so I can block more:

 

RewriteCond %{HTTP_REFERER} ^http(s)?://(www.)?airline333tickets.com.*$ [NC,OR]
RewriteCond %{HTTP_REFERER} ^http(s)?://(www.)?airline379tickets.com.*$ [NC,OR]

 

as you can see, what he is doing is changing from airlinetickets.com to airline333tickets.com, to airline279.com, etc. He is doing with with others also.

 

Is is something like http(s)?://(www.)?airline{*}tickets.com?

 

Thanks !

Posted

lol i thought i had one bad on this lamp box i put up on my company network... and then after thinking about it i was duhing myself.... it was a firewall rule... i was like ooooops, i meant to allow traffic to port 80, not deny it :graduate:

Posted
Keep it simple...deny all airlines... :)

 

RewriteEngine on
RewriteCond %{HTTP_REFERER} ^http://(www.)?.*(-|.)?airline(-|.).*$ [OR]
RewriteRule .* - [F]

 

Not tested, just guessing, really.

 

The * in the referer name gave me a 500 internal error.

 

the adjustments I tried did not block *airline. I didnt try every combo possible, may work on that later this week. But its been over 2 full days now and the spammer has been getting 403'd when he tries to get in after I added a few name combos proactively.

 

htaccess is pretty cool!

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
×
×
  • Create New...