how to stop traffic coming to your site when referred by a potentially harmful domain or service.
Simply add the following code to your .htaccess file
Code:
RewriteEngine on
# Options +FollowSymlinks
RewriteCond %{HTTP_REFERER} badwebsite\.com [NC]
RewriteRule .* - [F]
Also whilst I'm posting about mod rewrite, here's a few more things that might come in handy...
Blocking users by IP address
Simply add the following to your htaccess file:
order allow,deny
deny from 12.345.6.78
deny from 88.77.66.
allow from all
This denies access to users at IP address 12.345.6.78 and anyone with IP address 88.77.66.* (where * is any value)
However remember that peoples IP addresses often change and there is nothing to stop people using a proxy to access your site. But in some cases you might find the above useful
Blocking users by referrer
A referrer is the site which your visitor came from to access your site. In order to deny users access by referrer add the following to your htaccess file:
RewriteEngine on
RewriteCond %{HTTP_REFERER} badwebsite\.co.uk [NC]
RewriteRule .* - [F]
Or in the case you want to block multiple sites use:
RewriteEngine on
RewriteCond %{HTTP_REFERER} badwebsite\.com [NC,OR]
RewriteCond %{HTTP_REFERER} badsite2\.com
RewriteRule .* - [F]
Note the backslash, this is because without it the fullstop would take its regular expression form and indicate any character - in this case it would still work, but it is best to do it properly. The NC tells it not to bother with case sensitivity. In the second example OR is used because other referrers are to be listed. The last line tells it which action to take when a match is found - in this case fail the request. Depending on your server configuration you may need to add the following line:
# Options +FollowSymlinks
Add this line if your server is not configured with FollowSynLinks in its <directory > section in its config file otherwiser you'll get 500 Internal server errors.
Note, however, that it is possible, in many browsers, to turn of your HTTP_REFERER so that other websites cannot use it.
Blocking Bots
This works in a very similar way to the previous example, except you are looking at the HTTP_USER_AGENT tag. You could therefore use it to block people using certain web browsers, although quite why you would want to do that I don't know!
RewriteEngine On
RewriteCond %{HTTP_USER_AGENT} ^badbot1 [OR]
RewriteCond %{HTTP_USER_AGENT} ^badbot2
RewriteRule ^.* - [F,L]
This will give both badbot1 and badbot2 403 forbidden errors when trying to access your site.
Preventing directory listings
Simply use:
IndexIgnore *
Where * matches all files. Or you could use:
IndexIgnore *.jpg *.gif
Which would prevent people seeing jpg or gif images in the directory listing
Preventing Hot-linking
Hot-linking is the process of including other websites content (such as images) in another website. To avoid this:
RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://(www\.)?yourwebsite.com/.*$ [NC]
RewriteRule \.(jpg|gif)$ - [F]
The above will stop people being able to hotlink any jpg or gif files. The following will actually feed them different content if they try to hotlink
RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://(www\.)?yourwebsite.com/.*$ [NC]
RewriteRule \.(gif|jpg)$
http://www.yourwebsite.com/forbidden.gif [R,L]
This will now replace any image they try to hotlink with forbidden.gif
regards
James.
stop unwanted traffic with mod rewrite and htaccess
Linear Mode
