Block access from a domain - rewrite rule

system · August 10, 2006, 9:43am

Hello,

A domain has created a link to a website. To not have too much bandwidth used We’d like to disallow the access to our site from this domaine.

To do this we have created this rule in a .htaccess file
RewriteEngine on
RewriteCond %{REMOTE_REFERER} ^http://www.ehrensenf.de/.$ [NC]
RewriteRule . http://www.cinemannecy.fr/erreur404.htm [R,L]

Basicly it routes the request from the remote_referer to an error page.

But it doesn’t work

We’ve also tried something like
<LIMIT GET POST>
order allow, deny
allow from all
deny from ehrensenf.de
</LIMIT>

But it also doesn’t work (if I go on this site and click on the link linked to our site, our page is shown as normal)

Do you see an error in my rewrite rule ?
Do you have a better idea on how disallow the access from a specific domain that use a link to our site ?

thanks

Pascal

Justec · August 10, 2006, 11:33am

I know you can use .htaccess file to prevent hotlinking to images on your site.

Something like:

Rewriteengine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://your_domain.com/.*$ [NC]
RewriteCond %{HTTP_REFERER} !^http://www.your_domain.com/.*$ [NC]
RewriteRule .*.(gif|GIF|jpg|JPG)$ - [F]

Not sure what you are trying to block though, b/c there is no way to block someone putting a link to someone elses site.

system · August 10, 2006, 12:18pm

Thanks Justin

I already use this as there is a lot of example in google, but in our case we try to block all request coming from a particular referer (domain)

A website has created a link to our site and it generates huge bandwidth traffic. So we’d like to block all incoming request from this referer

As told we tried a lot of things like :

RewriteEngine on
RewriteCond %{REMOTE_REFERER} ^http://www.ehrensenf.de/.$ [NC]
RewriteRule . Cinémannecy : tout savoir sur les cinéma Annéciens ! [R,L]

or

RewriteEngine on
RewriteCond %{HTTP_REFERER} ehrensenf.de [OR]
RewriteCond %{REMOTE_REFERER} ehrensenf.de
RewriteRule ^.* %{HTTP_REFERER} [R,L]

or

RewriteCond %{REMOTE_REFERER} ^http://www.ehrensenf.de/.$ [NC]
RewriteRule . Cinémannecy : tout savoir sur les cinéma Annéciens ! [R,L]

or

<LIMIT GET POST>
order allow,deny
allow from all
deny from ehrensenf.de

etc…

No one work !!!

(when we click on the link linked to our site from the referer site, our page is shown, no redirection is made)

Normaly we could block all incoming request coming from a specific referer, no ?

Thanks

Pascal

Justec · August 10, 2006, 12:56pm

Ok, I understand what you are trying to do now. Doing a little googling I think I found something that might work. Try it an let me know, I’m interested on if this works.

RewriteEngine on
RewriteCond %{HTTP_REFERER} www\.ehrensenf\.de [NC,OR]
RewriteCond %{HTTP_REFERER} ehrensenf\.de
RewriteRule .* - [F]

system · August 11, 2006, 3:23am

[QUOTE=Justec;9504]Ok, I understand what you are trying to do now. Doing a little googling I think I found something that might work. Try it an let me know, I’m interested on if this works.

RewriteEngine on
RewriteCond %{HTTP_REFERER} www\.ehrensenf\.de [NC,OR]
RewriteCond %{HTTP_REFERER} ehrensenf\.de
RewriteRule .* - [F]

[/QUOTE]

Same… :\

If we go on http://www.ehrensenf.de/2006/07/31/beolingus-virtuelle-flaschenpost-dice-wars

and click on the link Animationsfilme then we are routed to http://www.cinemannecy.fr/films06.htm

It’s like the http_referer or remote_referer is not set !

Pascal

Fr3d · August 11, 2006, 1:59pm

It seems to work for me pascal… I got this:

Access forbidden!
ERREUR 403

Vous pouvez avoir cette erreur pour plusieurs raisons
Mod Security

C’est la raison principale qui peut causer cette erreur. Si tel est le cas cela veut dire que votre requ?te a ?t? bloqu?e par l’une de nos r?gles mod_security. En effet nous prot?geons nos serveurs et donc nos clients contre les hacks/exploits/spam les plus connus
Usage excessif:

Cela veut dire que vous avez certainement ?t? marqu? comme ?tant un utilisateur qui “abuse”. Cela arrive lorsque vous avez ouvert trop de page web en un laps de temps minimum. En effet, nous protegeons nos serveurs et donc nos clients des tentatives d’attaques DoS and DDoS.

[…]

system · August 11, 2006, 3:10pm

lolFor it doesn’tYou mean, when yu go on http://www.ehrensenf.de/2006/07/31/b...post-dice-warsand click on the link Animationsfilme yu’ve got this error ?I notPascal

tiger · August 11, 2006, 8:18pm

I have tested and for me the “Animationsfilme” link goes to http://www.cinemannecy.fr/films06.htm (no “Access forbidden!” or any errors)

JustMe · August 15, 2006, 5:41pm

Perhaps using PHP, something like:


if (stripos($_SERVER['HTTP_REFERER'], 'ehrensenf.de') !== false) {
    die(); //or redirect 
}

Should work…