Results 1 to 5 of 5

Thread: .htaccess 403 error with site referrer banning

  1. #1
    Join Date
    Jul 2015

    .htaccess 403 error with site referrer banning

    (huge NOOB here on everything .htaccess - go easy please )

    Trying to limit our Referring Traffic and eliminate bad stats from our analytics - I added the following to my .htaccess file and the site and, when I do, it 403's the site altogether.

    What am I missing here?

    	<IfModule mod_rewrite.c>
    		RewriteEngine on
    		RewriteCond %{HTTP_REFERER} 100dollars-seo.com [NC,OR]
    		RewriteCond %{HTTP_REFERER} semalt.com [NC,OR]
    		RewriteCond %{HTTP_REFERER} success-seo.com [NC,OR]
    		RewriteRule .* - [F,L]

  2. #2
    Join Date
    Apr 2014
    Just curious if this will work...

    <IfModule mod_rewrite.c>
    		RewriteEngine on
    		RewriteCond %{HTTP_REFERER} 100dollars-seo.com [NC,OR]
    		RewriteCond %{HTTP_REFERER} semalt.com [NC,OR]
    		RewriteCond %{HTTP_REFERER} success-seo.com [NC]
    		RewriteRule .* - [F,L]
    I removed the last OR condition from the last site in your list there. I have a feeling that was catching all traffic since there was no rule after that. Give this a try.

  3. #3
    Join Date
    Oct 2013
    Hopefully BMR777's code fixes your site-wide 403's. For what it's worth there is a shorthand for it:
    RewriteEngine On
    RewriteCond %{HTTP_REFERER} (seo|semalt) [NC]
    RewriteRule .* - [F,L]
    If you already have "RewriteEngine On" in your .htaccess you can delete the one shown. Just add the condition/rule. When you get another nasty referer (sic) add its name and separate it with a "pipe".

    Notice how the code only looks for keywords and not the total referrer address. "seo" and "semalt" are common to more than one of your listed addresses. It'll probably also ban other addresses you don't want. And in case you didn't know, all the domain names you list are owned by semalt, as well as a number of others.

    Now, all that does not fix the problem with those referrers showing up in your stats. Why? Because they are still hitting your site, you're just changing the response code from 200 to 403 and serving a 403 page. So all those referrers still show up in your logs, ergo in your stats which are generated from the logs.

    Something to try may be here:
    I haven't played with it at all. While it demonstrates the technique based on IP (REMOTE_ADDR) it may or may not work for HTTP_REFERER. And it may also depend on your hosts Apache httpd.conf file and a bunch of other things. If you're running your own server it may also be possible to stop the traffic at the firewall. If you're on shared hosting you may not be able to use anything to stop the referrer spam.

    One other thought is if you can put filters on your stats package. You don't state what you use, although by using the word "analytics" I'm thinking Google Analytics. I don't use it so I don't know if filters are available. But again, unless you can stop the traffic at a level above your root folder these hits will always be recorded.
    Last edited by Kevin2; 07-10-2015 at 03:21 PM. Reason: clarification and code update

  4. #4
    Join Date
    Jul 2015
    Kevin/BMR777 - thanks for your help and insight!!! Probably should'a attached the whole file but the piece I didn't tell you was there was another "several" lines of {HTTP_Referer} code.

    Soooooo, one would have thought, hey, why don't you just mimic the style and add it to the end of that code snippet? Which I did, after thinking about it for more than 60 seconds, and it seems to be working.

    Kevin2 - I'm using PIWIK for our analytics. Again, know just enough to get into trouble AND I'll need to look to see if there is way to "filter" out via IP or Domain. However, for the last few days I am no longer seeing any activity from those Domains in our dashboard/logs.

    Thanks again for your help!

  5. #5
    Join Date
    Oct 2013
    Quote Originally Posted by SurfDog View Post
    [...] hey, why don't you just mimic the style and add it to the end of that code snippet? Which I did, after thinking about it for more than 60 seconds [...].
    Haha! That's kind of how I deal with .htaccess/REGEX. While I can mostly figure out what a hunk of code is doing by analyzing it, writing it from scratch is out of my skillset.

    Quote Originally Posted by SurfDog View Post
    I'm using PIWIK for our analytics.
    I'm not familiar with PIWIK, but perhaps it already filters out 403s -- at least for some of the stats.

    Glad it seems to be working!

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
HTML5 Development Center



X vBulletin 4.2.2 Debug Information

  • Page Generation 0.10409 seconds
  • Memory Usage 2,883KB
  • Queries Executed 15 (?)
More Information
Template Usage (34):
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_global_above_footer
  • (1)ad_global_below_navbar
  • (1)ad_global_header1
  • (1)ad_global_header2
  • (1)ad_navbar_below
  • (1)ad_showthread_firstpost_sig
  • (1)ad_showthread_firstpost_start
  • (1)ad_thread_first_post_content
  • (1)ad_thread_last_post_content
  • (3)bbcode_code
  • (2)bbcode_quote
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)headinclude_bottom
  • (5)memberaction_dropdown
  • (1)navbar
  • (4)navbar_link
  • (1)navbar_moderation
  • (1)navbar_noticebit
  • (1)navbar_tabs
  • (2)option
  • (5)postbit
  • (5)postbit_onlinestatus
  • (5)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 

Phrase Groups Available (6):
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files (26):
  • ./showthread.php
  • ./global.php
  • ./includes/class_bootstrap.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/functions_navigation.php
  • ./includes/class_friendly_url.php
  • ./includes/class_hook.php
  • ./includes/class_bootstrap_framework.php
  • ./vb/vb.php
  • ./vb/phrase.php
  • ./includes/functions_facebook.php
  • ./includes/functions_calendar.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_notice.php
  • ./packages/vbattach/attach.php
  • ./vb/types.php
  • ./vb/cache.php
  • ./vb/cache/db.php
  • ./vb/cache/observer/db.php
  • ./vb/cache/observer.php 

Hooks Called (73):
  • init_startup
  • friendlyurl_resolve_class
  • init_startup_session_setup_start
  • database_pre_fetch_array
  • database_post_fetch_array
  • init_startup_session_setup_complete
  • global_bootstrap_init_start
  • global_bootstrap_init_complete
  • cache_permissions
  • fetch_postinfo_query
  • fetch_postinfo
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • load_show_variables
  • load_forum_show_variables
  • global_state_check
  • global_bootstrap_complete
  • global_start
  • style_fetch
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • strip_bbcode
  • friendlyurl_clean_fragment
  • friendlyurl_geturl
  • forumjump
  • cache_templates
  • cache_templates_process
  • template_register_var
  • template_render_output
  • fetch_template_start
  • fetch_template_complete
  • parse_templates
  • fetch_musername
  • notices_check_start
  • notices_noticebit
  • process_templates_complete
  • friendlyurl_redirect_canonical
  • showthread_post_start
  • showthread_query_postids
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • memberaction_dropdown
  • tag_fetchbit
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • build_navigation_data
  • build_navigation_array
  • check_navigation_permission
  • process_navigation_links_start
  • process_navigation_links_complete
  • set_navigation_menu_element
  • build_navigation_menudata
  • build_navigation_listdata
  • build_navigation_list
  • set_navigation_tab_main
  • set_navigation_tab_fallback
  • navigation_tab_complete
  • fb_like_button
  • showthread_complete
  • page_templates