Results 1 to 3 of 3
  1. #1
    Senior Member FZ's Avatar
    Join Date
    May 2003
    Location
    Johannesburg, South Africa
    Posts
    1,024

    Default Referrer spam - how do I block an IP block/domain?

    *sigh* As if 50+ spam e-mails a day was not enough...

    Looking at my webalizer stats today, I noticed that the number of hits I got yesterday increased 6-fold from the average that I get. Looking further down on this page, I noticed lots of new referrers near the top of my top 30 referrers - all of them porn sites. I knew immediately that I had become the latest victim of referrer log spam. Anyone else here had this problem?

    Here's a line from my access-log (excuse the site - don't go to it):

    213.76.138.97 - - [09/Jul/2003:18:46:41 -0500] "GET // HTTP/1.0" 200 4912 "http://www.1downloadsblvd.com" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; .NET CLR 1.0.3705)"

    There were about 500 requests (within 45 minutes!) in the access-log from this IP (but with differing domain names and browsers) all with those nasty domains as referrers.

    Anyway, I can block the domains in webalizer, but I am equally concerned with the waste of bandwidth/resources on losers that do this. What is the best way for me to block an IP (or IP block or domain) such that nothing is sent to this loser if he tries it again (or to disallow him from showing up in my access logs, etc.)?

    Thanks in advance for any advice!

  2. #2
    Member WestHost - CSimiskey's Avatar
    Join Date
    May 2003
    Location
    Providence, UT
    Posts
    67

    Default

    With WestHost 2.0, you will be able to block access to your site for specific IP's, or even entire blocks of IP's if you wish. Unfortunately until then the best you can do is look into how to block access to your site through use of a .htaccess and the deny rule. Here is a sample .htaccess you could use:
    Code:
    order allow,deny
    deny from 123.45.6.7
    deny from 012.34.5.
    allow from all
    Note the second address does not include a full IP address like the second one. That rule basically blocks that entire class C (1.2.3.*) and with that, you can also block even larger sets of addresses.
    Chris Simiskey

    WestHost Support Department
    Phone: 1-800-222-2165
    FAX: 435-755-3449
    http://members.westhost.com

    When you expect more from your web host
    http://www.westhost.com

  3. #3
    Senior Member FZ's Avatar
    Join Date
    May 2003
    Location
    Johannesburg, South Africa
    Posts
    1,024

    Default

    Thanks Chris. I believe I did try that, with my own IP to see if it worked, but for some reason it did not. My syntax was exactly as yours is. Checking my access-log, I see my ISP automatically used another IP to request the page I wanted to, thereby bypassing the block (weird!). Once I removed it, I tried again, and it switched back to using my own IP!

    Anyway, I'll wait for Westhost 2.0 - doubt this guy will come back anyway. Can you give us an idea as to how the progress is coming along? Will it be released by August as planned?

Similar Threads

  1. Using IP filtering to block spam, etc..
    By thirdroad in forum Solutions
    Replies: 2
    Last Post: 05-09-2007, 01:45 PM
  2. Procmail Rules Help Please
    By proaudiogear4less in forum E-mail / FTP Management
    Replies: 6
    Last Post: 04-16-2006, 04:54 AM
  3. Block Referer Spam via .htaccess?
    By howard in forum General Discussion
    Replies: 11
    Last Post: 11-04-2005, 08:14 AM
  4. 72.26.222.0/23 = Spam Factory, block 'em
    By Jonnyb0y in forum E-mail / FTP Management
    Replies: 0
    Last Post: 07-31-2005, 03:14 PM
  5. SPAM In General
    By JDE in forum E-mail / FTP Management
    Replies: 31
    Last Post: 06-23-2004, 01:55 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •