[mdlug] The joys of site proprietorship
Ingles, Raymond
Raymond.Ingles at compuware.com
Mon Feb 10 08:52:15 EST 2014
Running the site for the Android app I wrote, it's been going fine for a few months. Now some stupid bot in Russia found it. It's not hacking anything, it's just hitting my site with fake "referer" tags, lots of different ones but 90% from the '.ru' domain. Which is a waste of time since my logs aren't visible, but the bot doesn't care. It fills up my logs with fake traffic, making it hard to figure out where actual referrals are coming from.
It uses several different IPs, so I had to hack up my .htaccess file to block them.
I've only had a handful of sales from Russia anyway, so I block all .ru referrers with:
RewriteCond %{HTTP_REFERER} \.biz [NC,OR]
RewriteCond %{HTTP_REFERER} \.ru [NC,OR]
RewriteCond %{HTTP_REFERER} \.cn [NC]
RewriteRule .* - [F]
(Google play doesn't sell in China anyway, and I've never seen anything useful come from .biz, so I block those too.)
I added a few specific ones that aren't .ru or .biz, and then, since I was doing it anyway, I added a bunch of stuff from https://www.addedbytes.com/blog/block-referrer-spam/
I can test it with something simple like:
wget --referer http://weeble.biz [my site's url]
If the .htaccess file is working, I get "403 Forbidden" as a result.
(Note, the actual word is spelled 'referrer', but the HTTP standard misspells it "referer".)
The contents of this e-mail are intended for the named addressee only. It contains information that may be confidential. Unless you are the named addressee or an authorized designee, you may not copy or use it, or disclose it to anyone else. If you received it in error please notify us immediately and then destroy it
More information about the mdlug
mailing list