I have a site that is getting hit had with referer spam from sites with a domain that is always:
http://scanner-{somethin-unique-here}.top
How can I use my htaccess file to block all referers from scanner-xxx.top?
In your site root .htaccess you can use this rule based on HTTP_REFERER variable to block but just remember those sites can change HTTP_REFERER at some point as well:
RewriteEngine On
RewriteCond %{HTTP_REFERER} https?://scanner-.*\.top [NC]
RewriteRule ^ - [F]
Make sure this rule is right at the top as first rule.
Related
A client has asked us to replicate all the content from an old domain (bcsbd.com) to their main domain (ywcacam.org), and also create redirects so the old URLs are still functional. Unfortunately, the URLs aren't exact matches, e.g., [olddomain]/about has become [newdomain]/about_soo_bahk_do. There are less than 10 specific URLs to handle, which we initially did successfully using Redirect statements in the old domain's htaccess file:
# redirect specific pages to page on new domain
Redirect /about http://www.ywcacam.org/about_soo_bahk_do
We also need a catch-all, so that any other requests go to a specific URL on the new domain, e.g., www.bcsbd.com/somefile becomes www.ywcacam.org/soo_bahk_do. We handled this using Rewrite statements:
# catch-all for any requests not specified above
RewriteCond %{HTTP_HOST} ^(bcsbd.com|www.bcsbd.com) [NC]
RewriteRule ^(.*)$ http://www.ywcacam.org/soo_bahk_do [L]
Quick research showed the Rewrite directives (using mod_rewrite) would always be processed before the Redirect directives (using mod_alias). So we replaced the Redirects with Rewrites:
Options +FollowSymlinks
RewriteEngine On
RewriteRule /about http://www.ywcacam.org/about_soo_bahk_do [L]
RewriteRule /programs http://www.ywcacam.org/programs_soo_bahk_do [L]
...
# catch-all for any requests not specified above
RewriteCond %{HTTP_HOST} ^(bcsbd.com|www.bcsbd.com) [NC]
RewriteRule ^(.*)$ http://www.ywcacam.org/soo_bahk_do [L]
The problem is that just the catch-all is working - the new Rewrite rules are being ignored. What are we doing wrong in those statements?
Thanks in advance for the help!
I've got the following 301 redirect in my .htaccess
RewriteCond %{QUERY_STRING} ^$
RewriteRule ^old-site\.com,$ http://www.new-site.com/? [R=301,NE,NC,L]
If i visit
old-site.com
I am redirected correctly.
However, if I visit www.old-site.com, then it doesn't work.
Is there a way of effectively ignoring the www
Edit
There are several entries like this...
for example:
www.old-site.com/page-a-242.html to www.new-site.com/page-a
RewriteRule ignores the domain, so your first rule could be just
RewriteRule ^$ http://www.new-site.com/? [R,L]
For the other specific mappings you might use RewriteMap. See txt: Plain text maps for details on how to use it.
The drawback with RewriteMap is, that it can only be used in the main server config or in a virtual host environment.
I have a folder on my site (domain.com/protect) I want to limit to only one referrer (otherdomain.com/subfolder).
Deny for all others, allow only if coming from that URL.
If not coming from that URL, then redirect the visitor over to otherdomain.com/login instead.
How would I write that out in .htaccess rewrite rules?
In the htaccess file in your /protect directory, add these rules:
RewriteEngine On
RewriteCond %{HTTP_REFERER} !otherdomain\.com/subfolder
RewriteRule ^ - [L,F]
The condition checks that the referer doesn't contain: otherdomain.com/subfolder, and if it doesn't, then whatever the request is (inside the /protect directory) will result in a 403 Forbidden.
Alternatively, you can put these rules in the htaccess file in your document root if you would rather keep everything in once place:
RewriteEngine On
RewriteCond %{HTTP_REFERER} !otherdomain\.com/subfolder
RewriteRule ^/?protect/? - [L,F]
I'm trying to set up a htaccess file that would accomplish the following:
Only allow my website to be viewed if the viewing user is coming from a specific domain (link)
So, for instance. I have a domain called. protect.mydomain.com . I only want people coming from a link on unprotected.mydomain.com to be able to access protect.mydomain.com.
The big outstanding issue I have is that if you get to protect.mydomain.com from unprotected.mydomain.com and click on a link in the protect.mydomain.com that goes to another page under protect.mydomain.com then I get sent back to my redirect because the http_referer is protect.mydomain.com . So to combat that I put in a check to allow the referrer to be protect.mydomain.com as well. It's not working and access is allowed from everywhere. Here is my htaccess file. (All this is under https)
RewriteEngine On
RewriteBase /
RewriteCond %{HTTP_REFERER} ^https://(.+\.)*mydomain\.com
RewriteCond %1 !^(protect|unprotected)\.$
RewriteRule ^.*$ https://unprotected.mydomain.com/ [R=301,L]
You are matching your referer against ^https://(.+\.)*mydomain\.com. Which means if some completely other site, say http://stealing_your_images.com/ links to something on protect.mydomain.com, the first condition will fail, thus the request is never redirected to https://unprotected.mydomain.com/. You want to approach it from the other direction, only allow certain referers to pass through, then redirect everything else:
RewriteEngine On
RewriteBase /
# allow these referers to passthrough
RewriteCond %{HTTP_REFERER} ^https://(protect|unprotected)\.mydomain\.com
RewriteRule ^ - [L]
# redirect everything else
RewriteRule ^ https://unprotected.mydomain.com/ [R,L]
I am trying to make a sitewide 301 redirect for a site with around 400 pages but also have a subset of about 10 individual pages that don't follow the sitewide redirect and should point somewhere else.
Any ideas how to format such redirect rules so the sitewide redirect doesnt conflict with the subset pages redirect?
I am starting with the sitewide redirect rule as:
Options +FollowSymLinks
RewriteEngine on
RewriteRule (.*) http://www.name.com/$1 [R=301,L]
The rewrite rules are parsed in the order they are written, so the order you list them also defines the priority.
Given that, you should first match the request URI with the 10 individual pages and return the redirection accordingly, and then define the sitewide redirection.
If the 10 individual pages have a single target URL, the match rule may be one, otherwise you should do a single redirection per each request URI.
Take care to use the [L] flag for the first redirections, to tell the server to exit the routine if the rule is matched, and I would also suggest to add the line
RewriteBase /
which is pivotal for some Apache versions, in which the omission of this line may cause a http bad conf error.
Options +FollowSymLinks
#switch on the rewrite engine:
RewriteEngine On
RewriteBase /
#rules for the individual redirections:
RewriteRule http://example.com/myUrl-1 http://www.example.org/new-1 [R=301,L]
RewriteRule http://example.com/myUrl-4 http://www.example.org/new-2 [R=301,L]
RewriteRule http://example.com/myUrl-3 http://www.example.org/new-3 [R=301,L]
#...and so on
#sitewide redirection rule:
RewriteRule (.*) http://www.example.org/$1 [R=301]