Ravens PHP Scripts: Forums
 

 

View next topic
View previous topic
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> Security - Other
Author Message
Susann
Moderator


Joined: Dec 19, 2004
Posts: 3191
Location: Germany:Moderator German NukeSentinel Support

PostPosted: Wed Aug 20, 2008 10:39 am Reply with quote

It looks like viagra isn´t popular enough anymore so they try to catch new buyers with cheap cigaretttes.

Normally cigarettes and cigarettes aren´t the same. There are great differances with the quality.
Thats not about cigarettes but you should know to buy this online is dangerous cause you need to pay online or with your credit card.
Anyway it looks like there are mass of bad referers with different kinds of cigarettes. I could add just "cigarettes" in my string blocker, or each sort"Marlboro" "Pall-Mall-cigarettes"etc. etc..
But I would prefer to add it into .htaccess.
How should the rules look like.
 
View user's profile Send private message
Raven
Site Admin/Owner


Joined: Aug 27, 2002
Posts: 17077

PostPosted: Wed Aug 20, 2008 11:12 am Reply with quote

Susan,

I'm not clear on exactly what you're after. Is the content you want to trap actually in the referrer url?
 
View user's profile Send private message
Susann
PostPosted: Wed Aug 20, 2008 11:21 am Reply with quote

I want to trap all referer urls with cigarettes in it and the name of the cigarette e.g. Marlboro like VinDSL did a time ago within .htacces I just couldn´t find his example anymore.
The bad referer looks like this:
Only registered users can see links on this board! Get registered or login! Only registered users can see links on this board! Get registered or login! Only registered users can see links on this board! Get registered or login! Only registered users can see links on this board! Get registered or login!
 
Susann
PostPosted: Wed Aug 20, 2008 1:47 pm Reply with quote

I found it and will block the referer based on the keyword within the url.
Only registered users can see links on this board! Get registered or login!
 
Raven
PostPosted: Wed Aug 20, 2008 1:48 pm Reply with quote

So many ways Laughing

# Trap any request with the word cigarettes anywhere in the url
SetEnvIfNoCase Referer ".*(cigarettes).*" BadReferer
order deny,allow
deny from env=BadReferer

# or to be a little more discriminating
# Trap any request with the word -cigarettes anywhere in the url
SetEnvIfNoCase Referer ".*(-cigarettes).*" BadReferer
order deny,allow
deny from env=BadReferer

# or to be even more discriminating
# Trap any request with specific kinds anywhere in the url
SetEnvIfNoCase Referer ".*(Marlboro-cigarettes|More-cigarettes|LM-cigarettes).*" BadReferer
order deny,allow
deny from env=BadReferer

# or to catch all of the above filter with less programming
# Trap any request with the word cigarettes preceded by any number of words containing (A-Z, a-z, 0-9, -) anywhere in the url
# This is like the second option but more restrictive
SetEnvIfNoCase Referer ".*([A-Za-z0-9-]*cigarettes).*" BadReferer
order deny,allow
deny from env=BadReferer

# or to try to outsmart misspellings
# Trap any request with the word cigar preceded by any number of words containing (A-Z, a-z, 0-9, -) and ending anywhere in the url
# This is like the second option but more restrictive
SetEnvIfNoCase Referer ".*([A-Za-z0-9-]*cigar).*" BadReferer
order deny,allow
deny from env=BadReferer


You could also use mod_rewrite to redirect them but the chances are they are not at a terminal so a redirect is really just a waste of time/bandwidth.

Hope this helps Wink
 
Susann
PostPosted: Thu Aug 21, 2008 12:56 am Reply with quote

Cool, thanks a lot ! Wink
 
Display posts from previous:       
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> Security - Other

View next topic
View previous topic
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum


Powered by phpBB © 2001-2007 phpBB Group
All times are GMT - 6 Hours
 
Forums ©