Programs: Lock up your servers against Fusker

[cd34]

So, with that, we have:

RewriteEngine on
# optionally allow empty referrers, remove to disallow empty referrers
RewriteCond %{HTTP_REFERER} !^$ [NC]
RewriteCond %{HTTP_REFERER} !^http://(.*@)?([a-z0-9-]+\.)*yourdomain.com(:[0-9]+)?(/.*)?$ [NC]
RewriteRule .*\.(asf|mpg|mpeg|wmv|avi|rm|gif|jpeg|jpg)$ - [NC,F,L]

That basic rule should work in 99% of the situations. I've regression tested it with all of the test-set that I created earlier. I'll run with this on some real world testing on some clients.

Thank you Raymor for helping us come up with a fairly well protected drop-in rule that we can perhaps slap in a faq somewhere for webmasters to somewhat protect themselves. I know the .wmv is somewhat useless, but, it will stop some of the siterippers that do send referrers.

Then maybe we can get the submission pages to link back to a FAQ page at greenguysboard.com and educate the freesite/tgp submitters a bit.

[frankthetank]

Quote:

Originally Posted by cd34

So, with that, we have:

RewriteEngine on
# optionally allow empty referrers, remove to disallow empty referrers
RewriteCond %{HTTP_REFERER} !^$ [NC]
RewriteCond %{HTTP_REFERER} !^http://(.*@)?([a-z0-9-]+\.)*yourdomain.com(:[0-9]+)?(/.*)?$ [NC]
RewriteRule .*\.(asf|mpg|mpeg|wmv|avi|rm|gif|jpeg|jpg)$ - [NC,F,L]

That basic rule should work in 99% of the situations. I've regression tested it with all of the test-set that I created earlier. I'll run with this on some real world testing on some clients.

Thank you Raymor for helping us come up with a fairly well protected drop-in rule that we can perhaps slap in a faq somewhere for webmasters to somewhat protect themselves. I know the .wmv is somewhat useless, but, it will stop some of the siterippers that do send referrers.

Then maybe we can get the submission pages to link back to a FAQ page at greenguysboard.com and educate the freesite/tgp submitters a bit.

I read the thread carefully and just looked at my stats. So I´m a victim of fusker, too. I tried out cd34 code and it works. My pics are gone from fusker and they can be seen from my domain.

Thank´s all of you...

[swedguy]

Quote:

Originally Posted by cd34

RewriteEngine on
# optionally allow empty referrers, remove to disallow empty referrers
RewriteCond %{HTTP_REFERER} !^$ [NC]
RewriteCond %{HTTP_REFERER} !^http://(.*@)?([a-z0-9-]+\.)*yourdomain.com(:[0-9]+)?(/.*)?$ [NC]
RewriteRule .*\.(asf|mpg|mpeg|wmv|avi|rm|gif|jpeg|jpg)$ - [NC,F,L]

It's looking good. I would add a line for the IP too.

RewriteCond %{HTTP_REFERER} !^http://(.*@)?1\.2\.3\.4(:[0-9]+)?(/.*)?$

or

RewriteCond %{HTTP_REFERER} !^http://(.*@)?(([a-z0-9-]+\.)*yourdomain.com|1\.2\.3\.4)(:[0-9]+)?(/.*)?$ [NC]

I just ran a quick test and the latter is slightly faster, but a lot more messy if people should just copy/paste it and replace domain and IP in it.

[amber438]

Quote:

Originally Posted by cd34

RewriteCond %{HTTP_REFERER} !^$ [NC]

This line..for some reason I removed it from my htaccess files. I can not remember why. What does it do?

I share phpadsnew with all my domain ergo I have to list them all to get the ads to show.
I've also added what grandma scrotum has listed so my htaccess is a mile long..
so..how can we shorten it alos getting the most protection possible?