Programs: Lock up your servers against Fusker

Altheon · 2005-03-29, 03:11 AM

I just tried to fusker my site and it failed so I know this code works:

Code:

Options +FollowSymlinks
RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://(www\.)?mydomain.com(/)?.*$     [NC]
RewriteRule .*\.(gif|jpg|jpeg|bmp|fla|mov|avi|wmv)$ - [F,NC]

If you all see a problem with it please let me know.

Additionally if you want to protect your directory structure from being viewed pop this little bit of code in there:

Code:

Options -Indexes

Then you will not have to put an index.html in each directory.

-A

Wenchy · 2005-03-29, 05:23 PM

Okay, so can someone answer a couple of questions for me, please?

First, I'm working under the assumption that this code...

RewriteEngine on
# leave this line in allow empty referrers, remove to disallow empty referrers
RewriteCond %{HTTP_REFERER} !^$ [NC]
RewriteCond %{HTTP_REFERER} !^http://(.*@)?([a-z0-9-]+\.)*yourdomain\.com(:[0-9]+)?(/.*)?$ [NC]
RewriteCond %{HTTP_REFERER} !^http://(.*@)?1\.2\.3\.4(:[0-9]+)?(/.*)?$
RewriteRule .*\.(asf|mpg|mpeg|wmv|avi|rm|gif|jpeg|jpg|zip)$ - [NC,F,L]

...is the recommended .htaccess for anti-fuskering my domains? I can/should repeat this line...

RewriteCond %{HTTP_REFERER} !^http://(.*@)?([a-z0-9-]+\.)*yourdomain\.com(:[0-9]+)?(/.*)?$ [NC]

... for each of my domains that I want included.

Second, the code that grandmascrotum put up there a couple of posts... I heard somewhere that that huge string can actually put a load on your server each time a page, any page, is loaded. Any truth to that rumor? And, assuming the rumor is false, is there any clear evidence that using that "collection" in my .htaccess actually does any good these days?

Thanks

2005-03-29, 03:11 AM	#1
Altheon Heh Heh Heh! Lisa! Vampires are make believe, just like elves and gremlins and eskimos! Join Date: Jan 2004 Posts: 74	I just tried to fusker my site and it failed so I know this code works: Code: Options +FollowSymlinks RewriteEngine on RewriteCond %{HTTP_REFERER} !^$ RewriteCond %{HTTP_REFERER} !^http://(www\.)?mydomain.com(/)?.$ [NC] RewriteRule .\.(gif\|jpg\|jpeg\|bmp\|fla\|mov\|avi\|wmv)$ - [F,NC] If you all see a problem with it please let me know. Additionally if you want to protect your directory structure from being viewed pop this little bit of code in there: Code: Options -Indexes Then you will not have to put an index.html in each directory. -A

2005-03-29, 05:23 PM	#2
Wenchy Trying is the first step towards failure Join Date: Jan 2005 Location: Mile High City Posts: 120	For the .htaccess challenged, a summation if you please... Okay, so can someone answer a couple of questions for me, please? First, I'm working under the assumption that this code... RewriteEngine on # leave this line in allow empty referrers, remove to disallow empty referrers RewriteCond %{HTTP_REFERER} !^$ [NC] RewriteCond %{HTTP_REFERER} !^http://(.@)?([a-z0-9-]+\.)yourdomain\.com(:[0-9]+)?(/.)?$ [NC] RewriteCond %{HTTP_REFERER} !^http://(.@)?1\.2\.3\.4(:[0-9]+)?(/.)?$ RewriteRule .\.(asf\|mpg\|mpeg\|wmv\|avi\|rm\|gif\|jpeg\|jpg\|zip)$ - [NC,F,L] ...is the recommended .htaccess for anti-fuskering my domains? I can/should repeat this line... RewriteCond %{HTTP_REFERER} !^http://(.@)?([a-z0-9-]+\.)yourdomain\.com(:[0-9]+)?(/.)?$ [NC] ... for each of my domains that I want included. Second, the code that grandmascrotum put up there a couple of posts... I heard somewhere that that huge string can actually put a load on your server each time a page, any page, is loaded. Any truth to that rumor? And, assuming the rumor is false, is there any clear evidence that using that "collection" in my .htaccess actually does any good these days? Thanks __________________ I was thinking of the immortal words of Socrates, who said, "I drank what?"*