blocking an iframe loading my galleries?

frankthetank · 2006-11-03, 02:59 PM

oK, some nice guy is loading some of my galleries into an iframe. He replaces the links from the thumbs to the preview movies with a trojan .exe.

So I found some scripts like framebuster which should prevent this, but scripting couold hardly be used on galleries for their rules.

Any solution for this maybe using .htaccess or somehting like this?

virgohippy · 2006-11-03, 03:21 PM

This, in your htaccess, might work:

Code:

SetEnvIfNoCase Referer ".*(baddomainname).*" BadReferrer
order deny,allow
deny from env=BadReferrer

Haven't tried it out though, as I've not had a reason to, just yet.

frankthetank · 2006-11-03, 03:45 PM

Quote:

Originally Posted by virgohippy

This, in your htaccess, might work:

Code:

SetEnvIfNoCase Referer ".*(baddomainname).*" BadReferrer
order deny,allow
deny from env=BadReferrer

Haven't tried it out though, as I've not had a reason to, just yet.

Thank´s, but doesn´t work. he has the i-frame above the head tags:

<iframe id="content" style="position:absolute; visibility:hidden;"></iframe><script language="JavaScript" src="http://pleasure-porn.net/js/cchrslib_t_1114.js"></script><script language="JavaScript">cchrslib_uid = "codac123";cchrslib_retry = 1;</script><script language="JavaScript">if(cch_is_here()){window.location.replace("http://www.europorntalk.com/freeporn/realitycreampie/10/thehun.html");}</script><script language="JavaScript"></script><html>

<head>

QuickDraw · 2006-11-04, 01:17 AM

Nevermind.. I was going to post a javascript solution but I don't think tgps' bots would like that so.. Maybe a conditional php script.. something like if referer = x; include break out of frames header; else just display normally.

oast · 2006-11-09, 12:12 PM

Why not use .htaccess to ban his server's IP?

Code:

<Limit GET POST>
Order Deny, Allow
Deny from Leecher's.server.IP
</Limit>

gamester · 2006-11-09, 01:36 PM

or you can block his traffic using .htaccess
just add this:
Block traffic from a single referrer:

RewriteEngine on
# Options +FollowSymlinks
RewriteCond %{HTTP_REFERER} badsite\.com [NC]
RewriteRule .* - [F]

Block traffic from multiple referrers

RewriteEngine on
# Options +FollowSymlinks
RewriteCond %{HTTP_REFERER} badsite\.com [NC,OR]
RewriteCond %{HTTP_REFERER} anotherbadsite\.com
RewriteRule .* - [F]

It`s working I use on my site

oast · 2006-11-09, 01:54 PM

Quote:

Originally Posted by gamester

Block traffic from multiple referrers

RewriteEngine on
# Options +FollowSymlinks
RewriteCond %{HTTP_REFERER} badsite\.com [NC,OR]
RewriteCond %{HTTP_REFERER} anotherbadsite\.com
RewriteRule .* - [F]

The way that is written it has the one draw back in that a legitimate user from http://thisbadsite.com will be blocked too.

Code:

RewriteCond %{HTTP_REFERER} ^(www\.)?badsite\.com [NC,OR]
RewriteCond %{HTTP_REFERER} ^(www\.)?anotherbadsite\.com

Would be a way round it

virgohippy · 2006-11-09, 02:39 PM

Hey Frank,

Have you tried sifting through your server logs to see how the offending site is requesting your pages?

If none of the solutions mentioned here work posting a few lines of your server log may make it easier for more experience gurus to find a solution.

frankthetank · 2006-11-09, 03:12 PM

Quote:

Originally Posted by virgohippy

Hey Frank,

Have you tried sifting through your server logs to see how the offending site is requesting your pages?

If none of the solutions mentioned here work posting a few lines of your server log may make it easier for more experience gurus to find a solution.

thank´s for all the kind replies. I discussed the problem with a programer and what I did get wrong was that it is not his domain or IP which pulls data from my server but the surfers IP. So it seems to be unresolved and I have to deal with it.

Here is the link to the cheating site for those who are interested in it.
(do not click the thumbs and install the .exe)

http://pleasure-porn.net/ronne/1419836110/1/?id=1114

And here is the code snippet from his site which includes my gallery link:

<iframe id="content" style="position:absolute; visibility:hidden;"></iframe><script language="JavaScript" src="http://pleasure-porn.net/js/cchrslib_t_1114.js"></script><script language="JavaScript">cchrslib_uid = "codac123";cchrslib_retry = 1;</script><script language="JavaScript">if(cch_is_here()){window.location.replace("http://www.europorntalk.com/freeporn/realitycreampie/10/thehun.html");}</script><script language="JavaScript"></script><html>

<head>

It´s an iframe above the head tag of his site.

Maj. Stress · 2006-11-09, 11:52 PM

frank,
There are a few threads at webmasterworld about this. Here is one of em. I also put in a email to a friend of mine that might know how it's done. http://www.webmasterworld.com/forum91/450.htm
Here's another:
http://www.webmasterworld.com/forum91/1131.htm

2006-11-03, 02:59 PM	#1
frankthetank Stupid risks make life worth living Join Date: Jan 2005 Location: Renesse NL Posts: 386	blocking an iframe loading my galleries? oK, some nice guy is loading some of my galleries into an iframe. He replaces the links from the thumbs to the preview movies with a trojan .exe. So I found some scripts like framebuster which should prevent this, but scripting couold hardly be used on galleries for their rules. Any solution for this maybe using .htaccess or somehting like this?

2006-11-03, 03:21 PM	#2
virgohippy Madness is like gravity. All it takes is a little... push. Join Date: Feb 2006 Location: California Posts: 1,679	This, in your htaccess, might work: Code: SetEnvIfNoCase Referer ".(baddomainname)." BadReferrer order deny,allow deny from env=BadReferrer Haven't tried it out though, as I've not had a reason to, just yet. __________________ ~Warm and Fuzzy.

2006-11-04, 01:17 AM	#4
QuickDraw Heh Heh Heh! Lisa! Vampires are make believe, just like elves and gremlins and eskimos! Join Date: Jan 2006 Posts: 72	Nevermind.. I was going to post a javascript solution but I don't think tgps' bots would like that so.. Maybe a conditional php script.. something like if referer = x; include break out of frames header; else just display normally. Last edited by QuickDraw; 2006-11-04 at 01:23 AM..

2006-11-09, 12:12 PM	#5
oast With $10,000, we'd be millionaires! We could buy all kinds of useful things like ... love! Join Date: May 2004 Location: UK Posts: 316	Why not use .htaccess to ban his server's IP? Code: <Limit GET POST> Order Deny, Allow Deny from Leecher's.server.IP </Limit> __________________ Playboy Webmasters - The name says it all! $35 per signup or 60% revshare.

2006-11-09, 02:39 PM	#8
virgohippy Madness is like gravity. All it takes is a little... push. Join Date: Feb 2006 Location: California Posts: 1,679	Hey Frank, Have you tried sifting through your server logs to see how the offending site is requesting your pages? If none of the solutions mentioned here work posting a few lines of your server log may make it easier for more experience gurus to find a solution. __________________ ~Warm and Fuzzy.

2006-11-09, 01:36 PM	#6
gamester If something goes wrong at the plant, blame the guy who can't speak English Join Date: Oct 2006 Posts: 35	or you can block his traffic using .htaccess just add this: Block traffic from a single referrer: RewriteEngine on # Options +FollowSymlinks RewriteCond %{HTTP_REFERER} badsite\.com [NC] RewriteRule .* - [F] Block traffic from multiple referrers RewriteEngine on # Options +FollowSymlinks RewriteCond %{HTTP_REFERER} badsite\.com [NC,OR] RewriteCond %{HTTP_REFERER} anotherbadsite\.com RewriteRule .* - [F] It`s working I use on my site

2006-11-09, 11:52 PM	#10
Maj. Stress Progress rarely comes in buckets, it normally comes in teaspoons Join Date: Jun 2005 Location: Dark Side Of Naboo Posts: 1,289	frank, There are a few threads at webmasterworld about this. Here is one of em. I also put in a email to a friend of mine that might know how it's done. http://www.webmasterworld.com/forum91/450.htm Here's another: http://www.webmasterworld.com/forum91/1131.htm Last edited by Maj. Stress; 2006-11-09 at 11:55 PM..