Visit Our UNIX and Linux User Community


How to Block/Ban Traffic From Specific Referrer


 
Thread Tools Search this Thread
Top Forums UNIX for Dummies Questions & Answers How to Block/Ban Traffic From Specific Referrer
# 1  
Old 01-12-2007
How to Block/Ban Traffic From Specific Referrer

I've got a problem site that I need to block all referrers, but if possible, I'd really like to ban all ip's at the same time so that they can't figure out a way around it.

Any ideas?
# 2  
Old 01-12-2007
You don't say which OS we're talking about but you might be able to modify your firewall to block that IP or IP range. You can also use the /etc/hosts.deny file and put them in there.

Carl
# 3  
Old 01-12-2007
it's apache
# 4  
Old 01-12-2007
Quote:
Originally Posted by osoamor
it's apache
That's fine. Apache on what? Smilie

Some OS's (like Linux or BSD) have firewalls as part of the default installation. You can set up a quickie firewall rule to block the IP address.

OpenBSD firewall example from my web server:

Code:
# cat /etc/pf.conf
# External interface and address
ext_if="vr0"
ext_ad="xx.xx.xx.xx/32"

# in general, block all incoming connections
block in on $ext_if

# block all net idiots
block in quick on $ext_if inet proto tcp from [badipaddr] port = 80

# let all outbound traffic go
pass out quick on $ext_if inet from ($ext_if) to any flags S/SA keep state

# let everyone else access the web server
pass in quick on $ext_if inet proto tcp from any to ($ext_if) port = 80 flags S/SA modulate state

I believe you can use your /etc/hosts.deny file to block access to your web server. As you can see, I use my firewall for that so I'd have to do a little search before I could present an example for you. Try googling on hosts.deny.

Oh and of course, don't use my pf.conf file without knowing what every rule does. I've clipped out a bunch of rules so I can show you a little example.

Carl
# 5  
Old 01-12-2007
duh.. i'm on linux

What I want to do is verify if they're coming from said domain, than automatically ban them but with the biter being that their ip gets stored for further blocking so that they don't just try coming in without a referrer or a different referrer.

Am I making sense? I might not be because I'm unfamliar with it all. What I have read is using the htaccess file in combination with the cgi-bin. Have you heard of that?
 

Previous Thread | Next Thread

10 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

Add a block of code at the end of a specific block

I need to search for a block with the starting pattern say "tabId": "table_1", and ending pattern say "]" and then add a few lines before "]" "block1":"block_111" "tabId": "table_1", "title":"My title" ..... .... }] how do I achieve it using awk and sed. Thanks, Lakshmi (3 Replies)
Discussion started by: Lakshmikumari
3 Replies

2. Proxy Server

IPtable rules for DNS/http/https traffic for specific hosts only, not working.

Hi there, I have a VPS and am working on a little side project for myself and friend which is a DNS proxy. Everything was great till recently. My VPS IP has been detected by some botnet or something, and I believe SMURF attacks are occuring. The VPS provider keeps shutting down my VPS... (3 Replies)
Discussion started by: phi0x
3 Replies

3. SCO

OSR 5.0.7 need to block a specific IP

There are huge number of messages in syslog suggesting one of the client's IP is trying to telnet/ssh/pop/imap into the OSR5.0.7 system, it happens every minute or so, see a snippet below Oct 9 13:11:20 myhost popper: (null) at 192.168.1.123 (192.168.1.123): -ERR POP EOF or I/O Error: 25... (3 Replies)
Discussion started by: migurus
3 Replies

4. UNIX for Advanced & Expert Users

Linux bridged firewall - monitor traffic & block IP

Hi All, I successfully configured a DEBIAN Lenny bridged firewall using ebtables. The bridged interface is br0. The ethernet interface are eth0 & eth1 respectively. All the traffic are transparently passing my firewall but i need to find & block temporarily the bandwidth abusers. Can... (1 Reply)
Discussion started by: coolatt
1 Replies

5. IP Networking

How does a router directs the internet traffic to a specific host in the private network?

how does a router directs the internet traffic to a specific host in the private network? Example: My PC has ip 192.168.134.100 Router has ip 192.168.134.200 My company's ip 202.52.150.33 When i try to access internet, say google, it traverses from... (1 Reply)
Discussion started by: Arun_Linux
1 Replies

6. IP Networking

block windows file sharing traffic between networks

I have a LAN for users 192.0.3.0 I have a WAN for servers 192.0.0.0 I have a iptables capable router with a static route from 192.0.3.0 to 192.0.0.0 my problem is SMB file sharing traffic is leaking on to our 192.0.0.0 and causing congestion. I only have one printer IP address that needs... (13 Replies)
Discussion started by: herot
13 Replies

7. Web Development

PHP Help - Delete cookies and redirect back to referrer

I was wondering if any one would be willing to help me with this. I'd like to create a 503 error page using a PHP script that will do the following: - delete all cookies that contains 'something' in the host and 'JSESSIONID' as the cookie name. There are either 1 or 2 cookies that each... (0 Replies)
Discussion started by: Adrnalnrsh
0 Replies

8. Shell Programming and Scripting

Block incoming traffic FTP from internet using iptables

Hi everybody. I have the next scenary: eth0: WAN eth1: DMZ eth2: LAN I need to block all incoming trafic from the internet through my network LAN using iptables. I have squid but i need to do this using ipatbles. I have been listening about iptables -A FORDAWARD but I am stuck right... (0 Replies)
Discussion started by: edeamat
0 Replies

9. Shell Programming and Scripting

Extracting specific block

Hi Everyone , have a great day i have a file which has almost 20,000 blocks each starting with this particular line " rTCCreditControlRecord " , how can i bring out the 7172 block out of that file Thanks in Anticipation (7 Replies)
Discussion started by: Dastard
7 Replies

10. IP Networking

block telnet to specific port

Hello All I am running redhat linux 7.2 and would like to know how i can block telnetting to a specified port . say for example i would like to block telnet acesses to port 80. regards Xiamin (5 Replies)
Discussion started by: xiamin
5 Replies

Featured Tech Videos