1. Advertising
    y u no do it?

    Advertising (learn more)

    Advertise virtually anything here, with CPM banner ads, CPM email ads and CPC contextual links. You can target relevant areas of the site and show ads based on geographical location of the user if you wish.

    Starts at just $1 per CPM or $0.10 per CPC.

Htaccess block useragent / url

Discussion in 'Security' started by Bernd_de, Sep 26, 2015.

  1. #1
    i have a forum this will be attcked by somebody and bring the side down.
    i take a look into the last visitor file and see that all "visitors" will have "worldpress/.x.x." as referrer.

    this i have controlled by htaccess with

    RewriteCond %{HTTP_USER_AGENT} ^Java
    RewriteRule ^.*$ - [F]
    RewriteCond %{HTTP_USER_AGENT} ^WordPress [NC]
    RewriteRule ^.*$ - [F]

    this works right now this "visitors" get a 404 error so far so good

    but i get also 1000s of request with referrer e.g - 61 81882 - 1109657 this nubers will be changed always so i cant pick them up.

    the next point which are always the same is the Url /forum/?60905=62242

    also this 60905=62242 is random

    so the question s how i can block the url "/forum/?" or redirect them

    i cant block /forum/ because there are my forum :)

    what i can to to protect my forum?

    thx for help!
     
    Bernd_de, Sep 26, 2015 IP
  2. zacharooni

    zacharooni Well-Known Member

    Messages:
    346
    Likes Received:
    20
    Best Answers:
    4
    Trophy Points:
    120
    #2
    Try something like this?

    # Block NNNNN=NNNNN in /forum/ subdirectory
    RewriteCond %{REQUEST_URI} ^/forum/.*$
    RewriteCond %{QUERY_STRING} \?.*([\d+]{1,})\=([\d+]{1,}).*$
    RewriteRule .* [F]​
     
    zacharooni, Oct 5, 2015 IP