[SATLUG] hostile referer

Charles Hogan cd_satl at futuretechsolutions.com
Tue Mar 31 12:40:28 CDT 2009


Could you sanitize a couple of log entries from domain-b accesses and 
post them.  That could be of some help.

Jeremy Mann wrote:
> On Tue, Mar 31, 2009 at 11:31 AM, Charles Hogan
> <cd_satl at futuretechsolutions.com> wrote:
>> This looks like a fun one to work out.  From your post, I am going to assume
>> that domain-b.com is an entirely hostile entity and that no links referrals
>> from them are to be trusted, and should all get pointed to a
>> "bad-referer.html".
>>
>> I would use apache's mod_rewrite in this case, starting with the following
>> directives, and tweaking from there.
>>
>> RewriteEngine On
>> ReWriteCond %{HTTP_REFERER} *.domain-b.com
>> RewriteRule .* http://domain-a.com/bad-referer.html
>>
>> Documentation for mod_rewrite:
>> http://httpd.apache.org/docs/1.3/mod/mod_rewrite.html
>>
>> Nice guide for writing rewrite rules, (including a better referer-based
>> deflector, almost all the way to the bottom of the page):
>> http://httpd.apache.org/docs/1.3/misc/rewriteguide.html
> 
> Charles, this was the first thing I tried along with HOST and REFERER.
> The problem I am seeing is the REFERER in this case, domain-b is
> simply forwarding requests from their domain to ours so the logs just
> show a http request from domain-b instead of domain-a.
> 


More information about the SATLUG mailing list