Comments on: How to block a range of IPs from spamming your church website http://healyourchurchwebsite.com/2008/02/14/how-to-block-a-range-of-ips-from-spamming-your-church-website/?utm_source=rss&utm_medium=rss&utm_campaign=how-to-block-a-range-of-ips-from-spamming-your-church-website Teaching, rebuking, correcting & training in righteous web design. Mon, 26 Sep 2011 02:56:07 +0000 hourly 1 http://wordpress.org/?v= By: abelajohnb http://healyourchurchwebsite.com/2008/02/14/how-to-block-a-range-of-ips-from-spamming-your-church-website/comment-page-1/#comment-3912 abelajohnb Thu, 21 Feb 2008 08:20:49 +0000 http://healyourchurchwebsite.com/2008/02/14/how-to-block-a-range-of-ips-from-spamming-your-church-website/#comment-3912 Howdie, This is something we have had to do a substainal amount over at www.ChristianBlog.Com [i](I am the founder/owner)[/i] over the last few years in order to help protect our members, our service, and our equipment. I thought I would share how we have our .htaccess file setup, as some of what is shared in this blog we already do, as well as some things we've had to learn along the way. :) This first bit of code is for when somebody is linking to your website and you do NOT want anybody from that website being able to access your website -- yes, there ARE times when you want this! We had to do this at ChristianBlog.Com when a anti-christian website decided to target us. Rather then simply allowing them to click-through to our website, we simply redirected them back to the website they came from :-p [code] # # Send Some People In Another Direction # first line is from, second line to where too... # RewriteCond %{HTTP_REFERER} ^http://.*some-bad-website.*$ [NC] RewriteRule .* http://www.redirect-to-website.com/ [R] # # [/code] This second bit of code does the same thing, only via IP-address, rather then referral_url -- we had to do this when we had somebody attempt to attack our website, server logs easily showed their ip-address, and simply adding this froze them in their tracks. [code] # # RewriteCond %{REMOTE_ADDR} 65.254.254.* RewriteRule .* http://www.yahoo.com # # [/code] This third block of code can help people from abusing your RSS feeds. We needed to do this when we had another website importing our RSS Feed into their own website, and they refused to heed our requests to not hit our servers with new requests every one minute. So, after emailing them, and them refusing, we simply denied them access to our RSS Feeds via this method. [i](note: it does not always work if the person is using a third-party service for their rss reading)[/i] [code] # # # Block bad domains from accessing feed... # This code will block anything at xxx.xxx.xxx from your accessing feeds # Simply add a new section and access will be denied. # # acquire ip-address from: www.hcidata.co.uk/host2ip.htm # # permanently redirect specific IP request for single page # RewriteCond %{REMOTE_HOST} 65\.254\.240.106 RewriteCond %{REQUEST_URI} /rss\.php$ RewriteRule .* - [F] RewriteCond %{REMOTE_HOST} 65\.254\.240.106 RewriteCond %{REQUEST_URI} /rss\.xml$ RewriteRule .* - [F] # # [/code] This next bit of code does exactly the same thing above, only it is based off of a referral_url rather then an ip-address. [code] # # RewriteCond %{HTTP_REFERER} ^http://(www\.)?bad-website\.come/.*$ [NC] RewriteCond %{REQUEST_URI} /rss\.xml$ RewriteRule .* - [F] RewriteCond %{HTTP_REFERER} ^http://(www\.)?bad-website\.come/.*$ [NC] RewriteCond %{REQUEST_URI} /rss\.php$ RewriteRule .* - [F] # # # [/code] And lastly, we have our standard IP-address ban -- which was explained within this Blog. [code] # # USER IP BANNING # order allow,deny deny from 71.115.98.22 deny from 84.65.102.161 deny from 60.0.131.186 deny from 117.102.57.207 deny from 74.65.177.2 deny from 204.111.32.1 deny from 204.111.35.7 deny from 61.2.213.110 deny from 66.15.242.172 deny from 76.172.240.91 deny from 75.69.229.13 allow from all # # [/code] Now, we also run a couple of other systems at ChristianBlog.Com to prevent abuse... including SQL based ip-address restrictions, and other standard server protection methods. But, the majority of the time, a well written .htaccess file can stop most people from abusing your website. Hope this helps somebody out there! John B. Abela Howdie,

This is something we have had to do a substainal amount over at http://www.ChristianBlog.Com [i](I am the founder/owner)[/i] over the last few years in order to help protect our members, our service, and our equipment.

I thought I would share how we have our .htaccess file setup, as some of what is shared in this blog we already do, as well as some things we’ve had to learn along the way. :)

This first bit of code is for when somebody is linking to your website and you do NOT want anybody from that website being able to access your website — yes, there ARE times when you want this! We had to do this at ChristianBlog.Com when a anti-christian website decided to target us. Rather then simply allowing them to click-through to our website, we simply redirected them back to the website they came from :-p

#
# Send Some People In Another Direction
# first line is from, second line to where too...
#
RewriteCond %{HTTP_REFERER} ^http://.*some-bad-website.*$ [NC]
RewriteRule .* http://www.redirect-to-website.com/ [R]
#
#

This second bit of code does the same thing, only via IP-address, rather then referral_url — we had to do this when we had somebody attempt to attack our website, server logs easily showed their ip-address, and simply adding this froze them in their tracks.

#
#
RewriteCond %{REMOTE_ADDR} 65.254.254.*
RewriteRule .* http://www.yahoo.com
#
#

This third block of code can help people from abusing your RSS feeds. We needed to do this when we had another website importing our RSS Feed into their own website, and they refused to heed our requests to not hit our servers with new requests every one minute. So, after emailing them, and them refusing, we simply denied them access to our RSS Feeds via this method.

[i](note: it does not always work if the person is using a third-party service for their rss reading)[/i]

#
#
# Block bad domains from accessing feed...
# This code will block anything at xxx.xxx.xxx from your accessing feeds
# Simply add a new section and access will be denied.
#
# acquire ip-address from: http://www.hcidata.co.uk/host2ip.htm
#
# permanently redirect specific IP request for single page
#
RewriteCond %{REMOTE_HOST} 65\.254\.240.106
RewriteCond %{REQUEST_URI} /rss\.php$
RewriteRule .* - [F]
RewriteCond %{REMOTE_HOST} 65\.254\.240.106
RewriteCond %{REQUEST_URI} /rss\.xml$
RewriteRule .* - [F]
#
#

This next bit of code does exactly the same thing above, only it is based off of a referral_url rather then an ip-address.

#
#
RewriteCond %{HTTP_REFERER} ^http://(www\.)?bad-website\.come/.*$ [NC]
RewriteCond %{REQUEST_URI} /rss\.xml$
RewriteRule .* - [F]
RewriteCond %{HTTP_REFERER} ^http://(www\.)?bad-website\.come/.*$ [NC]
RewriteCond %{REQUEST_URI} /rss\.php$
RewriteRule .* - [F]
#
#
#

And lastly, we have our standard IP-address ban — which was explained within this Blog.

#
# USER IP BANNING
#

order allow,deny
deny from 71.115.98.22
deny from 84.65.102.161
deny from 60.0.131.186
deny from 117.102.57.207
deny from 74.65.177.2
deny from 204.111.32.1
deny from 204.111.35.7
deny from 61.2.213.110
deny from 66.15.242.172
deny from 76.172.240.91
deny from 75.69.229.13
allow from all
#
#

Now, we also run a couple of other systems at ChristianBlog.Com to prevent abuse… including SQL based ip-address restrictions, and other standard server protection methods. But, the majority of the time, a well written .htaccess file can stop most people from abusing your website.

Hope this helps somebody out there!

John B. Abela

]]>