Is there a way to block people from accessing my site if they came from a certin url?

abefroman · 02-13-2006, 02:29 AM

Is there a way to block people from accessing my site if they came from a certin url?

Example:
site-xyz.com has a link to my site and I want apache to not display the site if that is the referring URL.

Is there anyway to do that?

bathory · 02-13-2006, 04:06 AM

You can edit your httpd.cond and inside the <Directory...> section that defines your DocumentRoot change the allow/deny directives to read:

Code:

<Directory /some/path/to DocumentRoot>
...
Order Allow,Deny
Allow from all
Deny from site-xyz.com
...
</Directory>

btmiller · 02-13-2006, 09:00 PM

I think that will deny all users who connect from a computer on the site-xyz.com domain. The original poster was asking about referalls. I'd probably use a simple PHP script to check the HTTP referrer variable and forward the user to an access deny page if they came from site-xyz.com. However, this is fairly easily circumvented, since browsers can be configured not to send referrer data. You can of course check for a valid referer, but this will probably block some amount of legitimate traffic.

Capt_Caveman · 02-13-2006, 09:33 PM

You could also use mod_rewrite and base your decisions on the HTTP_REFFERER variable

There's an exact tutorial for doing this, under "Blocked Inline-Images".

abefroman · 02-13-2006, 10:47 PM

Is there a way to do it with SNORT?

Capt_Caveman · 02-13-2006, 11:16 PM

Do you already have it running as SNORT-inline or just as a sensor? Trying to use SNORT would be messy, you'd need to pull the referrer from the http header and then come up with a regex to match.

Apache already has mod_rewrite installed and all you need to do is turn the ReWriteEngine on and use the [F] Forbid target to block any requests where the refferer isn't you (except for index.html).