LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
Search this Thread
Old 02-13-2006, 02:29 AM   #1
abefroman
Senior Member
 
Registered: Feb 2004
Location: Chicago
Distribution: CentOS
Posts: 1,249

Rep: Reputation: 53
Is there a way to block people from accessing my site if they came from a certin url?


Is there a way to block people from accessing my site if they came from a certin url?

Example:
site-xyz.com has a link to my site and I want apache to not display the site if that is the referring URL.

Is there anyway to do that?
 
Old 02-13-2006, 04:06 AM   #2
bathory
Guru
 
Registered: Jun 2004
Location: Piraeus
Distribution: Slackware
Posts: 10,879

Rep: Reputation: 1322Reputation: 1322Reputation: 1322Reputation: 1322Reputation: 1322Reputation: 1322Reputation: 1322Reputation: 1322Reputation: 1322Reputation: 1322
You can edit your httpd.cond and inside the <Directory...> section that defines your DocumentRoot change the allow/deny directives to read:
Code:
<Directory /some/path/to DocumentRoot>
...
Order Allow,Deny
Allow from all
Deny from site-xyz.com
...
</Directory>
 
Old 02-13-2006, 09:00 PM   #3
btmiller
Senior Member
 
Registered: May 2004
Location: In the DC 'burbs
Distribution: Arch, Scientific Linux, Debian, Ubuntu
Posts: 4,058

Rep: Reputation: 295Reputation: 295Reputation: 295
I think that will deny all users who connect from a computer on the site-xyz.com domain. The original poster was asking about referalls. I'd probably use a simple PHP script to check the HTTP referrer variable and forward the user to an access deny page if they came from site-xyz.com. However, this is fairly easily circumvented, since browsers can be configured not to send referrer data. You can of course check for a valid referer, but this will probably block some amount of legitimate traffic.
 
Old 02-13-2006, 09:33 PM   #4
Capt_Caveman
Senior Member
 
Registered: Mar 2003
Distribution: Fedora
Posts: 3,658

Rep: Reputation: 57
You could also use mod_rewrite and base your decisions on the HTTP_REFFERER variable

There's an exact tutorial for doing this, under "Blocked Inline-Images".
 
Old 02-13-2006, 10:47 PM   #5
abefroman
Senior Member
 
Registered: Feb 2004
Location: Chicago
Distribution: CentOS
Posts: 1,249

Original Poster
Rep: Reputation: 53
Is there a way to do it with SNORT?
 
Old 02-13-2006, 11:16 PM   #6
Capt_Caveman
Senior Member
 
Registered: Mar 2003
Distribution: Fedora
Posts: 3,658

Rep: Reputation: 57
Do you already have it running as SNORT-inline or just as a sensor? Trying to use SNORT would be messy, you'd need to pull the referrer from the http header and then come up with a regex to match.

Apache already has mod_rewrite installed and all you need to do is turn the ReWriteEngine on and use the [F] Forbid target to block any requests where the refferer isn't you (except for index.html).
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Block URL request in server spiffytech Linux - Security 2 02-08-2006 09:16 PM
Linux torrent site, would people use it? Devboy Linux - General 16 01-19-2005 11:11 AM
How do I link a file to a URL site. AZDAVE Linux - Networking 2 10-14-2004 06:30 PM
How do most people use this site? vdogvictor General 13 06-21-2004 12:05 AM
Sendmail. Any way to block people from sending mail as me ForumKid Linux - Software 1 08-28-2003 12:32 PM


All times are GMT -5. The time now is 08:10 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration