Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here. |
| Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
 |
02-13-2006, 02:29 AM
|
#1
|
|
Senior Member
Registered: Feb 2004
Location: lost+found
Distribution: CentOS
Posts: 1,430
Rep: 
|
Is there a way to block people from accessing my site if they came from a certin url?
Is there a way to block people from accessing my site if they came from a certin url?
Example:
site-xyz.com has a link to my site and I want apache to not display the site if that is the referring URL.
Is there anyway to do that?
|
|
|
|
|
02-13-2006, 04:06 AM
|
#2
|
|
LQ Guru
Registered: Jun 2004
Location: Piraeus
Distribution: Slackware
Posts: 13,221
|
You can edit your httpd.cond and inside the <Directory...> section that defines your DocumentRoot change the allow/deny directives to read:
Code:
<Directory /some/path/to DocumentRoot>
...
Order Allow,Deny
Allow from all
Deny from site-xyz.com
...
</Directory>
|
|
|
|
|
02-13-2006, 09:00 PM
|
#3
|
|
Senior Member
Registered: May 2004
Location: In the DC 'burbs
Distribution: Arch, Scientific Linux, Debian, Ubuntu
Posts: 4,290
|
I think that will deny all users who connect from a computer on the site-xyz.com domain. The original poster was asking about referalls. I'd probably use a simple PHP script to check the HTTP referrer variable and forward the user to an access deny page if they came from site-xyz.com. However, this is fairly easily circumvented, since browsers can be configured not to send referrer data. You can of course check for a valid referer, but this will probably block some amount of legitimate traffic.
|
|
|
|
|
02-13-2006, 09:33 PM
|
#4
|
|
Senior Member
Registered: Mar 2003
Distribution: Fedora
Posts: 3,658
Rep:
|
You could also use mod_rewrite and base your decisions on the HTTP_REFFERER variable
There's an exact tutorial for doing this, under "Blocked Inline-Images". |
|
|
|
|
02-13-2006, 10:47 PM
|
#5
|
|
Senior Member
Registered: Feb 2004
Location: lost+found
Distribution: CentOS
Posts: 1,430
Original Poster
Rep:
|
Is there a way to do it with SNORT?
|
|
|
|
|
02-13-2006, 11:16 PM
|
#6
|
|
Senior Member
Registered: Mar 2003
Distribution: Fedora
Posts: 3,658
Rep:
|
Do you already have it running as SNORT-inline or just as a sensor? Trying to use SNORT would be messy, you'd need to pull the referrer from the http header and then come up with a regex to match.
Apache already has mod_rewrite installed and all you need to do is turn the ReWriteEngine on and use the [F] Forbid target to block any requests where the refferer isn't you (except for index.html).
|
|
|
|
All times are GMT -5. The time now is 06:47 AM.
|
|
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
|
 Latest Threads
LQ News
|
|
