Support

Admin Tools

#32737 how block external referer

Posted in ‘Admin Tools for Joomla! 4 & 5’
This is a public ticket

Everybody will be able to see its contents. Do not include usernames, passwords or any other sensitive information.

Environment Information

Joomla! version
n/a
PHP version
n/a
Admin Tools version
n/a

Latest post by tampe125 on Thursday, 26 March 2020 06:25 CDT

Thursday, 26 March 2020 05:34 CDT

Greg_C
Hello, I have noticed in apache access log hundreds of requests from 
"http://site.ru" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US) AppleWebKit/533.4 (KHTML, like Gecko) Chrome/5.0.375.99 Safari/533.4"
and they come from many IPs – all of this requests gets either 301 or 303 or 503 - for example: 
"GET /index.php HTTP/1.1" 503 16513 "http://site.ru" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US) AppleWebKit/533.4 (KHTML, like Gecko) Chrome/5.0.375.99 Safari/533.4"

or
"GET /k.php HTTP/1.1" 301 239 "http://site.ru" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US) AppleWebKit/533.4 (KHTML, like Gecko) Chrome/5.0.375.99 Safari/533.4"

or
"GET /shx.php HTTP/1.1" 303 - "http://site.ru" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US) AppleWebKit/533.4 (KHTML, like Gecko) Chrome/5.0.375.99 Safari/533.4"


Is it possible to block traffic from this url “site.ru” using .htaccess Maker ? I cannot use IPs to block this traffic (they use many IPs) and I don’t have user agent string in access log to block user agent in .htaccess Maker. Is it possible to use Custom .htaccess rules (I understand code should be added in “Custom .htaccess rules at the bottom of the file" section) in .htaccess Maker and block this traffic ? Reading related results on Akeeba forum I have found thread with following solution:

RewriteCond %{HTTP_REFERER} mycheaptraffic\.com [NC]
RewriteRule .* - [F]


(obviously mycheaptraffic\.com to be change to site\.ru)

However I have also find on Internet forums following solution

  RewriteCond %{HTTP_REFERER} site\.ru [NC]
  RewriteRule ^(.*)$ - [L,R=403]



Can you give me a hint in this aspect?

Regards,
Greg
Edited by Greg_C on 2020-03-26 05:35 CDT

Thursday, 26 March 2020 06:17 CDT

tampe125
Hello,

yes, you are correct, you can use the Htaccess Maker to block those guys.
I'd add those rules in the field Custom rules on top of .htaccess file, so you're going to block them as soon as possible.
The two rules you posted are equivalent, the [F] is just a shorthand for R=403 and the L flag is not required in this case.

Davide Tampellini

Developer and Support Staff

🇮🇹Italian: native 🇬🇧English: good • 🕐 My time zone is Europe / Rome (UTC +1)
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

Thursday, 26 March 2020 06:24 CDT

Greg_C
Hello, ok, thank you for your prompt response

Regards,
Greg

Thursday, 26 March 2020 06:25 CDT

tampe125
You're welcome!

Davide Tampellini

Developer and Support Staff

🇮🇹Italian: native 🇬🇧English: good • 🕐 My time zone is Europe / Rome (UTC +1)
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

Support Information

Working hours: We are open Monday to Friday, 9am to 7pm Cyprus timezone (EET / EEST). Support is provided by the same developers writing the software, all of which live in Europe. You can still file tickets outside of our working hours, but we cannot respond to them until we're back at the office.

Support policy: We would like to kindly inform you that when using our support you have already agreed to the Support Policy which is part of our Terms of Service. Thank you for your understanding and for helping us help you!