mod_rewrite: Forbid Unsavory Visitors

I have a another blog that mentions random words like “daughter”,”school”, “dirty”, “bad”, “dog”, “herself”, “year”, “nasty” and “old.” Until I started revewing my HTTP referers, It never even occured to me that nasty perverts could end up on my site while looking for websites that contain the words “11 year old dirty asian daughter in school with dog.” Even though my blog wouldn’t come close to providing what they were looking for, I still didn’t want these unwelcomed visitors seeing it so I enabed mod_rewrite on my Apache install and wrote the following script to detect people coming from search engines who are looking for unfavorable stuff.

.htaccess code

<ifModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteCond %{HTTP_REFERER} !http://(www\.)?mywebsite.com/.*$ [NC]
RewriteCond %{HTTP_REFERER} !.*my*web*site.*$ [NC]
RewriteCond %{HTTP_REFERER} ^.*(google|yahoo|msn|search).*$ [NC]
RewriteCond %{HTTP_REFERER} ^.*(daughter|herself||asian|dog|little|school|girls.*nasty|taste.*self|year|girl.*old).*$ [NC]
RewriteRule .* - [F]
</ifModule>

Here is what the script performs, step by step.
1. If the module mod_rewrite is enabled do the following
2. Turn Rewrite Engine On
3. Apply it to the entire site
4. If referer is not www.mywebsite.com or a variation of my site’s name
5. AND they come from a search engine
6. AND the URL includes the following combination of words/phrases: nasty AND (daughter or herself or asian or dog or little or school or girls) or taste AND self or old AND (year or girl)
7. Give them a 403 Forbidden
8. End of script

I placed this script in the root of my website and it worked perfectly. Of course, the person can easily get around this but I’d say over 99% just think the site is outdated/broken and won’t even attempt it.

Chrissy is a Cloud and Datacenter Management & Data Platform MVP who has worked in IT for over 20 years. She is the creator of the popular SQL PowerShell module dbatools, and holds a number of certifications, including those relating to SQL Server, Linux, SharePoint and network security. You can follow her on Twitter at @cl.

Posted in Security
2 comments on “mod_rewrite: Forbid Unsavory Visitors
  1. Derwood says:

    Welcome back, Chrissy.. I missed your writings…

    Something else you might try looking into besides mod_rewrite rules is mod_security. The only caveat is that mod_security works far better with Apache 2.x than 1.3.x.
    There’s an excellent set of rules for mod_security at http://www.gotroot.com that will protect your site from a great many vulnerabilities. The direct link to the rules and setup info is http://www.gotroot.com/tiki-index.php?page=mod_security+rules

    By the way, how do you like the Bay Area? I grew up there, but live in Ohio now..

  2. Chrissy says:

    Damn, Derwood! That looks awesome. I’ll def. take a look.

    I love the Bay Area.. I especially love not having a car! And my school rocks :-D I’m going to USF to finish a BSc in Info Systems.

    Thanks a bunch for your comment! *blogrolls you*

Leave a Reply

Your email address will not be published. Required fields are marked *

*