mod_rewrite: Forbid Unsavory Visitors

I have a another blog that mentions random words like “daughter”,”school”, “dirty”, “bad”, “dog”, “herself”, “year”, “nasty” and “old.” Until I started revewing my HTTP referers, It never even occured to me that nasty perverts could end up on my site while looking for websites that contain the words “11 year old dirty asian daughter in school with dog.” Even though my blog wouldn’t come close to providing what they were looking for, I still didn’t want these unwelcomed visitors seeing it so I enabed mod_rewrite on my Apache install and wrote the following script to detect people coming from search engines who are looking for unfavorable stuff.

.htaccess code

<ifModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteCond %{HTTP_REFERER} !http://(www\.)?mywebsite.com/.*$ [NC]
RewriteCond %{HTTP_REFERER} !.*my*web*site.*$ [NC]
RewriteCond %{HTTP_REFERER} ^.*(google|yahoo|msn|search).*$ [NC]
RewriteCond %{HTTP_REFERER} ^.*(daughter|herself||asian|dog|little|school|girls.*nasty|taste.*self|year|girl.*old).*$ [NC]
RewriteRule .* - [F]
</ifModule>

Here is what the script performs, step by step.
1. If the module mod_rewrite is enabled do the following
2. Turn Rewrite Engine On
3. Apply it to the entire site
4. If referer is not www.mywebsite.com or a variation of my site’s name
5. AND they come from a search engine
6. AND the URL includes the following combination of words/phrases: nasty AND (daughter or herself or asian or dog or little or school or girls) or taste AND self or old AND (year or girl)
7. Give them a 403 Forbidden
8. End of script

I placed this script in the root of my website and it worked perfectly. Of course, the person can easily get around this but I’d say over 99% just think the site is outdated/broken and won’t even attempt it.

Chrissy is a PowerShell MVP who has worked in IT for nearly 20 years, and currently serves as a Sr. Database Engineer in Belgium. Always an avid scripter, she attended the Monad session at Microsoft’s Professional Developers Conference in Los Angeles back in 2005 and has worked and played with PowerShell ever since. Chrissy is currently pursuing an MS in Systems Engineering at Regis University and helps maintain RealCajunRecipes.com in her spare time. She holds a number of certifications, including those relating to SQL Server, SuSE Linux, SharePoint and network security. She recently became co-lead of the SQL PASS PowerShell Virtual Chapter. You can follow her on Twitter at @cl.

Posted in Security
2 comments on “mod_rewrite: Forbid Unsavory Visitors
  1. Derwood says:

    Welcome back, Chrissy.. I missed your writings…

    Something else you might try looking into besides mod_rewrite rules is mod_security. The only caveat is that mod_security works far better with Apache 2.x than 1.3.x.
    There’s an excellent set of rules for mod_security at http://www.gotroot.com that will protect your site from a great many vulnerabilities. The direct link to the rules and setup info is http://www.gotroot.com/tiki-index.php?page=mod_security+rules

    By the way, how do you like the Bay Area? I grew up there, but live in Ohio now..

  2. Chrissy says:

    Damn, Derwood! That looks awesome. I’ll def. take a look.

    I love the Bay Area.. I especially love not having a car! And my school rocks :-D I’m going to USF to finish a BSc in Info Systems.

    Thanks a bunch for your comment! *blogrolls you*

Leave a Reply

Your email address will not be published. Required fields are marked *

*