blocking spam referer domain with web.config

[亡魂溺海] 提交于 2019-12-24 02:40:50

问题


I'm trying to block spam referer domains with web.config. I have it (mostly) working.

Here's the code I'm using:

<rule name="abort referer spam requests" stopProcessing="true">
                <match url=".*" />
                <conditions>
                    <add input="{HTTP_REFERER}" pattern="(semalt\.com|Darodar\.com|Priceg\.com|7makemoneyonline\.com|Buttons\-for\-website\.com|Ilovevitaly\.com|Blackhatworth\.com|Econom\.co|Iskalko\.ru|Lomb\.co|Lombia\.co|hulfingtonpost\.com|cenoval\.ru|bestwebsitesawards\.com|o\-o\-6\-o\-o\.com|humanorightswatch\.org|forum20\.smailik\.org|myftpupload\.com|prodvigator\.ua|best\-seo\-solution\.com|Buttons\-for\-your\-website\.com|Buy\-cheap\-online\.info|offers\.bycontext\.com|website\-errors\-scanner\.com|webmaster\-traffic\.com|guardlink\.org|www\.event\-tracking\.com|trafficmonetize\.org|traffic\-paradise\.org|simple\-share\-buttons\.com|sharebutton\.org|s\.click\.aliexpress\.com|social\-buttons\.com|site12\.social\-buttons\.com|anticrawler\.org|adcash\.com|adviceforum\.info|cenokos\.ru|cityadspix\.com|edakgfvwql\.ru|gobongo\.info|kambasoft\.com|luxup\.ru|4webmasters\.org|get\-free\-traffic\-now\.com|Best\-seo\-offer\.com|Theguardlan\.com|www1\.social\-buttons\.com|netvibes\.com|webcrawler\.com|www\.get\-free\-traffic\-now\.com|sanjosestartups\.com|100dollars\-seo\.com|resellerclub\.com|savetubevideo\.com|screentoolkit\.com|seoexperimenty\.ru|slftsdybbg\.ru|socialseet\.ru|superiends\.org|vodkoved\.ru|websocial\.me|ykecwqlixx\.ru|76brighton\.co\.uk|paparazzistudios\.com\.au|powitania\.pl|sharebutton\.net|tasteidea\.com|descargar\-musica\-gratis\.net|torontoplumbinggroup\.com|cyprusbuyproperties\.com|ranksonic\.org|Googlsucks\.com|free\-share\-buttons\.com|securesuite\.co\.uk|securesuite\.net|www3\.free\-social\-buttons\.com|free\-social\-buttons\.com|sitevaluation\.org|howtostopreferralspam\.eu|symbaloo\.com|acads\.net|addons\.mozilla\.org\/en\-US\/firefox\/addon\/ilovevitaly\/|aliexpress\.com|anal\-acrobats\.hol\.es|brakehawk\.com|domination\.ml|event\-tracking\.com|forum69\.info|ilovevitaly\.co|ilovevitaly\.ru|iminent\.com|kabbalah\-red\-bracelets\.com|makemoneyonline\.com|masterseek\.com|o\-o\-6\-o\-o\.ru|o\-o\-8\-o\-o\.ru|ok\.ru|pornhub\-forum\.ga|pornhub\-forum\.uni\.me|prlog\.ru|ranksonic\.info|rapidgator\-porn\.ga|sexyteens\.hol\.es|smailik\.org|youporn\-forum\.ga|youporn\-forum\.uni\.me|.*monetiz.*|semaltmedia\.com)" />
                </conditions>
                <action type="AbortRequest" />
            </rule> 

It is blocking all the domains except webmonetizer.net.

my question:

How is webmonetizer.net getting through? In the code above I've included

.*monetiz.*

I've tested this in fiddler too, and it's being blocked. It gets a 504 response when I test my site (www.myirelandtour.com), so I thought that would have stopped it?

User-Agent: Fiddler

Referer: webmonetizer.net

Host: www.myirelandtour.com

I'm still seeing webmonetizer.net as a referer in my google analytics, any ideas why or how to stop that? Thanks!


回答1:


Most of the spammers in Google Analytics never access your site so any server solution like web.config or the htaccess file won't work

This type of spam is known as Ghost because it never reaches your site, the only way to stop it is by using filters in GA.

You may get confused and think the web.config rules block it because Ghost spam usually shows only for a few days. Sometimes it comes back sometimes it doesn't.

The other type of spam "Crawlers" can be blocked from there, but there are just a few of them compared to the Ghosts, from your list only semalt, buttons-for-website and few more.

You can find a guide to create the filters and more information on this related answers

https://stackoverflow.com/a/28354319/3197362

https://webmasters.stackexchange.com/a/80927/49561

Hope it helps,




回答2:


I use the following code in my web.config (well I imported my .htaccess file into a Windows server, and it converted it to this):

                <rule name="Imported Rule 1">
                <match url=".*" ignoreCase="false" />
                <conditions logicalGrouping="MatchAny">
                    <add input="{HTTP_REFERER}" pattern="^http://.*semalt\.com" />
                    <add input="{HTTP_REFERER}" pattern="^http://.*buttons-for-website\.com" />
                    <add input="{HTTP_REFERER}" pattern="^http://.*7makemoneyonline\.com" />
                    <add input="{HTTP_REFERER}" pattern="^http://.*webmonetizer\.net" />
                </conditions>
                <action type="CustomResponse" statusCode="403" statusReason="Forbidden" statusDescription="Forbidden" />
            </rule>

I did this in January, and the referers still don't show up in Google Analytics.



来源:https://stackoverflow.com/questions/31242392/blocking-spam-referer-domain-with-web-config

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!