问题
I'm seeing thousands of referrals coming from Russia and China every month from the domains below, I've tried adding the code below to my .htaccess file, and then testing it from another domain I own, but I don't appear to be getting the 403 Forbidden message I'm expecting to get. What am I missing?
RewriteCond %{HTTP_REFERER} ^(www\.)?([a-z0-9-]+)\.social-buttons\.com$ [NC]
RewriteCond %{HTTP_REFERER} social-buttons\.com [NC]
RewriteCond %{HTTP_REFERER} googlsucks\.com [NC]
RewriteCond %{HTTP_REFERER} 4webmasters\.org [NC]
RewriteCond %{HTTP_REFERER} aliexpress\.com [NC]
RewriteCond %{HTTP_REFERER} best-seo-solution\.com [NC]
RewriteCond %{HTTP_REFERER} best-seo-offer\.com [NC]
RewriteCond %{HTTP_REFERER} buttons-for-website\.com [NC]
RewriteCond %{HTTP_REFERER} www\.myothertestdomain\.com [NC]
RewriteRule .* - [F]
回答1:
Your current code means:
If referer is "sociel-buttons.com"
AND
If referer is "googlsucks.com"
AND
etc...
Which is not what you want (always false: that's why it never happens).
Instead, you have to use OR flag (you want OR boolean conditions in your case)
RewriteCond %{HTTP_REFERER} ^(www\.)?([a-z0-9-]+)\.social-buttons\.com$ [NC,OR]
RewriteCond %{HTTP_REFERER} social-buttons\.com [NC,OR]
RewriteCond %{HTTP_REFERER} googlsucks\.com [NC,OR]
RewriteCond %{HTTP_REFERER} 4webmasters\.org [NC,OR]
RewriteCond %{HTTP_REFERER} aliexpress\.com [NC,OR]
RewriteCond %{HTTP_REFERER} best-seo-solution\.com [NC,OR]
RewriteCond %{HTTP_REFERER} best-seo-offer\.com [NC,OR]
RewriteCond %{HTTP_REFERER} buttons-for-website\.com [NC,OR]
RewriteCond %{HTTP_REFERER} www\.myothertestdomain\.com [NC]
RewriteRule ^ - [F]
回答2:
The problem is not only with the code,besides the missing OR , the problem is that you can't stop this spam with the .htaccess file or at least most of them from the .htaccess file.
In your example, the only ones that will be blocked are best-seo and buttons-for-website, these two access your website with crawlers(bots), and are commonly called Crawler Referrer Spam
People get confused and think the .htaccess rule worked because after a sometime they stop seeing the spam, but the truth is that most of the Referrer Spam come for a few days and then disappear.
The rest lines you added won't have any effect. These use a Google analytics vulnerability to show ONLY in your Google Analytics. The .htaccess file "block the access" to your site, but they never visit/access your site. These are commonly called Ghost Referrer Spam.
The only way for now is to make filters in Google Analytics you can either make a filter for each one or make a filter for Valid Hostnames in your GA that way you will don't have to worry about new Ghost Referrer Spam.
You can check this answer for more details https://stackoverflow.com/a/28354319/3197362
回答3:
You should be using the OR flag for each condition except the last one:
RewriteCond %{HTTP_REFERER} ^(www\.)?([a-z0-9-]+)\.social-buttons\.com$ [NC,OR]
RewriteCond %{HTTP_REFERER} social-buttons\.com [NC,OR]
RewriteCond %{HTTP_REFERER} googlsucks\.com [NC,OR]
RewriteCond %{HTTP_REFERER} 4webmasters\.org [NC,OR]
RewriteCond %{HTTP_REFERER} aliexpress\.com [NC,OR]
RewriteCond %{HTTP_REFERER} best-seo-solution\.com [NC,OR]
RewriteCond %{HTTP_REFERER} best-seo-offer\.com [NC,OR]
RewriteCond %{HTTP_REFERER} buttons-for-website\.com [NC,OR]
RewriteCond %{HTTP_REFERER} www\.myothertestdomain\.com [NC]
RewriteRule .* - [F]
来源:https://stackoverflow.com/questions/29631518/how-to-block-referral-traffic-from-multiple-referrers-and-subdomains-in-htacces