- May 11, 2013
- 1,687
Hello Everyone,
As some of you might know, i have multiple servers and several websites for my company: FMA Intel-Secure
And as you probably guessed i spend like 3 hours a day maintaining all the sites, servers and services.
It is a difficult thing to manage correctly specially because Hacking, Spam, Malware, Exploits they are all every day business which totally sucks, however if you configure your server properly then spam and referral spam is by far the most annoying thing.
So i was thinking to create a guide for you, which will NOT explain you how to install a server and make it well protected, but it will explain you what you can do to simply block certain dangers on a dedicated or VPS server. (Yes only for these type of servers as shared hosting usually does not give you the option to use Apache mod rewrite and .htaccess)
I encourage everyone to jump in and share their own tips and tricks this way we can make a uber complete topic.
Please if you reply to this topic then make sure its quality you are posting as i intent to keep this topic alive and updated.
* Note to everyone reading this: If you understand how Linux (Apache) works and you feel comfortable customizing "conf, .htaccess" and other Apache configuration files then great keep on reading.
If you do not know what this all means, or you think that you might know then please do yourself a favor and stay as far away from this topic as you can. Because "conf, .htaccess" files are seriously NO joke and it can literally destroy your Linux server and render it useless. Just one typo and your system will generate a internal server error, and unless you exactly know what you are doing, solving these errors are a pain. (Not to mention that on shared hosting (Those few that give you access to .htaccess and other config files) will NOT like you and in 9 out of 10 times restrict your access our outright terminate your account.
So lets start with a simple one here: What is referrer spam? (Matt Cutts, Google's head of web spam will explain it to you in easy words)
As you probably understand the problems with ref spam is huge, and to tackle some of this i have written a code that you can add into your .htaccess file on your servers root.
Wait what is .htaccess? What does it do? << Check the link it will explain it all in a nutshell.
Alright lets continue,
The following code you can past into your .htaccess IF and only IF you have mod_rewrite enabled
Make sure you copy past it exactly like i wrote and triple check you do not have any conflicting Apache directives!!!.
After everything checked out correctly you can safe and close the file.
More to come stay tuned....
@Mod or Admin
Can i have edit powers for this topic as this is going to be a huge topic.
As some of you might know, i have multiple servers and several websites for my company: FMA Intel-Secure
And as you probably guessed i spend like 3 hours a day maintaining all the sites, servers and services.
It is a difficult thing to manage correctly specially because Hacking, Spam, Malware, Exploits they are all every day business which totally sucks, however if you configure your server properly then spam and referral spam is by far the most annoying thing.
So i was thinking to create a guide for you, which will NOT explain you how to install a server and make it well protected, but it will explain you what you can do to simply block certain dangers on a dedicated or VPS server. (Yes only for these type of servers as shared hosting usually does not give you the option to use Apache mod rewrite and .htaccess)
I encourage everyone to jump in and share their own tips and tricks this way we can make a uber complete topic.
Please if you reply to this topic then make sure its quality you are posting as i intent to keep this topic alive and updated.
* Note to everyone reading this: If you understand how Linux (Apache) works and you feel comfortable customizing "conf, .htaccess" and other Apache configuration files then great keep on reading.
If you do not know what this all means, or you think that you might know then please do yourself a favor and stay as far away from this topic as you can. Because "conf, .htaccess" files are seriously NO joke and it can literally destroy your Linux server and render it useless. Just one typo and your system will generate a internal server error, and unless you exactly know what you are doing, solving these errors are a pain. (Not to mention that on shared hosting (Those few that give you access to .htaccess and other config files) will NOT like you and in 9 out of 10 times restrict your access our outright terminate your account.
So lets start with a simple one here: What is referrer spam? (Matt Cutts, Google's head of web spam will explain it to you in easy words)
As you probably understand the problems with ref spam is huge, and to tackle some of this i have written a code that you can add into your .htaccess file on your servers root.
Wait what is .htaccess? What does it do? << Check the link it will explain it all in a nutshell.
Alright lets continue,
The following code you can past into your .htaccess IF and only IF you have mod_rewrite enabled
Code:
RewriteEngine on
RewriteCond %{HTTP_REFERER} ^https?:\/\/([^.]+\.)*semalt\.com [NC,OR]
RewriteCond %{HTTP_REFERER} ^https?:\/\/([^.]+\.)*Darodar\.com [NC,OR]
RewriteCond %{HTTP_REFERER} ^https?:\/\/([^.]+\.)*Priceg\.com [NC,OR]
RewriteCond %{HTTP_REFERER} ^https?:\/\/([^.]+\.)*7makemoneyonline\.com [NC,OR]
RewriteCond %{HTTP_REFERER} ^https?:\/\/([^.]+\.)*Buttons-for-website\.com [NC,OR]
RewriteCond %{HTTP_REFERER} ^https?:\/\/([^.]+\.)*Ilovevitaly\.com [NC,OR]
RewriteCond %{HTTP_REFERER} ^https?:\/\/([^.]+\.)*Blackhatworth\.com [NC,OR]
RewriteCond %{HTTP_REFERER} ^https?:\/\/([^.]+\.)*Econom\.co [NC,OR]
RewriteCond %{HTTP_REFERER} ^https?:\/\/([^.]+\.)*Iskalko\.ru [NC,OR]
RewriteCond %{HTTP_REFERER} ^https?:\/\/([^.]+\.)*Lomb\.co [NC,OR]
RewriteCond %{HTTP_REFERER} ^https?:\/\/([^.]+\.)*Lombia\.co [NC,OR]
RewriteCond %{HTTP_REFERER} ^https?:\/\/([^.]+\.)*hulfingtonpost\.com [NC,OR]
RewriteCond %{HTTP_REFERER} ^https?:\/\/([^.]+\.)*cenoval\.ru [NC,OR]
RewriteCond %{HTTP_REFERER} ^https?:\/\/([^.]+\.)*o\-o\-6\-o\-o\.com [NC,OR]
RewriteCond %{HTTP_REFERER} ^https?:\/\/([^.]+\.)*humanorightswatch\.org [NC,OR]
RewriteCond %{HTTP_REFERER} ^https?:\/\/([^.]+\.)*simple\-share\-buttons\.com [NC,OR]
RewriteCond %{HTTP_REFERER} ^https?:\/\/([^.]+\.)*sharebutton\.org [NC,OR]
RewriteCond %{HTTP_REFERER} ^https?:\/\/([^.]+\.)*s\.click\.aliexpress\.com [NC,OR]
RewriteCond %{HTTP_REFERER} ^https?:\/\/([^.]+\.)*social\-buttons\.com [NC,OR]
RewriteCond %{HTTP_REFERER} ^https?:\/\/([^.]+\.)*anticrawler\.org [NC,OR]
RewriteCond %{HTTP_REFERER} ^https?:\/\/([^.]+\.)*site12\.social\-buttons\.com [NC,OR]
RewriteCond %{HTTP_REFERER} ^https?:\/\/([^.]+\.)*adcash\.com [NC,OR]
RewriteCond %{HTTP_REFERER} ^https?:\/\/([^.]+\.)*adviceforum\.info [NC,OR]
RewriteCond %{HTTP_REFERER} ^https?:\/\/([^.]+\.)*anticrawler\.org [NC,OR]
RewriteCond %{HTTP_REFERER} ^https?:\/\/([^.]+\.)*blackhatworth\.com [NC,OR]
RewriteCond %{HTTP_REFERER} ^https?:\/\/([^.]+\.)*cenokos\.ru [NC,OR]
RewriteCond %{HTTP_REFERER} ^https?:\/\/([^.]+\.)*cityadspix\.com [NC,OR]
RewriteCond %{HTTP_REFERER} ^https?:\/\/([^.]+\.)*edakgfvwql\.ru [NC,OR]
RewriteCond %{HTTP_REFERER} ^https?:\/\/([^.]+\.)*gobongo\.info [NC,OR]
RewriteCond %{HTTP_REFERER} ^https?:\/\/([^.]+\.)*iskalko\.ru [NC,OR]
RewriteCond %{HTTP_REFERER} ^https?:\/\/([^.]+\.)*kambasoft\.com [NC,OR]
RewriteCond %{HTTP_REFERER} ^https?:\/\/([^.]+\.)*luxup\.ru [NC,OR]
RewriteCond %{HTTP_REFERER} ^https?:\/\/([^.]+\.)*myftpupload\.com [NC,OR]
RewriteCond %{HTTP_REFERER} ^https?:\/\/([^.]+\.)*prodvigator\.ua [NC,OR]
RewriteCond %{HTTP_REFERER} ^https?:\/\/([^.]+\.)*resellerclub\.com [NC,OR]
RewriteCond %{HTTP_REFERER} ^https?:\/\/([^.]+\.)*savetubevideo\.com [NC,OR]
RewriteCond %{HTTP_REFERER} ^https?:\/\/([^.]+\.)*screentoolkit\.com [NC,OR]
RewriteCond %{HTTP_REFERER} ^https?:\/\/([^.]+\.)*seoexperimenty\.ru [NC,OR]
RewriteCond %{HTTP_REFERER} ^https?:\/\/([^.]+\.)*slftsdybbg\.ru [NC,OR]
RewriteCond %{HTTP_REFERER} ^https?:\/\/([^.]+\.)*socialseet\.ru [NC,OR]
RewriteCond %{HTTP_REFERER} ^https?:\/\/([^.]+\.)*superiends\.org [NC,OR]
RewriteCond %{HTTP_REFERER} ^https?:\/\/([^.]+\.)*vodkoved\.ru [NC,OR]
RewriteCond %{HTTP_REFERER} ^https?:\/\/([^.]+\.)*websocial\.me [NC,OR]
RewriteCond %{HTTP_REFERER} ^https?:\/\/([^.]+\.)*ykecwqlixx\.ru [NC,OR]
RewriteCond %{HTTP_REFERER} ^https?:\/\/([^.]+\.)*76brighton\.co\.uk [NC,OR]
RewriteCond %{HTTP_REFERER} ^https?:\/\/([^.]+\.)*paparazzistudios\.com\.au [NC,OR]
RewriteCond %{HTTP_REFERER} ^https?:\/\/([^.]+\.)*powitania\.pl [NC,OR]
RewriteCond %{HTTP_REFERER} ^https?:\/\/([^.]+\.)*sharebutton\.net [NC,OR]
RewriteCond %{HTTP_REFERER} ^https?:\/\/([^.]+\.)*tasteidea\.com [NC,OR]
RewriteCond %{HTTP_REFERER} ^https?:\/\/([^.]+\.)*descargar\-musica\-gratis\.net [NC,OR]
RewriteCond %{HTTP_REFERER} ^https?:\/\/([^.]+\.)*torontoplumbinggroup\.com [NC,OR]
RewriteCond %{HTTP_REFERER} ^https?:\/\/([^.]+\.)*cyprusbuyproperties\.com [NC,OR]
RewriteCond %{HTTP_REFERER} ^https?:\/\/([^.]+\.)*4webmasters\.org [NC,OR]
RewriteCond %{HTTP_REFERER} ^https?:\/\/([^.]+\.)*ranksonic\.org [NC,OR]
RewriteCond %{HTTP_REFERER} ^https?:\/\/([^.]+\.)*best\-seo\-solution\.com [NC,OR]
RewriteCond %{HTTP_REFERER} ^https?:\/\/([^.]+\.)*get\-free\-traffic\-now\.com [NC,OR]
RewriteCond %{HTTP_REFERER} ^https?:\/\/([^.]+\.)*googlsucks\.com [NC,OR]
RewriteCond %{HTTP_REFERER} ^https?:\/\/([^.]+\.)*Buttons\-for\-your\-website\.com [NC,OR]
RewriteCond %{HTTP_REFERER} ^https?:\/\/([^.]+\.)*Best\-seo\-offer\.com [NC,OR]
RewriteCond %{HTTP_REFERER} ^https?:\/\/([^.]+\.)*offers\.bycontext\.com [NC,OR]
RewriteCond %{HTTP_REFERER} ^https?:\/\/([^.]+\.)*www1\.social\-buttons\.com [NC,OR]
RewriteCond %{HTTP_REFERER} ^https?:\/\/([^.]+\.)*website\-errors\-scanner\.com [NC,OR]
RewriteCond %{HTTP_REFERER} ^https?:\/\/([^.]+\.)*free\-share\-buttons\.com [NC,OR]
RewriteCond %{HTTP_REFERER} ^https?:\/\/([^.]+\.)*theguardlan\.com [NC,OR]
RewriteCond %{HTTP_REFERER} ^https?:\/\/([^.]+\.)*buy\-cheap\-online\.info [NC,OR]
RewriteCond %{HTTP_REFERER} ^https?:\/\/([^.]+\.)*netvibes\.com [NC,OR]
RewriteCond %{HTTP_REFERER} ^https?:\/\/([^.]+\.)*guardlink\.org [NC,OR]
RewriteCond %{HTTP_REFERER} ^https?:\/\/([^.]+\.)*securesuite\.co\.uk [NC,OR]
RewriteCond %{HTTP_REFERER} ^https?:\/\/([^.]+\.)*securesuite\.net [NC,OR]
RewriteCond %{HTTP_REFERER} ^https?:\/\/([^.]+\.)*forum20\.smailik\.org [NC]
RewriteRule .* - [F]
Make sure you copy past it exactly like i wrote and triple check you do not have any conflicting Apache directives!!!.
After everything checked out correctly you can safe and close the file.
More to come stay tuned....
@Mod or Admin
Can i have edit powers for this topic as this is going to be a huge topic.