Docunext


Block Proxies

June 18th, 2009

I found this mod_rewrite configuration at Perishable Press:

RewriteEngine on
RewriteCond %{REQUEST_METHOD} POST
RewriteCond %{HTTP:VIA}                 !^$ [OR]
RewriteCond %{HTTP:FORWARDED}           !^$ [OR]
RewriteCond %{HTTP:USERAGENT_VIA}       !^$ [OR]
RewriteCond %{HTTP:X_FORWARDED_FOR}     !^$ [OR]
RewriteCond %{HTTP:PROXY_CONNECTION}    !^$ [OR]
RewriteCond %{HTTP:XPROXY_CONNECTION}   !^$ [OR]
RewriteCond %{HTTP:HTTP_PC_REMOTE_ADDR} !^$ [OR]
RewriteCond %{HTTP:HTTP_CLIENT_IP}      !^$
RewriteRule ^(.*)$ - [F]

Then I added this:

RewriteCond %{REQUEST_METHOD} POST

at the beginning. I might remove that as the post another post about blocking proxies said that some of them strip out my ads and insert their own. That's not cool!

But one problem with all this: since I use Varnish, the legitimate requests have some of those headers already. I'm going to try and come up with a regular expression to allow forwarding from my Varnish proxies, but block other ones. This will also help with modextractforwarded!

Yearly Indexes: 2003 2004 2006 2007 2008 2009 2010 2011 2012 2013 2015 2019 2020