blocking fusker w/ .htaccess or script, help please..?

Collapse
X
 
  • Time
  • Show
Clear All
new posts
  • chupacabra
    Confirmed User
    • Sep 2002
    • 3626

    #1

    blocking fusker w/ .htaccess or script, help please..?

    hey all... combing through some referer logs and find the dreaded fusker references... any quick recommendation on how to block them (and similar) through .htaccess? or any recommendations for a script that will block fusker and its ilk altogether that doesn't chew up mass amounts of cycles?

    any pointers or insight would be greatly appreciated, thx in advance all..!

    ...promise her a defamation, tell her where the rain will fall..
  • darksoul
    Confirmed User
    • Apr 2002
    • 4997

    #2
    Code:
    RewriteEngine On
    RewriteCond %{HTTP_REFERER} !^$
    RewriteCond %{HTTP_REFERER} !^http://(.*)?yourdomain.com.*$ [NC]
    RewriteRule .*\.(gif|jpg|png) - [F]
    1337 5y54|)m1n: 157717888
    BM-2cUBw4B2fgiYAfjkE7JvWaJMiUXD96n9tN
    Cambooth

    Comment

    • Goose
      Confirmed User
      • Mar 2004
      • 5725

      #3
      nothing else to add. Should work like that..
      ICQ: 52410619

      Comment

      • Snake Doctor
        I'm Lenny2 Bitch
        • Mar 2001
        • 13449

        #4
        Originally posted by darksoul
        Code:
        RewriteEngine On
        RewriteCond %{HTTP_REFERER} !^$
        RewriteCond %{HTTP_REFERER} !^http://(.*)?yourdomain.com.*$ [NC]
        RewriteRule .*\.(gif|jpg|png) - [F]
        I have mine set up exactly like that, also have a line in the allow,deny to block them specifically, but you can search my domains there and the images still show up on their pages.

        It sucks
        sig too big

        Comment

        • chupacabra
          Confirmed User
          • Sep 2002
          • 3626

          #5
          Originally posted by Lenny2
          I have mine set up exactly like that, also have a line in the allow,deny to block them specifically, but you can search my domains there and the images still show up on their pages.

          It sucks
          ditto, thx for the input darksoul but i've already got those lines in as well, but the fusker creeps are still indexing pics off of me... is there any commercial or script-based solution to stop pics being indexed that are in my public (non-members area) folders? it sucks to see the amount of bandwidth these kind of sites can drain off of you, would be worth byuing a solution if it actually worked well..

          ...promise her a defamation, tell her where the rain will fall..

          Comment

          • ronaldo
            Confirmed User
            • Jan 2002
            • 5475

            #6
            Is your bandwidth spiking because of fusker, or are you just seeing referrers?

            I get fusker referrers too, but only because the person that posts them there doesn't realize the images won't load. They get taken down in short order.

            Getting fusker referrers shouldn't be an issue. It's when your usage spikes to 3 times the norm that you've got a serious problem.

            edit-if the latter is the problem, hit me up.

            Comment

            • SmokeyTheBear
              ►SouthOfHeaven
              • Jun 2004
              • 28609

              #7
              how are the pictures setup/called ?

              Someone should make a simple script to rename files everyday..

              example..

              everyday a new key is created "XYZ123" then the folder the pictures resides in changes to that key.

              example "/images/XYZ123/pic002.jpg"

              then your tags in your pages reflect that new directory key
              hatisblack at yahoo.com

              Comment

              • chupacabra
                Confirmed User
                • Sep 2002
                • 3626

                #8
                thx for the replies friends, i'll have to investigate a bit further to see if i am just seeing referers or if indeed they are somehow getting the images to load... just so i'm clear though, the above mentioned .htaccess lines should be in the root folder of the site only, or also in the folders that contain the pics themselves? my members area has its own .htaccess of course but am unclear whether i only need .htaccess in the site root folder or if it should also be in place w/in the folders that contain the pics themselves that are at risk of hotlinking?

                on a side note, someone mentioned to me that i should buy a license for cPanel and rely upon its hotlinking protection? is this an option as well, does cPanel have good protection for hotlinking included that is effective? thx again for all the input friends..!
                ...promise her a defamation, tell her where the rain will fall..

                Comment

                • ronaldo
                  Confirmed User
                  • Jan 2002
                  • 5475

                  #9
                  Originally posted by chupacabra
                  thx for the replies friends, i'll have to investigate a bit further to see if i am just seeing referers or if indeed they are somehow getting the images to load... just so i'm clear though, the above mentioned .htaccess lines should be in the root folder of the site only, or also in the folders that contain the pics themselves? my members area has its own .htaccess of course but am unclear whether i only need .htaccess in the site root folder or if it should also be in place w/in the folders that contain the pics themselves that are at risk of hotlinking?
                  My htaccess is only in the root folder.

                  If you're not seeing a serious spike in bandwidth, then you're probably not in any danger. When you're being fuskered, you should know almost immediately.

                  Comment

                  • Manowar
                    jellyfish  
                    • Dec 2003
                    • 71528

                    #10
                    http://www.businessvoyeur.com/2005-0...o-block-fusker



                    http://www.businessvoyeur.com/2005-0...nking-in-depth

                    Comment

                    • Fabien
                      Confirmed User
                      • Jul 2003
                      • 4789

                      #11
                      Mate go there:

                      http://www.htmlbasix.com/

                      It's got all the basic stuff you need if you want start playing around with .htaccess thingos

                      Comment

                      • Snake Doctor
                        I'm Lenny2 Bitch
                        • Mar 2001
                        • 13449

                        #12
                        Originally posted by ronaldo
                        My htaccess is only in the root folder.

                        If you're not seeing a serious spike in bandwidth, then you're probably not in any danger. When you're being fuskered, you should know almost immediately.
                        My bandwidth graph is a little jumpy anyways, with the amount we use I probably wouldn't ever notice a fusker leech anyways.

                        I do see them in my referrers, and when I go to their site and search for my domains I see the pictures show up, and videos as well, even though I have htaccess to protect them as well.

                        I'm gonna have to see if the techs can block this guy at the router or something.
                        sig too big

                        Comment

                        • Scotty.T
                          Confirmed User
                          • Nov 2004
                          • 1062

                          #13
                          Originally posted by darksoul
                          Code:
                          RewriteEngine On
                          RewriteCond %{HTTP_REFERER} !^$
                          RewriteCond %{HTTP_REFERER} !^http://(.*)?yourdomain.com.*$ [NC]
                          RewriteRule .*\.(gif|jpg|png) - [F]
                          If you drop the first ReWriteCond to give you
                          Code:
                          RewriteEngine On
                          RewriteCond %{HTTP_REFERER} !^http://(.*)?yourdomain.com.*$ [NC]
                          RewriteRule .*\.(gif|jpg|png) - [F]
                          does the trick for me. This is the difference between allowing and denying blank referrers so you need to think about how it will affect you I guess. You could end up blocking anyone using a firewall or AV that strips referrers.
                          .

                          Comment

                          • kernelpanic
                            Too lazy to set a custom title
                            • Jan 2005
                            • 2961

                            #14
                            Originally posted by Lenny2
                            I have mine set up exactly like that, also have a line in the allow,deny to block them specifically, but you can search my domains there and the images still show up on their pages.

                            It sucks
                            do you have mod_rewrite installed?


                            ZangoCash - Turn Your Traffic Into Ca$h.
                            $.40 Per Install - No Tier

                            Comment

                            • kernelpanic
                              Too lazy to set a custom title
                              • Jan 2005
                              • 2961

                              #15
                              I also block many of the fuskers by using image filenames based off of a random SHA-1. The benefit of doing this is that images share no consecutive naming elements, which prevents many of the fusker scripts from leeching them automatically.

                              Fuskers are run by people too lazy to re-host the images on a free host, thus forcing them to load each filename by hand (or an advanced image extractor) requires a lot more work on their end than simply specifying "sampleimage[1-16].jpg".


                              ZangoCash - Turn Your Traffic Into Ca$h.
                              $.40 Per Install - No Tier

                              Comment

                              Working...