blocking fusker w/ .htaccess or script, help please..? - GoFuckYourself.com

chupacabra · 01-23-2006, 01:49 AM

hey all... combing through some referer logs and find the dreaded fusker references... any quick recommendation on how to block them (and similar) through .htaccess? or any recommendations for a script that will block fusker and its ilk altogether that doesn't chew up mass amounts of cycles?

any pointers or insight would be greatly appreciated, thx in advance all..!

darksoul · 01-23-2006, 02:08 AM

Code:

RewriteEngine On
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://(.*)?yourdomain.com.*$ [NC]
RewriteRule .*\.(gif|jpg|png) - [F]

Goose · 01-23-2006, 02:14 AM

nothing else to add. Should work like that..

Snake Doctor · 01-23-2006, 02:36 AM

Quote:

Originally Posted by darksoul

Code:

RewriteEngine On
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://(.*)?yourdomain.com.*$ [NC]
RewriteRule .*\.(gif|jpg|png) - [F]

I have mine set up exactly like that, also have a line in the allow,deny to block them specifically, but you can search my domains there and the images still show up on their pages.

It sucks

chupacabra · 01-23-2006, 01:30 PM

Quote:

Originally Posted by Lenny2

I have mine set up exactly like that, also have a line in the allow,deny to block them specifically, but you can search my domains there and the images still show up on their pages.

It sucks

ditto, thx for the input darksoul but i've already got those lines in as well, but the fusker creeps are still indexing pics off of me... is there any commercial or script-based solution to stop pics being indexed that are in my public (non-members area) folders? it sucks to see the amount of bandwidth these kind of sites can drain off of you, would be worth byuing a solution if it actually worked well..

ronaldo · 01-23-2006, 01:35 PM

Is your bandwidth spiking because of fusker, or are you just seeing referrers?

I get fusker referrers too, but only because the person that posts them there doesn't realize the images won't load. They get taken down in short order.

Getting fusker referrers shouldn't be an issue. It's when your usage spikes to 3 times the norm that you've got a serious problem.

edit-if the latter is the problem, hit me up.

SmokeyTheBear · 01-23-2006, 01:37 PM

how are the pictures setup/called ?

Someone should make a simple script to rename files everyday..

example..

everyday a new key is created "XYZ123" then the folder the pictures resides in changes to that key.

example "/images/XYZ123/pic002.jpg"

then your tags in your pages reflect that new directory key

chupacabra · 01-23-2006, 01:56 PM

thx for the replies friends, i'll have to investigate a bit further to see if i am just seeing referers or if indeed they are somehow getting the images to load... just so i'm clear though, the above mentioned .htaccess lines should be in the root folder of the site only, or also in the folders that contain the pics themselves? my members area has its own .htaccess of course but am unclear whether i only need .htaccess in the site root folder or if it should also be in place w/in the folders that contain the pics themselves that are at risk of hotlinking?

on a side note, someone mentioned to me that i should buy a license for cPanel and rely upon its hotlinking protection? is this an option as well, does cPanel have good protection for hotlinking included that is effective? thx again for all the input friends..!

ronaldo · 01-23-2006, 02:04 PM

Quote:

Originally Posted by chupacabra

thx for the replies friends, i'll have to investigate a bit further to see if i am just seeing referers or if indeed they are somehow getting the images to load... just so i'm clear though, the above mentioned .htaccess lines should be in the root folder of the site only, or also in the folders that contain the pics themselves? my members area has its own .htaccess of course but am unclear whether i only need .htaccess in the site root folder or if it should also be in place w/in the folders that contain the pics themselves that are at risk of hotlinking?

My htaccess is only in the root folder.

If you're not seeing a serious spike in bandwidth, then you're probably not in any danger. When you're being fuskered, you should know almost immediately.

Manowar · 01-23-2006, 02:16 PM

http://www.businessvoyeur.com/2005-0...o-block-fusker

http://www.businessvoyeur.com/2005-0...nking-in-depth

Fabien · 01-23-2006, 02:37 PM

Mate go there:

http://www.htmlbasix.com/

It's got all the basic stuff you need if you want start playing around with .htaccess thingos

Snake Doctor · 01-24-2006, 12:34 PM

Quote:

Originally Posted by ronaldo

My htaccess is only in the root folder.

If you're not seeing a serious spike in bandwidth, then you're probably not in any danger. When you're being fuskered, you should know almost immediately.

My bandwidth graph is a little jumpy anyways, with the amount we use I probably wouldn't ever notice a fusker leech anyways.

I do see them in my referrers, and when I go to their site and search for my domains I see the pictures show up, and videos as well, even though I have htaccess to protect them as well.

I'm gonna have to see if the techs can block this guy at the router or something.

Scotty.T · 01-28-2006, 05:19 PM

Quote:

Originally Posted by darksoul

Code:

RewriteEngine On
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://(.*)?yourdomain.com.*$ [NC]
RewriteRule .*\.(gif|jpg|png) - [F]

If you drop the first ReWriteCond to give you

Code:

RewriteEngine On
RewriteCond %{HTTP_REFERER} !^http://(.*)?yourdomain.com.*$ [NC]
RewriteRule .*\.(gif|jpg|png) - [F]

does the trick for me. This is the difference between allowing and denying blank referrers so you need to think about how it will affect you I guess. You could end up blocking anyone using a firewall or AV that strips referrers.

kernelpanic · 01-28-2006, 05:29 PM

Quote:

Originally Posted by Lenny2

I have mine set up exactly like that, also have a line in the allow,deny to block them specifically, but you can search my domains there and the images still show up on their pages.

It sucks

do you have mod_rewrite installed?

kernelpanic · 01-28-2006, 05:32 PM

I also block many of the fuskers by using image filenames based off of a random SHA-1. The benefit of doing this is that images share no consecutive naming elements, which prevents many of the fusker scripts from leeching them automatically.

Fuskers are run by people too lazy to re-host the images on a free host, thus forcing them to load each filename by hand (or an advanced image extractor) requires a lot more work on their end than simply specifying "sampleimage[1-16].jpg".

01-23-2006, 01:49 AM	#1
chupacabra Confirmed User Join Date: Sep 2002 Posts: 3,626	blocking fusker w/ .htaccess or script, help please..? hey all... combing through some referer logs and find the dreaded fusker references... any quick recommendation on how to block them (and similar) through .htaccess? or any recommendations for a script that will block fusker and its ilk altogether that doesn't chew up mass amounts of cycles? any pointers or insight would be greatly appreciated, thx in advance all..! __________________ ...promise her a defamation, tell her where the rain will fall..

01-23-2006, 02:08 AM	#2
darksoul Confirmed User Join Date: Apr 2002 Location: /root/ Posts: 4,997	Code: RewriteEngine On RewriteCond %{HTTP_REFERER} !^$ RewriteCond %{HTTP_REFERER} !^http://(.)?yourdomain.com.$ [NC] RewriteRule .*\.(gif\|jpg\|png) - [F] __________________ 1337 5y54\|)m1n: 157717888 BM-2cUBw4B2fgiYAfjkE7JvWaJMiUXD96n9tN Cambooth

01-23-2006, 02:14 AM	#3
Goose Confirmed User Join Date: Mar 2004 Location: --------Europe------- Posts: 5,725	nothing else to add. Should work like that.. __________________ ICQ: 52410619

01-23-2006, 01:37 PM	#7
SmokeyTheBear ►SouthOfHeaven Join Date: Jun 2004 Location: PlanetEarth MyBoardRank: GerbilMaster My-Penis-Size: extralarge MyWeapon: Computer Posts: 28,609	how are the pictures setup/called ? Someone should make a simple script to rename files everyday.. example.. everyday a new key is created "XYZ123" then the folder the pictures resides in changes to that key. example "/images/XYZ123/pic002.jpg" then your tags in your pages reflect that new directory key __________________ hatisblack at yahoo.com

01-23-2006, 01:56 PM	#8
chupacabra Confirmed User Join Date: Sep 2002 Posts: 3,626	thx for the replies friends, i'll have to investigate a bit further to see if i am just seeing referers or if indeed they are somehow getting the images to load... just so i'm clear though, the above mentioned .htaccess lines should be in the root folder of the site only, or also in the folders that contain the pics themselves? my members area has its own .htaccess of course but am unclear whether i only need .htaccess in the site root folder or if it should also be in place w/in the folders that contain the pics themselves that are at risk of hotlinking? on a side note, someone mentioned to me that i should buy a license for cPanel and rely upon its hotlinking protection? is this an option as well, does cPanel have good protection for hotlinking included that is effective? thx again for all the input friends..! __________________ ...promise her a defamation, tell her where the rain will fall..

01-23-2006, 01:35 PM	#6
ronaldo Confirmed User Join Date: Jan 2002 Location: ICQ#: 272000271 Posts: 5,475	Is your bandwidth spiking because of fusker, or are you just seeing referrers? I get fusker referrers too, but only because the person that posts them there doesn't realize the images won't load. They get taken down in short order. Getting fusker referrers shouldn't be an issue. It's when your usage spikes to 3 times the norm that you've got a serious problem. edit-if the latter is the problem, hit me up.

01-23-2006, 02:16 PM	#10
Manowar jellyfish Join Date: Dec 2003 Posts: 71,528	http://www.businessvoyeur.com/2005-0...o-block-fusker http://www.businessvoyeur.com/2005-0...nking-in-depth

01-23-2006, 02:37 PM	#11
Fabien Confirmed User Industry Role: Join Date: Jul 2003 Posts: 4,787	Mate go there: http://www.htmlbasix.com/ It's got all the basic stuff you need if you want start playing around with .htaccess thingos

01-28-2006, 05:32 PM	#15
kernelpanic Too lazy to set a custom title Join Date: Jan 2005 Posts: 2,961	I also block many of the fuskers by using image filenames based off of a random SHA-1. The benefit of doing this is that images share no consecutive naming elements, which prevents many of the fusker scripts from leeching them automatically. Fuskers are run by people too lazy to re-host the images on a free host, thus forcing them to load each filename by hand (or an advanced image extractor) requires a lot more work on their end than simply specifying "sampleimage[1-16].jpg". __________________ ZangoCash - Turn Your Traffic Into Ca$h. $.40 Per Install - No Tier