Flashes of Panic

Since julie (or should I say, “Franklin”) is having trouble posting comments, despite not being a comment-spammer, I figured it was time to try some other experiments with my comment-spam and referrer-spam control file.

Using mod_access instead of mod_rewrite, we can set a server environment variable when the referer matches one of our badly-behaved folks. Then we can deny access (returning a 403 “Forbidden” error, rather than our custom error page or even a 404 “Not Found” error) if that variable is set. To add more sites, we add more lines. We’d remove the last two lines from the file I posted before, and add this:

SetEnvIf Referer .*\.locators\.com.* spam_ref
SetEnvIf Referer .*\.popex\.com.* spam_ref
Order Deny,Allow
Deny from env=spam_ref

The first two lines define the environment variable “spam_ref” if the “Referer” value matches the specified pattern; in each line, that pattern is a site which has been a referer-spam problem site for me. The third line just specifies the order in which we’re going to control access (check for denials first, then allow access) and the final line denies access if the environment variable was set in the first two lines.

I’ve done something similar to control access to a website we manage where our partners manage authentication and access control on their servers; I accept referrals from their domain and internal referrals, and refuse all others.

I don’t know if this will work any better than the mod_rewrite strategy (heck, I don’t know if this will work,) but it never hurts to have More Than One Way To Do It.

Now playing: Clean Up Kid from Songs From The Other Side by The Charlatans