Support » Plugin: iThemes Security (formerly Better WP Security) » How can I completely block http://site.ru Referrer please?

  • I am getting several 404 errors from a referrer site http://site.ru on a daily basis mostly trying to reach WP files such as /wp-content/plugins/wp-setting-dist.php – but it using a large range of IP addresses and hence difficult to ban completely. Is there some some other method I can use perhaps to block the URL?
    Thanks in advance

Viewing 6 replies - 16 through 21 (of 21 total)
  • A few changes:

    # BEGIN WordPress
    <IfModule mod_rewrite.c>
    RewriteEngine On
    RewriteBase /
    RewriteRule ^index\.php$ - [L]
    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteRule . /index.php [L]
    </IfModule>
    
    <IfModule mod_rewrite.c>
    RewriteEngine On
    RewriteCond %{HTTP_REFERER} site\.ru [NC,OR]
    RewriteCond %{HTTP_REFERER} burger-imperia\.com [NC]
    RewriteRule ^(.*)$ - [F]
    </IfModule>
    # END WordPress
    • This reply was modified 2 years, 8 months ago by nlpro.
    pb52

    (@paulbarrett1952)

    Brilliant.

    Thank you!

    Actually this is even better:

    # BEGIN Customization
    # Some description explaining what the entries below are supposed to do.
    <IfModule mod_rewrite.c>
    RewriteEngine On
    RewriteCond %{HTTP_REFERER} site\.ru [NC,OR]
    RewriteCond %{HTTP_REFERER} burger-imperia\.com [NC]
    RewriteRule ^(.*)$ - [F]
    </IfModule>
    # END Customization
    
    # BEGIN WordPress
    <IfModule mod_rewrite.c>
    RewriteEngine On
    RewriteBase /
    RewriteRule ^index\.php$ - [L]
    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteRule . /index.php [L]
    </IfModule>
    
    # END WordPress

    It’s best to keep the default lines in between the # BEGIN WordPress, # END WordPress markers 😉
    Notice the empty line too !

    Any custom rules added might disappear when changing Permalink options…

    I’ve been doing this with WordFence, as documented at https://www.wordfence.com/help/blocking/#how-to-block-a-referer-or-referring-website

    Obviously, you may not want to install such a big plugin just for this purpose, but for those who want a simple GUI and are nervous about editing server files like .htaccess, this works great!

    I have been getting 404’s on Fyzuntu-games.co.uk from site.ru and have tried to block this agent/referrer on Wordfence. However, this has not stopped the flow of 404’s. I do not have the confidence to amend ht.access files and was really hoping that Wordfence would provide the solution.

    MrOG

    (@mrgrownupgeek)

    I was just hit by a ‘bot storm’ with site.ru referrer strings, so i create an easy Mod Security rule to block them, as well as a list of other bad/fake referrers. I just put the details in my blog, here:
    https://www.success.grownupgeek.com/index.php/2018/12/14/block-site-ru-referrers/

    If you have multiple sites and/or run your own server or VPS, Mod Security is a better solution. Integrate your Mod Security with ConfigServer Firewall (CSF) and say goodbye to them forever.

Viewing 6 replies - 16 through 21 (of 21 total)
  • The topic ‘How can I completely block http://site.ru Referrer please?’ is closed to new replies.