0

I just wrote some rewrite conditions in order to block a bunch of bot sites. I successfully blocked many of them except three containing a hyphen (dash). So, since they all contain also the word "buttons" I tried to intercept them all with the following Rewrite condition:

RewriteCond %{HTTP_REFERER} ^http://.*buttons.*\.com/ [NC,OR]

The whole rewrite code in my .htaccess looks like this:

RewriteCond %{HTTP_REFERER} ^http://.*buttons.*\.com/ [NC,OR]
RewriteCond %{HTTP_REFERER} ^http://.*darodar\.com/ [NC,OR]
RewriteCond %{HTTP_REFERER} ^http://.*webextract\.net/ [NC,OR]
RewriteCond %{HTTP_REFERER} ^http://.*makemoneyonline\.com/ [NC,OR]
RewriteCond %{HTTP_REFERER} ^http://.*semalt\.com/ [NC,OR]
RewriteCond %{HTTP_REFERER} ^http://.*ranksonic\.info/ [NC,OR]
RewriteCond %{HTTP_REFERER} ^http://.*smailik\.com/ [NC]

The 3 websites I am failing in blocking are:

social-buttons.com
buttons-for-website.com
simple-share-buttons.com

And some variations of those, with subdomain.

My take is that the condition above should intercept them. But I keep getting spammed. Any idea what I am doing wrong?

A.L
  • 10,259
  • 10
  • 67
  • 98
gabmorelli
  • 1
  • This is the best answer I have found as to why it won't work to change settings in apache's files. It never even hits apache! It just pings GA directly. http://webmasters.stackexchange.com/questions/75909/how-to-fight-off-referrer-spammers/75914#75914 – Mark Kasson Mar 24 '15 at 22:16
  • Another best answer! http://www.analyticsedge.com/2014/12/removing-referral-spam-google-analytics/ – Mark Kasson Mar 24 '15 at 22:23
  • hi all, thanks for the answers: @Mark thanks for the suggestions, i've tried to escape the dashes with no luck, maybe because i kept the trailing slash and the http:// i am gonna try again that solution without trailing slash and without http:// thanks also @bloodyKnukles! – gabmorelli Mar 25 '15 at 09:10
  • Question though: can I leave the initial ^? I've read in the apache documentation that the webserver needs that symbol to know when the string to match starts. Thanks again – gabmorelli Mar 25 '15 at 09:10
  • The ^ is the anchor for the start of regex. http://www.regular-expressions.info/anchors.html. You don't have to keep it but it will keep the regex a little tighter. – Mark Kasson Mar 25 '15 at 12:54
  • I deleted a prior message because it contained inaccurate information. My subsequent answers were for social-buttons.com. Restated: I use `RewriteCond %{HTTP_REFERER} ^http://.*buttons\-for\-website\.com [NC,OR]`. I haven't solved social-buttons.com yet. Would this be better in serverfault.com? – Mark Kasson Mar 25 '15 at 12:57
  • Hi Mark, thanks for you advices. Checking the results today it seems like I have solved 2 of the last 3 spam bot sites with those rules. The one i can't solve is the same one that you can't solve: social-buttons.com - if its true that it pings GA directly without passing from the webserver, do you have any idea what can be done? – gabmorelli Mar 26 '15 at 09:10
  • Maybe just filter it out from the GA dashboard? – gabmorelli Mar 26 '15 at 09:12
  • .htaccess will only work for semalt, the rest of referrers dont reach your site so is pointless to add them. the only way for now is filter them, here you can find more information about this http://stackoverflow.com/a/28354319/3197362 – Carlos Escalera Alonso Mar 29 '15 at 02:22

0 Answers0