0

Lately I have been getting some referrer spam in my website's logs. In order to stop this (as it's quite annoying and also polluting my statistics), I want to block requests that are coming from certain referrer domains. A lot of articles can be found that recommend putting the following (or something similar) in the website's .htaccess file:

RewriteEngine On
RewriteCond %{HTTP_REFERER} example\.com [NC]
RewriteRule .* - [F]

This works fine, however, I would like to move this to the Apache configuration, in order to apply this rewrite rule to all websites hosted on the server. I've also read that this is better for perfomance because the .htaccess file has to be parsed for every request, whereas the Apache configuration is only loaded once.

My server is running on Ubuntu, so I created a new .conf file: /etc/apache2/conf-available/block-referrer-spam.conf, with the exact same content as the .htaccess snippet from above. I created a symlink in the conf-enabled directory (using sudo a2enmod block-referer-spam) and reloaded the Apache configuration (sudo service apache2 reload). However, unlike when using .htaccess, Apache does not block the request (return a 403).

I think I might be overlooking something simple, so any help is appreciated.

Nic Wortel
  • 103
  • 4

2 Answers2

2

Rewrite configurations are not inherited by virtual hosts. In order to "inherit" the directives in the vHost configurations, each vHost configuration needs:

RewriteEngine on
RewriteOptions Inherit

See the Apache discussion under the mod_rewrite module at:

http://httpd.apache.org/docs/2.4/mod/mod_rewrite.html

In any case, if you have access to the site.conf files for each vHost, you should probably use these for the "site" directives and NEVER need to enable .htaccess files.

Also, I assume that you HAVE "included" the conf-enabled/*.conf in your apache2.conf file

Colt
  • 2,029
  • 6
  • 21
  • 27
0

One trick is to place a .htaccess-file above the directory where your vHosts are stored.

For example, if your vHost websites are in /var/www/vhosts/.../ put a .htaccess-file at /var/www/vhosts/.htaccess. Because Apache reads .htaccess-files in order of directory level, it will be read before the individual .htaccess-files.

Cobra_Fast
  • 650
  • 2
  • 8
  • 23