Ultimate htaccess Blacklist 2 (Compressed Version)

By Jeff Starr on Monday, October 15, 2007 — 62 Responses

Post #420 categorized as Function, last updated on Mar 22, 2009
Tagged with apache, blacklist, htaccess, list, mod_rewrite, security, spam, tricks

[ Keywords: htaccess, rewrite, blacklist, block, deny, spam, spammers, scrapers, rippers ]

[ Image: Lunar Eclipse ]

In our original htaccess blacklist article, we provide an extensive list of bad user agents. This so-called “Ultimate htaccess Blacklist” works great at blocking many different online villains: spammers, scammers, scrapers, scrappers, rippers, leechers — you name it. Yet, despite its usefulness, there is always room for improvement. For example, as reader Greg suggests, a compressed version of the blacklist would be very useful. In this post, we present a compressed version of our Ultimate htaccess Blacklist that features around 50 new agents. Whereas the original blacklist is approximately 8.6KB in size, the compressed version is only 3.4KB, even with the additional agents. Overall, the compressed version requires fewer system resources to block a greater number of bad agents.

# Ultimate htaccess Blacklist 2 from Perishable Press
# Deny domain access to spammers and other scumbags
RewriteEngine on
RewriteBase /
RewriteCond %{HTTP_USER_AGENT} ADSARobot|ah-ha|almaden|aktuelles|Anarchie|amzn_assoc|ASPSeek|ASSORT|ATHENS|Atomz|attach|attache|autoemailspider|BackWeb|Bandit|BatchFTP|bdfetch|big.brother|BlackWidow|bmclient|Boston\ Project|BravoBrian\ SpiderEngine\ MarcoPolo|Bot\ mailto:craftbot@yahoo.com|Buddy|Bullseye|bumblebee|capture|CherryPicker|ChinaClaw|CICC|clipping|Collector|Copier|Crescent|Crescent\ Internet\ ToolPak|Custo|cyberalert|DA$|Deweb|diagem|Digger|Digimarc|DIIbot|DISCo|DISCo\ Pump|DISCoFinder|Download\ Demon|Download\ Wonder|Downloader|Drip|DSurf15a|DTS.Agent|EasyDL|eCatch|ecollector|efp@gmx\.net|Email\ Extractor|EirGrabber|email|EmailCollector|EmailSiphon|EmailWolf|Express\ WebPictures|ExtractorPro|EyeNetIE|FavOrg|fastlwspider|Favorites\ Sweeper|Fetch|FEZhead|FileHound|FlashGet\ WebWasher|FlickBot|fluffy|FrontPage|GalaxyBot|Generic|Getleft|GetRight|GetSmart|GetWeb!|GetWebPage|gigabaz|Girafabot|Go\!Zilla|Go!Zilla|Go-Ahead-Got-It|GornKer|gotit|Grabber|GrabNet|Grafula|Green\ Research|grub-client|Harvest|hhjhj@yahoo|hloader|HMView|HomePageSearch|http\ generic|HTTrack|httpdown|httrack|ia_archiver|IBM_Planetwide|Image\ Stripper|Image\ Sucker|imagefetch|IncyWincy|Indy*Library|Indy\ Library|informant|Ingelin|InterGET|Internet\ Ninja|InternetLinkagent|Internet\ Ninja|InternetSeer\.com|Iria|Irvine|JBH*agent|JetCar|JOC|JOC\ Web\ Spider|JustView|KWebGet|Lachesis|larbin|LeechFTP|LexiBot|lftp|libwww|likse|Link|Link*Sleuth|LINKS\ ARoMATIZED|LinkWalker|LWP|lwp-trivial|Mag-Net|Magnet|Mac\ Finder|Mag-Net|Mass\ Downloader|MCspider|Memo|Microsoft.URL|MIDown\ tool|Mirror|Missigua\ Locator|Mister\ PiX|MMMtoCrawl\/UrlDispatcherLLL|^Mozilla$|Mozilla.*Indy|Mozilla.*NEWT|Mozilla*MSIECrawler|MS\ FrontPage*|MSFrontPage|MSIECrawler|MSProxy|multithreaddb|nationaldirectory|Navroad|NearSite|NetAnts|NetCarta|NetMechanic|netprospector|NetResearchServer|NetSpider|Net\ Vampire|NetZIP|NetZip\ Downloader|NetZippy|NEWT|NICErsPRO|Ninja|NPBot|Octopus|Offline\ Explorer|Offline\ Navigator|OpaL|Openfind|OpenTextSiteCrawler|OrangeBot|PageGrabber|Papa\ Foto|PackRat|pavuk|pcBrowser|PersonaPilot|Ping|PingALink|Pockey|Proxy|psbot|PSurf|puf|Pump|PushSite|QRVA|RealDownload|Reaper|Recorder|ReGet|replacer|RepoMonkey|Robozilla|Rover|RPT-HTTPClient|Rsync|Scooter|SearchExpress|searchhippo|searchterms\.it|Second\ Street\ Research|Seeker|Shai|Siphon|sitecheck|sitecheck.internetseer.com|SiteSnagger|SlySearch|SmartDownload|snagger|Snake|SpaceBison|Spegla|SpiderBot|sproose|SqWorm|Stripper|Sucker|SuperBot|SuperHTTP|Surfbot|SurfWalker|Szukacz|tAkeOut|tarspider|Teleport\ Pro|Templeton|TrueRobot|TV33_Mercator|UIowaCrawler|UtilMind|URLSpiderPro|URL_Spider_Pro|Vacuum|vagabondo|vayala|visibilitygap|VoidEYE|vspider|Web\ Downloader|w3mir|Web\ Data\ Extractor|Web\ Image\ Collector|Web\ Sucker|Wweb|WebAuto|WebBandit|web\.by\.mail|Webclipping|webcollage|webcollector|WebCopier|webcraft@bea|webdevil|webdownloader|Webdup|WebEMailExtrac|WebFetch|WebGo\ IS|WebHook|Webinator|WebLeacher|WEBMASTERS|WebMiner|WebMirror|webmole|WebReaper|WebSauger|Website|Website\ eXtractor|Website\ Quester|WebSnake|Webster|WebStripper|websucker|webvac|webwalk|webweasel|WebWhacker|WebZIP|Wget|Whacker|whizbang|WhosTalking|Widow|WISEbot|WWWOFFLE|x-Tractor|^Xaldon\ WebSpider|WUMPUS|Xenu|XGET|Zeus.*Webster|Zeus [NC]
RewriteRule ^.* - [F,L]

For more information, please see our original htaccess blacklist article, the Ultimate htaccess Blacklist.

Update: (April 30th, 2008) the blacklist has been edited to remove the DA character string. This is to prevent blocking of certain validation services such as those provided via the W3C. Thanks to John S. Britsios for identifying and sharing this information. :)

Update: (May 4th, 2008) the blacklist has been edited to (re)include the DA$ character string. Previously, the DA string matched various validation services because of the “da” string found in the terms “validator”, “validation”, etc. As reader Max explains, we can avoid this problem by appending a $ onto DA. Thus the blacklist has been edited to include the DA$ character string, which protects against the DA bot while allowing us to use various validation services. Thanks Max! ;)

Copyright2009PerishablePress

Subscribe to Perishable Press

36603 visits

62 Responses

TopLeave a comment

[ Gravatar Icon ]

#1Simeon_seo

Why you block “Yandex”? It is a spider of the russian most popular search engine.

[ Gravatar Icon ]

#2Perishable

Good question.. adding it to the list was suggested by a fellow forum member awhile ago. I sniffed around Google a bit but found no evidence of maleficence, so I have removed it from the list. Thanks for pointing it out to us ;)

[ Gravatar Icon ]

#3John

How does this affect blacklist affect Google crawling your site? There is no side effect?

[ Gravatar Icon ]

#4Perishable

John, rest assured that there are absolutely no googlebots mentioned in the blacklist. We are targeting the bad guys here, not legitimate agents such as Google, Yahoo!, and MSN. No worries! ;)

[ Gravatar Icon ]

#5Lisa

Excellent! This is much more better than the first list you made. I didn’t know that the user-agents name can all be in one line.

This may be offtopic but I have a question. Can I use the same technique (one line) to block ip address using the “deny from ip” code?

[ Gravatar Icon ]

#6Perishable

Lisa you are wearing me out! :)

Anyway, to answer your question, yes, you can list multiple IP addresses in one line when using a “deny from ip” directive. Here is the syntax that you would use:

deny from 123.123.123 456.456.456 789.789.789

..etc. Notice that we are using spaces to separate the individual IPs — no commas allowed ;)

[ Gravatar Icon ]

#7bjarbj78

Hei.

Thanks for this list.
I have my own .htaccess file that are included in my PHP-Nuke site. And i won’t mess it up, so not sure what is
RewriteBase / ?

And where should i but the RewriteEngine On ?On the top of my .htaccess or belove some RewriteCond and RewriteRule ?

Is very important that I don’t mess up my .htaccess, hehe

Thanks for very good homepage you got.

Best Regards

bjarbj78

[ Gravatar Icon ]

#8Perishable

Hei bjarbj78,

RewriteBase specifies the default URL for a directory. It is often used to remove the local directory prefix in order for the rewrite rules to act upon the correct file path. Don’t worry, if it sounds confusing, it is — I still find myself referring to the source when trying to explain it to people :)

Regards,
Jeff

[ Gravatar Icon ]

#9bjarbj78

Thank you very much Jeff :)
Do you know how to block proxy servers? I make a big list about 9139 proxy domains. But didn’t work when i use:

deny from proxydomain.com proxydomain2.com and so on.

Regards
bjarbj78

[ Gravatar Icon ]

#10Perishable

The question is, even if you could use htaccess to block over 9,000 domains, would you really want to? If you consider the potential performance hit and excessive load on server resources associated with the perpetual processing of such a monstrous list, it may inspire you to seek a healthier, perhaps more effective alternative..

For example, here is the code that I use for stopping 99% of the proxies that attempt to access one of my sites:

# prevent proxy access
RewriteEngine on
RewriteCond %{HTTP:VIA} !^$ [OR]
RewriteCond %{HTTP:FORWARDED} !^$ [OR]
RewriteCond %{HTTP:USERAGENT_VIA} !^$ [OR]
RewriteCond %{HTTP:X_FORWARDED_FOR} !^$ [OR]
RewriteCond %{HTTP:PROXY_CONNECTION} !^$ [OR]
RewriteCond %{HTTP:XPROXY_CONNECTION} !^$ [OR]
RewriteCond %{HTTP:HTTP_PC_REMOTE_ADDR} !^$ [OR]
RewriteCond %{HTTP:HTTP_CLIENT_IP} !^$
RewriteRule .* - [F]

Place in root htaccess and take ’er for a spin via any proxy service(s) of your choice.. - it may not be perfect, but it’s lightweight, concise, and very effective ;)

[ Gravatar Icon ]

#11bjarbj78

Hi Jeff.

Thank you very much. It’s works :)
lol, and i used almost 2 - 3 hours to complete my list, hehe

Regards

Bjørn

[ Gravatar Icon ]

#12bjarbj78

Hi Jeff.

I found those lines to:

rewritecond %{HTTP:Forwarded-For} !^$ [OR]
rewritecond %{HTTP:X-Forwarded} !^$ [OR]

Can I use those lines too?

[ Gravatar Icon ]

#13Perishable

Hi Bjørn,

Glad it worked for you! I have found it to be much more efficient than trying to block the endless swarm of proxy servers individually — things change waay too quickly for that. As for the additional rewrite conditions you mention, I have not used them.. perhaps you could test their effectiveness and share the results with us? ;)

Regards,
Jeff

[ Gravatar Icon ]

#14Lisa

Hi again Jeff :)

I have a question, can I use a wildcard to block an IP.. eg.:
deny from 74.54.143.*
or
deny from 74.54.*.*

The above IP Ranges has been scraping some of my blog contents and I’m getting tired of blocking them one by one.

I’ve Googled for an answer but can’t seem to find any hint on wildcards.

Hope you can help me ;)

[ Gravatar Icon ]

#15Perishable

Hi Lisa :)

Using htaccess, wildcards are not necessary when specifying specific ranges of IP addresses. Simply truncate the address to the target range, for example:

deny from 74.54.

..would block every IP beginning with the 74.54. prefix:

74.54.1
   .
   .
   .
74.54.255
74.54.255.1
   .
   .
   .
74.54.255.255

..etc. Of course, you could also use wildcards if so desired:

deny from 74.54.*

..which would block the exact same range as before. It’s totally your choice! :)

[ Gravatar Icon ]

#16Perishable

Ah, one more thing that I should point out.. Be careful when using the “dot” (.) in your blocked IP ranges. If we omit the dot from the example in the previous comment, we would block a different set of IP addresses:

74.540
   .
   .
   .
74.549
74.540.1
   .
   .
   .
74.549.255

..etc. Inclusion or exclusion of the dot can make all of the difference!

[ Gravatar Icon ]

#17Lisa

Thanks Jeff :) You’re a life saver!!

[ Gravatar Icon ]

#18Pádraig Brady

It would be cool if you could provide
just the last 2 lines in a downloadable file,
that you would update and others could download periodically to
construct their .httaccess files from

cheers,
Pádraig.

[ Gravatar Icon ]

#19Pádraig Brady

Hey you have httrack and ia_archiver in there?

[ Gravatar Icon ]

#20Perishable

Pádraig Brady,

Yes, that is an excellent idea. I am currently in the process of building the next version of the Ultimate htaccess Blacklist (v.3), and will definitely post an article once it is finished. As you can see, this post features the second version of the Blacklist, and I continue to post many useful tips and tricks concerning all things htaccess, PHP, XHTML, CSS, and all of the other web-related acronyms ;) Thus, my advice to people who want to stay current with the Ultimate htaccess Blacklist as well as other security and anti-spam information is to subscribe to my feed — I guarantee you won’t regret it!

Regards,
Jeff_

[ Gravatar Icon ]

#21Peter

I’m testing this list and I’m having a problem with RewriteBase /

I’d prefer to use this list in my http.config but RewriteBase / is throwing an error “only valid on a per dir config files”. It it required for this list to work?

[ Gravatar Icon ]

#22Perishable

Hi Peter, you are correct — you must remove the RewriteBase / directive when using the blacklist in your httpd.conf file. It is meant for per-directory htaccess files and is not needed when working with httpd.conf.

[ Gravatar Icon ]

#23Peter

:) COOL!!

Thanks

[ Gravatar Icon ]

#24Max

After including this list in my file, I noticed that the W3 HTML and CSS validator would no longer work on my site, presumably because agent “Jigsaw/2.2.5 W3C_CSS_Validator_JFouffa/2.0″ etc has “DA” in the title. This can be resolved by changing agent “DA” to “DA$”.

[ Gravatar Icon ]

#25Perishable

Thanks for the tip, Max. I will definitely include this modification in the next iteration of the blacklist. Cheers! ;)

[ Gravatar Icon ]

#26Fury

Hi!
Add “anonymouse” to the http_user_agent list

[ Gravatar Icon ]

#27Perishable

Sure, I am more than willing to add it the next incarnation, provided some sort of explanation as to why “anonymouse” (or any other user agent for that matter) deserves to be blacklisted. Drop a link and we’ll go from there.. ;)

[ Gravatar Icon ]

#28Peter

anonymouse is a proxy site loaded with scumbags. I had added it to my list awhile ago along with SurveyBot|Nikto|MEGAUPLOAD|anonymouse|Java/1.0|CMS\ Spider

[ Gravatar Icon ]

#29Perishable

Yes, I have also read elsewhere that blocking anonymouse is a wise move. I will add the directive to the next incarnation of the blacklist. Thanks for helping to improve the list! :)

[ Gravatar Icon ]

#30John S. Britsios

I appreciate very much your great work, and I read your tutorial with great interest. I only have a experienced one problem that I could figure out how to solve it.

When I use your blocking list, I cannot use the W3C HTML and CSS validator for validating my site.

Also I cannot use the http://www.htmlhelp.com/cgi-bin/validate.cgi validator either.

Can you tell which user agent is in the list that blocks the above validators?

Thanks you very much in advance.

[ Gravatar Icon ]

#31Perishable

Hi John, I’m glad you enjoy the article. As for the blacklist, are you sure that it is the cause of the problem? It may very well be, however, many people use the list without any similar issues. Nonetheless, if you have determined that the source of the conflict involves the blacklist rules, a bit of further testing should help you target the problematic user agents. First, remove the first half of the user agents and test if things are working. If so, replace half of the removed agents and test again. Likewise, if the issue did not resolve after removing the first half, repeat the process with the second half. By repeating this process a few times (it shouldn’t take too long), you should be able to identify the conflicting agents. I hope that makes sense. I would do this exercise myself, but I am literally swamped with a million other tasks and chores that I have to get done. In any case, I hope this information is useful, as I definitely want to help you implement successfully the ultimate htaccess blacklist. Finally, if you do find problematic user agent(s), please drop a comment and share with the community here at Perishable Press.

Cheers,
Jeff

[ Gravatar Icon ]

#32John S. Britsios

Thanks Jeff for the reply.
I found out which was blocking W3C Validator.

It was: DA

I just thought of sharing.

Thanks again for the great work.

Cheers,

John

[ Gravatar Icon ]

#33Perishable

Hi John, thank you for taking the time to share this information. I have removed the DA character string from the list and updated the article so that others may benefit from your work (and generosity). Thank you for helping to improve the quality of the blacklist! :)

Kind regards,
Jeff

[ Gravatar Icon ]

#34Max

John; you’re right - DA does block WWW validators - see my post #24 above!

[ Gravatar Icon ]

#35Perishable

Doh! I completely forgot about Max’s comment concerning the DA string! Apparently age is directly proportional to forgetfulness (I should have scrolled thru the comments before responding) — would’ve saved everyone some time. Max’s solution also enables us to continue blocking the DA agent while allowing access to the various validation services. Once I return to the computer (this weekend), I will update the article and the blacklist with this information. Huge apologies to Max — thanks for the gentle reminder ;)

[ Gravatar Icon ]

#36Perishable

The blacklist and article have been updated to (re)include the DA$ character string. Many thanks to Max for pointing this out. Cheers!

[ Gravatar Icon ]

#37TBC

Thanks for the great information. Much to learn about this .htaccess stuff!

[ Gravatar Icon ]

#38Jeevan

This is off topic but I want to know how to block leeching programs that download whole sites or all images according to sizes. They kill tons of bandwidth. How can I block them?

thanks

[ Gravatar Icon ]

#39Perishable

Yes, there are many, many such programs. The blacklist attempts to block a decent number of them, but there are still many more to identify and add to the list. If you happen to notice a few particular, repeat mass-downloaders in your access logs, I recommend targeting them directly and/or adding their associated user-agent(s) to the blacklist. I hope this helps!

[ Gravatar Icon ]

#40Dave Toner

Hey thanks for the great reminder. I of all people should be reviewing my logs regularly just to make sure there aren’t any such hackers trying to get into the sensitive “admin” areas of my e-commerce site! Just imagine the danger that lurks around when we are not being watchful of this kind of stuff!

[ Gravatar Icon ]

#41Perishable

Absolutely, Dave — apathetic and/or ignorant webmasters are exactly what spammers, crackers and other scumbags are targeting. The bad news is that such vulnerable sites become an even larger threat once compromised. What’s that old saying? “An ounce of prevention is worth a pound of spam..” ;)

[ Gravatar Icon ]

#42flash arcade games

great list.I’ve added it to one of my sites.

I’m also thinking of adding the following but would like your opinion where or not its worthwhile

as documented here by andrew

http://www.andrewjmorris.com/site-hijacking-part-2.htm#comments

[ Gravatar Icon ]

#43Perishable

@flash arcade games: that is the first time I have heard of that particular type of site “hijacking.” The PHP code itself is fairly simple, but implemented sitewide on a busy site, it could reduce performance. Every request for every page on your site would be running the script. Thus, unless you have a small site and/or lite traffic, I would only use that technique if I discovered that my site was being ripped. In any case, it is very interesting — thanks for pointing it out!

[ Gravatar Icon ]

#44ronaquin496

Hi, im trying to block all webproxies to see my webpage but its impossile. It does not work for me.

I updated my .htaccess file with the code in this article, and i can access perfectly my home page using hidemyass.com

Any idea?

I need to block this because i recently ban abusive users from my home page, and they are using web proxies to spam my forum and register a lot of trolls accounts.

[ Gravatar Icon ]

#45Perishable

@ronaquin496: Unfortunately, there is no way to block all web proxies. If a page exists publicly on the Web, it is accessible by anyone (depending on skill level, etc.) who desires access. Of course, the blacklist presented above won’t block hidemyass.com because it’s not on the list.

[ Gravatar Icon ]

#46HR Blog

@Perishable: Web proxies are very hard to block and almost impossible. The only thing I could come up with is checking referer (if it is not blocked) and then making a script to visit it in the future and see if it looks like a proxy script, and if so, block that referer. If a proxy blocks the referer from passing itself (as most do), then its tough luck.. Actually I just remembered you can probably grab the URL location via javascript and compare it to your domains.. That might actually be the best solution for web proxies.

[ Gravatar Icon ]

#47Aaron

Thanks for updating the list to include validators. I was wondering why w3c was having issues.

[ Gravatar Icon ]

#48Pablo

when i google my site, it gets re-directed to a proxy site tshake.com

google has indexed this page, for the past 2 weeks.

any tips on how to fix this

[ Gravatar Icon ]

#49Jeff Starr

Let’s try to keep it on-topic, Pablo. Thanks! :)

[ Gravatar Icon ]

#50Pablo

sorry jeff, i thought this was o topic.

my apologies.

[ Gravatar Icon ]

#51Jeff Starr

Alright, I suppose if you look at previous comments, your question does seem relevant. Sorry for jumping at you, just trying to keep the noise level down on these ongoing comment threads. Hopefully no hard feelings..

Looking at your question, it seems as if your site may have been Google-jacked or else compromised with some sort of redirection/proxy script. I wish I could say for sure, but there may be many things that you will need to check before identifying the culprit.

The first thing I would do is verify that all of the files on my server are intact and operating as intended. During that check, I would also keep an eye open for any files that may have been added, especially in higher-level directories. Also, a sitewide search for the term “tshake.com” and other related terms/URLs may prove very enlightening.

After verifying site integrity, I would then search for information on “Google-jacking” and follow any leads that are generated there. I would also check my site on other search engines as well; if the redirect is only happening for Google, it is likely due to hijacking.

I hope that provides some help, Pablo. My apologies for my previous response.

Regards,
Jeff

[ Gravatar Icon ]

#52Json

This doesn’t seem to help me, I may even have the wrong idea… but could I use version 1 and version 2 at the same time?
I seem to have a very intelligent sort of Spam system attacking my site, almost the human type.

Cheers

[ Gravatar Icon ]

#53Jeff Starr

@Json: Careful with that HTAccess, Eugene! If you are actually contemplating using both versions of this blacklist, it may be best if you do a little more research on the subject to understand what you are doing. So to answer your question: “no”, by all means use the compressed version of the blacklist and call it good. Both versions would be around 90% redundant and thus wasteful of resources.

[ Gravatar Icon ]

#54Json

@Jeff Starr: Thank you.
Cheers

[ Gravatar Icon ]

#55Json

I found a testing system, YIPPEEE!
http://www.botsvsbrowsers.com/SimulateUserAgent.asp
This is neat! Add anything that exists in the “Ultimate htaccess Blacklist 1 OR 2″ you get your “Test Page” instead. I kept searching, believing there was one.

Cheers

[ Gravatar Icon ]

#56Jeff Starr

Json, you are the man! Thanks for finding and sharing that excellent resource with us. I didn’t realize that something like that was available on the Web. Many thanks!
Cheers,
Jeff

[ Gravatar Icon ]

#57Json

@Jeff Starr: Anytime…
I am still a bit lost as to the “/”, “\”, “./” or “.\” (without quotes)
Some of the pages I read have it with “/” or “./” others have it with “\” or “.\”

[ Gravatar Icon ]

#58Jeff Starr

Are you referring to the code presented in this article, the no-referrers article, or the eight ways to blacklist article? You have commented on all three, and I am unable to locate any such code in the article above this particular comment thread. Please try to be specific — there are hundreds of posts and thousands of comments here at Perishable Press! ;)

[ Gravatar Icon ]

#59Json

Sorry, it’s this one;
Block Spam by Denying Access to No-Referrer Requests
I can’t figure out if the folder is needed and which slash to use?
RewriteCond %{REQUEST_URI} .folder/wp-comments-post\.php*
OR
RewriteCond %{REQUEST_URI} .folder\wp-comments-post\.php*
Cheers

[ Gravatar Icon ]

#60Jeff Starr

I thought I answered this question already on the no-referrer comment thread.. But anyway, in a nutshell, the folder isn’t required at all unless you need to specify that particular version of the file. If you decide you need the folder, use a forward slash after its name. The backslash ( \ ) is an escape character that tells Apache to take the following character as a literal entity. Thus, in your second example, you would be escaping the letter “w”, which is pointless because it is already being taken literally. Let me know if this (and the other response on the no-referrer article) is not clear.

[ Gravatar Icon ]

#61Json

Thanks Jeff,
I am still very new to .htaccess, the little things make a huge difference.
I appreciate your site and your help.
Cheers

Trackbacks / Pingbacks

  1. Dealing With Bad Web Bots | derick.in

[ Comments are closed for this post. ]

If you have or need further information, contact me.

Search Perishable Press
Standards-based web design
WordPress, blogging & security
  • WordPress / Plugins, Themes, Tutorials
  • Blogging / Social media, social networking
  • Security / Anti-spam, blacklists, firewalls
Featured Content

Explore Perishable Press

Join 2428.28+ Subscribers
Perishable Resources
Perishable Projects
Random Friends
© 2009 Perishable Press • Design by Monzilla Media
Site CreditsSite MapLinkageTop