How do i get htaccess to work in a cgi-bin dir in linux?

I have ucj and someone is hammering my c.cgi 200 times per 2 min period. When i place a htaccess in my cgi-bin i get internal server error


My dir structure is like follows
/httpd/site/cgi-bin
/httpd/site/web

No need to put it in the cgi-bin, just put it in the root and do deny from.

doesnt work i added myself..i can access my site but i can still run my script =(

Man you just got a visit of a hit bot :) put the IP in the htaccess as deny from
the c.cgi is the out part of the script so you cant block it.
Welcome to the real world of TGP.

i use traffic drive but i put the i.php and o.php scripts (in and out scripts) in a directory on their own and put the following line in a htaccess file within that directory.

RewriteEngine On
RewriteCond %{HTTP_REFERER} !^http://([a-z0-9-]+\.)*mydomain.com(:80)*/ [NC]
RewriteRule /* http://www.yahoo.com/[R,L]

this makes sure that only my domain can call the in and out script and can't be called directly by anyone.

roly

Originally posted by roly

RewriteEngine On
RewriteCond %{HTTP_REFERER} !^http://([a-z0-9-]+\.)*mydomain.com(:80)*/ [NC]
RewriteRule /* http://www.yahoo.com/[R,L]

this makes sure that only my domain can call the in and out script and can't be called directly by anyone.


and you think this because you believe the referrer cannot be faked?

no of course the referer can be faked, but it's just a little extra precaution i've done that may help. are you saying it will not work in any instance?

You will stop the honest hitbotters with that rule. And perhaps the stupid ones.

It is possible that you will stop people using Norton's blocker since it seems to send either an empty referrer or a Blocked by Norton referrer. Other privacy blockers block the referrer as well.

Its just when you used the word "anyone" I wondered if you thought the rule was the end-all be-all to people being able to directly hit the page.