Okay, here is my 2 cents:
Just put hotlink protection script to cgi-bin/ucj/ folder


RewriteEngine on
RewriteOptions inherit
RewriteCond %{HTTP_REFERER} !^http://w*\.*yourdomain.com
RewriteRule c\.cgi$ http://www.yourdomain.com/sendthecheatingfuckerhere.htm


Simply, this will redirect to anywhere, when a NOREF hits c.cgi (Some guys complains about attacking to c.cgi s..)
Don't worry, every click from your or some others page carries referer.

this fucking script is soooooooooo juicy....

this willl tame the hitbot muthafuckers....

XP is the man!!!!two thumbs up man

Full code is:

AuthUserFile /dev/null
AuthGroupFile /dev/null

RewriteEngine on
RewriteOptions inherit
RewriteCond %{HTTP_REFERER} !^http://w*\.*yourdomain.com
RewriteRule c\.cgi$ http://www.yourdomain.com/sendthecheatingfuckerhere.htm


for copy/paste:

AuthUserFile /dev/null
AuthGroupFile /dev/null

RewriteEngine on
RewriteOptions inherit
RewriteCond %{HTTP_REFERER} !^http://w*\.*yourdomain.com
RewriteRule c\.cgi$ http://www.yourdomain.com/sendthecheatingfuckerhere.htm

for RB2/RB4
make c\.cgi$ to cout\.cgi$
Thats all, don't blame your Script owner :=)

If this will do the trick!! your the fawking master!!!

God bless you :-)

What happen if you have bookmarkS ? lmao

I am no ucj or mod_rewrite expert but I assume one can redirect the traffic to a duplicate tgp page. main2.html etc...

Originally posted by Doctor Dre:
<STRONG>What happen if you have bookmarkS ? lmao</STRONG>

Originally posted by Doctor Dre:
<STRONG>What happen if you have bookmarkS ? lmao</STRONG>

This is for filterint no-ref traffic to c.cgi so it works with everykind traffic. Every click has a referer don't forget!

Originally posted by XP:
<STRONG>

This is for filterint no-ref traffic to c.cgi so it works with everykind traffic. Every click has a referer don't forget!</STRONG>

Far from every click has a referer. Depending on your traffic stream, up to and over 20% of legit traffic might not have a referer.

Just FYI :)

moses

XP that was very nice of you to do that man good Job.. I hope that works out for everyone.Thats the best post i have seen all year.. :) :)Bravo....

All clicks has a referer. Maybe Internet explorer 1.0 / Netscape 1.0 not (unsure)

anyway use this .htaccess, if someone attacking your out script. Otherwise you don't need this!

Originally posted by moses:
<STRONG>

Far from every click has a referer. Depending on your traffic stream, up to and over 20% of legit traffic might not have a referer.

Just FYI :)

moses</STRONG>


The bookmarkers are not affected from the XP solution, because your visitors have bookmarked http://www.yourdomain.com/blah_blah.html not http://www.yourdomain.com/blah_blah/c.cgi

... but the hitbot have option to enter URL referrers. So anyone with hitbot can input:

URL referrer: http://www.yourdomain.com/
click URL: http://www.yourdomain.com/blah_blah/c.cgi

In this case there is not defense, or you must deny the access to your site from 2000-3000 proxy IP addresses.

mxmx is right :-)

yes he is right. But he didn't have to inform the hitbot fuckers about that one.

This code will only fuckup your site pretty big I think. Around 50% of the AOL users don't carry on refferers and many proxy surfers don't carry refferers neither.
Offcourse you could always send this kind of traffic to sponsors instead but will fuckup your site in the long run I think

Yeah,

my site crashed after putting in the code

:-(

Aol using Netscape browser and this is HTML 4.0 compatible. So clicks has referers.

also, there is no attack to c.cgi with referer (at least I read this is no-ref and no-cookie clicks to c.cgi is main problem!)

But yes, that can be. Anyway you can protect yourself against newbie cheaters :)

the *only way* is to have c.cgi check for previousely put cookie with so called "today's random code"..

this way ANY "clicks/hits" with any referrer whats so ever are screened for valid actual live person behind them..

i didnt hear yet of a hitbot that can mimic a cookie's data.. maby i'm wrong..

if pro programers know about it let us know..

I think I have a idea how to prevent CJ script to not count hitbost traffic.

If the script generate a code or some kind of id based on what time it is on the local machine and a word that admin chose to use. And then they must have a valid id to send to the out script.. And if the code/id is valid it counts the click as usual and store that code/id so the hitboster can use it again. If it's not valid it just send that user to a popup hell or whatever you like..

But if the hitboster guy know how you generate that id/code it no problem to keep hitbosting with a valid id/code. That maby only work for a time. But then maby a better script has been developed then.

And onther thing is that if a user got onto that site axeacly the same time the same code/id will be used on the same computer and will not work for one of them..

Well what do you think of that idea? Do you think i should do such script or do anyone got a better idea?

Originally posted by XP:
<STRONG>Aol using Netscape browser and this is HTML 4.0 compatible. So clicks has referers.
</STRONG>

XP: Please believe me, there are lots of clicks without referers, regardless of what browser they're using. Several personal firewalls block referer information, and lots of personal, isp, and corporate proxy servers block referers as well -- all in the name of "privacy".

Due is correct about many AOL users not passing referers.

Also, most (all?) hitbots aren't going to follow a 302 redirect, which is what the mod_rewrite thing does if you're sending to an external URL. You don't actually think a hitbot is going to be bothered by consoles, do you? :)

Just be aware that if you send all surfers with no referer to a popup hell, you're going to be losing a lot of legit traffic.

Moses

Ok, here is the protection that will probably 80% protect you from cheating.
I don't gurantee anything and i didn't test it.

.htaccess

RewriteEngine on
RewriteBase /
RewriteRule ^c.cgi$ http://www.yourdomain.com/c_real.cgi

The point is to make external browser redirection that hitbots won't follow.
BUT THERE ARE HITBOTS THAT DO FOLLOW THE 302 Redirection. They work like real browsers.

c.cgi - is a filename that doesn't exists.
c_real.cgi - former c.cgi.

I just want to tell you that none of the so-called solutions posted in this thread are safe.

You are definately likely to be screwed if you think that any .htaccess script looking for some specific HTTP_REFERER information will do the magic trick.

In my studies 95% of all AOL traffic is not passing on the referer value so you would loose a lot of traffic if redirecting them somewhere else.

The ONLY ways of busting a cheater is to compare the cheaters traffic with the average traffic from your other trades.
Always remember a hitbot cannot guess information that only you know. E.g what are the most clicked links on your page and so on.

Always remember that you should never trust any input send from a browser - it could easily be faked.

Hope that will help you not use time on discussing weak protection techniques.

Zyber

Okay
but this thread about stopping newbie attackers, not stopping cheaters

cheers