Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
436
Views
0
Helpful
6
Replies

Blocking rogue Sites based on referral ??

Go to solution
timparkerEB
Level 1
Level 1

‎08-11-2003 09:03 AM - edited ‎03-09-2019 04:23 AM

Is it possible to block incoming web traffic based on the http_referrer? We are finding more and more sites that are linking to images on our site and I would like to try and block this traffic to eliminate bandwidth stealing. I would like to dump this at the firewall and have it be blocked. Some of recommended writing an ISAPI filter to block this at the webserver level. If possible I want it blocked further up the chain.

TIA.

Tim

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
mostiguy
Level 6
Level 6
In response to timparkerEB

‎08-11-2003 10:19 AM

It is specific to the http protocol, and possibly even a specific web site - conceivably a web hoster could have 100s of web sites on the same web server, each of which might want different configurations for such image hijacking. The pix really isn't an application level firewall, and even those that are (checkpoint, raptor, etc), probably don't offer such a setting.

For IIS, an ISAPI filter might be your only option. I have never had to deal with this probably, but recall hearing that this is a pain to deal with with IIS, whereas with apache it can be dealt with in the out of the box package (no add on isapi filters), IIRC

View solution in original post

0 Helpful
6 Replies 6

Go to solution
mostiguy
Level 6
Level 6

‎08-11-2003 09:22 AM

No, the pix doesn't not have application level features like that. This is generally a web server configuration problem.

0 Helpful

Go to solution
timparkerEB
Level 1
Level 1
In response to mostiguy

‎08-11-2003 09:27 AM

Just curious why you would say that it is a web configuration problem? I would think that you would want to block traffic as far out on the network as you can. Are there other options that I am apparently not aware of that will help me here? We are running IIS5 and I am not aware of an easy way to do what I am asking. Is an ISAPI filter the only way it can be done? TIA.

0 Helpful

Go to solution
mostiguy
Level 6
Level 6
In response to timparkerEB

‎08-11-2003 10:19 AM

It is specific to the http protocol, and possibly even a specific web site - conceivably a web hoster could have 100s of web sites on the same web server, each of which might want different configurations for such image hijacking. The pix really isn't an application level firewall, and even those that are (checkpoint, raptor, etc), probably don't offer such a setting.

For IIS, an ISAPI filter might be your only option. I have never had to deal with this probably, but recall hearing that this is a pain to deal with with IIS, whereas with apache it can be dealt with in the out of the box package (no add on isapi filters), IIRC

0 Helpful

Go to solution
timparkerEB
Level 1
Level 1
In response to mostiguy

‎08-11-2003 10:24 AM

Thanks for your input! I was hoping to block it at the perimeter somehow. Time to get a web filter!

Tim

0 Helpful

Go to solution
timparkerEB
Level 1
Level 1
In response to r-lemaster

‎08-12-2003 12:00 AM

These are great. I have searched for these previously and found nothing! I must not have used the correct words! I will be looking at each of these. Thank you.

Tim

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents