http-referer

I have implemented the following code to htaccess but are still seeing referrers from semalt, such as: 74.semalt.com 89.semalt.com The code: # Block visits from semalt.com RewriteEngine on RewriteCond %{HTTP_REFERER} ^http://([^.]+\.)*semalt\.com [NC] RewriteRule .* - [F] Any idea how these referrers are bypassing this rule (which I found online) and how I can fully prevent them? Stevie-Ray Hartog Your code looks good, syntax checks out ok! I used these mod_rewrite methods: RewriteCond %{HTTP_REFERER} ^http(s)?://(www\.)?semalt\.com.*$ [NC] RewriteCond %{HTTP_REFERER} ^http(s)?://(.*\.)?semalt

Are there any 'best practices' concerning how one should return a user to their original page after logging in to your website, specifically in PHP? e.g. if I'm viewing a StackOverflow question while not logged in, how would you ensure that I return to this question if I logged in? From my research, it seems a lot of advice centers around the $_SERVER['HTTP_REFERER'] variable. Basically, you take note of the referer and store it in the session, then redirect back to that page when you're done. The problem with this is that HTTP_REFERER is unreliable at best. This is set by the user agent. Not

Suppose I have a webpage located at http://www.website.com with an <iframe> in it. Like this: <html> <head>...</head> <body> ... <iframe src="http://www.washington.edu"> ... </body> </html> Now suppose someone goes to www.website.com and clicks a link in the iframe itself (this link is located on www.washington.edu website). My question is what is the HTTP Referer in this case? Is it http://www.website.com (the page hosting iframe) or is it http://www.washington.edu (the page in which the link was clicked)? muskratt It depends on the browser. Firefox and Safari will report the referrer as http

I need to try and spoof the HTTP_REFERER passed my another page so that in the destination page, I can determine of the request is coming in from the "right" page and perform appropriate logic. How do I do that in JavaScript (AJAX)? Can I do that in ASP.Net? TIA rams Generally speaking, you cannot cause other browsers to return a false HTTP_REFERER without an exploit, plug-in, or other extension. If you want to modify the value sent from your web browser and you are using FireFox, look at the Modify Headers extension. In any case, you should never rely on HTTP_REFERER being accurate. There is

Lets say i have two pages page1.php and page2.php and i want page2.php to be displayed only if it is redirected form page1.php and i inserted this code to page2.php if($_SERVER['HTTP_REFERER'] == "page1.php") { //keep displaying page2.php }else{ //if it is not redirected from page1.php header('Location:page1.php') //redirect the user back to page1.php } this code worked fine until i have a form and a submit button on page2.php when the submit button is clicked the page refreshes which means the HTTP_REFERER will change to page2.php so my if statement fails and it takes me back to page1.php i

I feel like i've done this a ton of times, but i can't for the life of me figure out what is going wrong. Default.aspx: protected void Page_Load(object sender, EventArgs e) { var r1 = Request.UrlReferrer; // null var r2 = Request.ServerVariables["HTTP_REFERRER"]; // null } SingleSignOn.aspx: protected void Page_Load(object sender, EventArgs e) { Response.Redirect("/"); } If i type "/SingleSignOn.aspx" in the URL, it redirects to Default.aspx, but the referrer is null. What am i missing here? What im trying to do (this is a simplified example), is on any page, i will have some JavaScript to do

I want to know whether 301 redirect always preserve referrer. I make a page called "gotoorig_https.html" which contains a hyperlink to a page "orig_https.asp". "orig_https.asp" will 301 redirect to "dest.html" which shows the document.referrer. In this case, http page(gotoorig_https.html) -> orig_https.asp(301 redirect)-> https page (dest.html) <--the referrer preserves https page(gotoorig_https.html) -> orig_https.asp(301 redirect)-> https page (dest.html) <--the referrer preserves I also make a page called "gotoorig_http.html" which contains a hyperlink to a page "orig_http.asp". "orig_http

I'm trying to save the site that a user came from when they sign up. Right now I have a before_filter in my ApplicationController: before_filter :save_referer def save_referer unless is_logged_in? session['referer'] = request.env["HTTP_REFERER"] unless session['referer'] end end Then when a user is created, it checks this session variable and sets it to nil. Sometimes this does not work and I'm worried there might be some unintended things happening with using session like this. Does anyone have a better way? Or some input perhaps? EDIT: This is the logic I am using to save the referer: def