Tuesday, July 10, 2007

Protect Against Invaders by SPAM-Proofing Your Website - Using mod_rewrite

In this section, the use of mod_rewrite is very successful in blocking the SPAMbots and other spybots that visit the website with a mission to either steal your email address or grab information from your website without your permission. Consider this method as a step above using JavaScript, because it stops them before they ever read the webpage itself.  So if you are thinking of using JavaScript on the page to block bots from finding your email, consider the use of mod_rewrite as a primary defense weapon against SPAM and other malicious robots.

One note to readers: The use of mod_rewrite requires that you have it installed on your server, and you have the ability to edit the .htaccess file.  Below is a simple way to locate the .htaccess file while using a program such as CuteFTP (or a similar FTP client that performs the same functions).  If you are unsure whether you have mod_rewrite installed, you should first consult the server administrator with your primary hosting company.  Ask them if you have mod_rewrite and permissions to edit the .htaccess file.

How to Find .htaccess in a Common FTP Client

To locate the .htaccess file, most often you need to display all hidden files present when connecting to your hosting account.

To enable your FTP client to display all hidden files (.htaccess and many other files not normally seen by the user).

  1. First locate your saved site properties.
  2. Right click on the profile of the website you want to display hidden files. This is most often located in the "FTP Sites" section of most clients.
  3. Once you right click on the FTP site, select "SITE PROPERTIES" from the menu.
  4. An option box will load up displaying the site properties of your site. Look for a tab called "ACTIONS" and click on it.
  5. It will display the actions of the site. Locate a gray box called "FILTERS" and click on it.
  6. This will display the "Filters" properties of the site.
  7. Locate the "Enable Filtering" from the options available. Make sure this box is checked.
  8. Once you have checked the enable filtering box, a small box at the bottom of the options will be displayed.
  9. It should say something similar to "Enable Server Side Filtering". Make sure this box is checked as well.
  10. Now enter the following into the "Remote Filter" box: -a

Once you have entered in the filtering options, make sure to click "Ok" or "Apply" in order to save your changes.  You should now be able to see all hidden files on the server.  Make sure you start a new connection to view all files.  If you are still having trouble viewing all your files and can't seem to locate the .htaccess file, don't give up, but consult the system administrator of your hosting account to assist.

How to Setup Your .htaccess File

Once you have confirmed that you do have a .htaccess file, and mod_rewrite is turned on, add the following lines to your .htaccess file:

Options +FollowSymlinks
RewriteEngine On
RewriteBase /

No comments: