Someone was trying to get cute with me, by "iframeing" my search result page via an IMG tag with 0 width and 0 height, in hopes of killing my server resources. My searches are cached, so it doesn't do much damage, since its just a static file being served, but I was wondering if there was anything I can do to "fight back"? I know you can use a frame breaker, had it been an iframe. Is there anything to do in the case of an image?
Asked
Active
Viewed 178 times
1 Answers
1
Try filtering on referrer. Either mod-rewrite or mod-security can be used. See Debain Administration site for examples.
BillThor
- 27,354
- 3
- 35
- 69
-
And then do what with it? It wont always send a referrer either. – Jun 05 '10 at 04:48
-
If it's a hidden image, one could be reasonably sure the hits come from innocent third parties, and most of them send a referrer. Just filter / deny based on the specific domain or url misbehaving being present. – Wrikken Jun 05 '10 at 10:33
-
Is calling your search results page without a referrer a legitimate use case (for SEO reasons etc)? If not - block it. – rackandboneman Dec 14 '12 at 01:26