The Perl Toolchain Summit needs more sponsors. If your company depends on Perl, please support this very important event.

NAME

Apache::JumpByReferer - Jump or block by Referer header field

SYNOPSIS

You need to compile mod_perl with PERL_ACCESS (or EVERYTHING) enabled. And write the setting like below:

in httpd.conf

 <Directory /protected/directory/>
   PerlAccessHandler Apache::JumpByReferer
   PerlSetVar        RefererListFile conf/jump.conf
   PerlSetVar        JumpByReferer   On
 </Directory>

in RefererListFile (conf/jump.conf)

 # Syntax:
 # Referer Regex                       URL to Jump (or forbidden)

 http://malicious\.site\.example\.com/ http://goodbye.example.com/
 http://another\.malicious\.site/      forbidden
 http://ime\.nu/                       forbidden
 http://[^.]+\.google\.([^/]+)/        /hello_googler.html
 http://[^.]+\.yahoo\.([^/]+)/         /do_you_yahoo/?
 "Field blocked by"                    /do/not/block/the/field/

DESCRIPTION

Apache::JumpByReferer is an access phase handler of Apache + mod_perl. You can block or let the user jump to another URL if the user was coming from your specified web site.

This handler will cache the settings at the first time calling, and check the last-modified time of the RefererListFile, and will re-cache the settings when the file was modified after the last cached time. That is to say, you can always rewrite to change your settings.

Write a regular expressions (REGEX) of your specified URL in the RefererListFile, and join a URL to jump behind the REGEX in the blank(s) if you want to let jump the user. Write and join Forbidden (case insensitive) string behind the REGEX in the blank(s) if you don't want to access to the directory.

DIRECTIVES

  • PerlSetVar JumpByReferer ( On | Off )

    JumpByReferer is a switch to work of this handler. You must write On or Off (case insensitive) value to this directive. It returns DECLINED and will not work if the directive is not set to On.

  • PerlSetVar RefererListFile FILENAME

    You must write your settings to RefererListFile. The file must be readable for the user and group of settings of Apache User and Group directive.

SYNTAX OF RefererListFile

You should write a valid REGEX from line-head. The REGEX will be tested to check it is valid, and cached on this namespace with timestamp of the modified time. But won't be cached if the REGEX is invalid.

and write the jumping URL or Forbidden behind the REGEX.

If you want to write a REGEX which is including some space character, you have to quote it. If you don't quote it, the parsing of the text is failed.

This handler will do internal_redirect() if the URL is internal of own server. And this handler will print a Location header with REDIRECT status if the URL is external. The judgement of it, an external URL is started from http(s)://, or an internal URI is started from others.

The comment line is started by # character, and it will be ignored a blank line.

NOTES

This handler applies as for the initial request, namely does not work for sub request and internal redirect. Because the server may be fallen into endless loop if it applies for them. Almost every non-initial requests are had same Referer header field as initial request. This handler calls the internal redirect, and this handler will redirect to current URI again and again when the handler applies for non-initial request too and the directory setting of redirection URI is inherited the parent settings. Because this case is inside of the effective range of the JumpByReferer setting. Perhaps your system resources are run through in an instant by the handler when the handler works for non-initial request too. Therefore this function (does not work for non-initial request) exists for self-defense. There is probably no problem in this setting. But, understand these things fully when you use this module, please.

TODO

* I should know how to use Apache::test for testing this module.

* I should know whether it's the best way to put the handler under PerlAccessHandler.

* Probably, I should study English more to write the document neatly.

SEE ALSO

mod_perl(1), Apache(3), Text::ParseWords

AUTHOR

Koichi Taniguchi <taniguchi@users.sourceforge.jp>

COPYRIGHT

Copyright (c) 2003 Koichi Taniguchi. Japan. All rights reserved.

This program is free software; you can redistribute it and/or modify it under the same terms as Perl itself.