CiviCRM Community Forums (archive)

*

News:

Have a question about CiviCRM?
Get it answered quickly at the new
CiviCRM Stack Exchange Q+A site
This forum was archived on 25 November 2017. Learn more.
How to get involved.
What to do if you think you've found a bug.



  • CiviCRM Community Forums (archive) »
  • Old sections (read-only, deprecated) »
  • Support »
  • Using CiviCRM »
  • Post-installation Setup and Configuration (Moderator: Dave Greenberg) »
  • Fix: When A Public Profile Is Bombarded With Search Bots (Spiders) on Drupal
Pages: [1]

Author Topic: Fix: When A Public Profile Is Bombarded With Search Bots (Spiders) on Drupal  (Read 1069 times)

CiviTeacher.com

  • I live on this forum
  • *****
  • Posts: 1282
  • Karma: 118
    • CiviTeacher
  • CiviCRM version: 3.4 - 4.5
  • CMS version: Drupal 6&7, Wordpress
  • MySQL version: 5.1 - 5.5
  • PHP version: 5.2 - 5.4
Fix: When A Public Profile Is Bombarded With Search Bots (Spiders) on Drupal
September 09, 2009, 04:50:09 pm
Sometimes when a Profile and its fields are made public and available to people, search engines can find it too.  Even when certain fields are made to be "Public User Pages" as opposed to "Public User Pages And Listings" it is still possible to search on fields that require a fair amount of database strength to execute these queries.  In the case of one of my clients, this was crashing the site.

For instance, even though our field "custom_12" is "Public User Pages" in our Profile, a URL such as this is not rejected by CiviCRM and it will still query the database.
Code: [Select]
http://www.example.com/civicrm/profile?force=1&gid=9&custom_12=Wetlands

I have devised a series of Rewrite Rules which could be placed in a Drupal .htaccess file

Code: [Select]
 RewriteCond %{QUERY_STRING} &?custom_
  RewriteRule ^civicrm/profile http://www.example.org/foo.html? [R=302,L]
  RewriteCond %{QUERY_STRING} &?city
  RewriteRule ^civicrm/profile http://www.example.org/foo.html? [R=302,L]
  RewriteCond %{QUERY_STRING} &?email
  RewriteRule ^civicrm/profile http://www.example.org/foo.html? [R=302,L]
  RewriteCond %{QUERY_STRING} &?postal_code
  RewriteRule ^civicrm/profile http://www.example.org/foo.html? [R=302,L]  
  RewriteCond %{QUERY_STRING} &?phone
  RewriteRule ^civicrm/profile http://www.example.org/foo.html? [R=302,L]
  RewriteCond %{QUERY_STRING} &?last_name
  RewriteRule ^civicrm/profile http://www.example.org/foo.html? [R=302,L]
  RewriteCond %{QUERY_STRING} &?first_name
  RewriteRule ^civicrm/profile http://www.example.org/foo.html? [R=302,L]  

These series of RewriteRules will send all inappropriate searches to a static HTML page, thereby saving a lot of RAM and CPU on your server.

These new rules should be placed before this line:

# Rewrite URLs of the form 'x' to the form 'index.php?q=x'.
« Last Edit: September 09, 2009, 04:52:30 pm by Stoob »
Try CiviTeacher: the online video tutorial CiviCRM learning library.
Pages: [1]
  • CiviCRM Community Forums (archive) »
  • Old sections (read-only, deprecated) »
  • Support »
  • Using CiviCRM »
  • Post-installation Setup and Configuration (Moderator: Dave Greenberg) »
  • Fix: When A Public Profile Is Bombarded With Search Bots (Spiders) on Drupal

This forum was archived on 2017-11-26.