map $http_user_agent $bad_bot { default 0; ~*360Spider 1; ~*360Spider 1; ~*80legs 1; ~*Abonti 1; ~*Aboundex 1; ~*AcoonBot 1; ~*Acunetix 1; ~*adbeat_bot 1; ~*AddThis.com 1; ~*adidxbot 1; ~*ADmantX 1; ~*AhrefsBot 1; ~*AIBOT 1; ~*aiHitBot 1; ~*Alexibot 1; ~*Alligator 1; ~*AllSubmitter 1; ~*AngloINFO 1; ~*Antelope 1; ~*Apexoo 1; ~*asterias 1; ~*attach 1; ~*BackDoorBot 1; ~*BackStreet 1; ~*BackWeb 1; ~*Badass 1; ~*Baid 1; ~*Bandit 1; ~*BatchFTP 1; ~*BBBike 1; ~*BeetleBot 1; ~*Bigfoot 1; ~*billigerbot 1; ~*binlar 1; ~*bitlybot 1; ~*Black.Hole 1; ~*BlackWidow 1; ~*BLEXBot 1; ~*Blow 1; ~*BlowFish 1; ~*BLP_bbot 1; ~*BoardReader 1; ~*Bolt\ 0 1; ~*BOT\ for\ JCE 1; ~*Bot\ mailto\:craftbot@yahoo\.com 1; ~*BotALot 1; ~*Buddy 1; ~*BuiltBotTough 1; ~*Bullseye 1; ~*BunnySlippers 1; ~*casper 1; ~*CazoodleBot 1; ~*CCBot 1; ~*Cegbfeieh 1; ~*checkprivacy 1; ~*CheeseBot 1; ~*CherryPicker 1; ~*ChinaClaw 1; ~*chromeframe 1; ~*Clerkbot 1; ~*Cliqzbot 1; ~*clshttp 1; ~*Cogentbot 1; ~*cognitiveseo 1; ~*Collector 1; ~*CommonCrawler 1; ~*comodo 1; ~*Copier 1; ~*CopyRightCheck 1; ~*cosmos 1; ~*CPython 1; ~*crawler4j 1; ~*Crawlera 1; ~*CRAZYWEBCRAWLER 1; ~*Crescent 1; ~*CSHttp 1; ~*Curious 1; # ~*Curl 1; # 개발/테스트용으로 허용 ~*Custo 1; ~*CWS_proxy 1; ~*Default\ Browser\ 0 1; ~*Demon 1; ~*DeuSu 1; ~*Devil 1; ~*diavol 1; ~*DigExt 1; ~*Digincore 1; ~*DIIbot 1; ~*DISCo 1; ~*discobot 1; ~*DittoSpyder 1; ~*DoCoMo 1; ~*DotBot 1; ~*Download.Demon 1; ~*Download.Devil 1; ~*Download.Wonder 1; ~*Download\ Demo 1; ~*dragonfly 1; ~*Drip 1; ~*DTS.Agent 1; ~*EasouSpider 1; ~*EasyDL 1; ~*ebingbong 1; ~*eCatch 1; ~*ecxi 1; ~*EirGrabber 1; ~*Elmer 1; ~*EmailCollector 1; ~*EmailSiphon 1; ~*EmailWolf 1; ~*EroCrawler 1; ~*Exabot 1; ~*ExaleadCloudView 1; ~*ExpertSearch 1; ~*ExpertSearchSpider 1; ~*Express 1; ~*Express\ WebPictures 1; ~*extract 1; ~*Extractor 1; ~*ExtractorPro 1; ~*EyeNetIE 1; ~*Ezooms 1; ~*F2S 1; ~*FastSeek 1; ~*feedfinder 1; ~*FeedlyBot 1; ~*FHscan 1; ~*finbot 1; ~*Flamingo_SearchEngine 1; ~*FlappyBot 1; ~*FlashGet 1; ~*flicky 1; ~*Flipboard 1; ~*FlipboardProxy 1; ~*flunky 1; ~*Foobot 1; ~*FrontPage 1; ~*g00g1e 1; ~*GalaxyBot 1; ~*genieo 1; ~*Genieo 1; ~*GetRight 1; ~*GetWeb\! 1; ~*GigablastOpenSource 1; ~*Go\-Ahead\-Got\-It 1; ~*Go\!Zilla 1; ~*gotit 1; ~*GozaikBot 1; ~*grab 1; ~*Grabber 1; ~*GrabNet 1; ~*Grafula 1; ~*GrapeshotCrawler 1; ~*GT\:\:WWW 1; ~*GTB5 1; ~*Guzzle 1; ~*harvest 1; ~*Harvest 1; ~*HEADMasterSEO 1; ~*heritrix 1; ~*hloader 1; ~*HMView 1; ~*HomePageBot 1; ~*htmlparser 1; ~*HTTP\:\:Lite 1; ~*httrack 1; ~*HTTrack 1; ~*HubSpot 1; ~*humanlinks 1; ~*ia_archiver 1; ~*icarus6 1; ~*id\-search 1; ~*IDBot 1; ~*IlseBot 1; ~*Image.Stripper 1; ~*Image.Sucker 1; ~*Image\ Stripper 1; ~*Image\ Sucker 1; ~*imagefetch 1; ~*Indigonet 1; ~*Indy\ Library 1; ~*InfoNaviRobot 1; ~*InfoTekies 1; ~*integromedb 1; ~*Intelliseek 1; ~*InterGET 1; ~*Internet\ Ninja 1; ~*InternetSeer\.com 1; ~*Iria 1; ~*IRLbot 1; ~*ISC\ Systems\ iRc\ Search\ 2\.1 1; ~*jakarta 1; ~*Jakarta 1; ~*Java 1; ~*JennyBot 1; ~*JetCar 1; ~*JikeSpider 1; ~*JobdiggerSpider 1; ~*JOC 1; ~*JOC\ Web\ Spider 1; ~*Jooblebot 1; ~*JustView 1; ~*Jyxobot 1; ~*kanagawa 1; ~*Kenjin.Spider 1; ~*Keyword.Density 1; ~*KINGSpider 1; ~*kmccrew 1; ~*larbin 1; ~*LeechFTP 1; ~*LeechGet 1; ~*LexiBot 1; ~*lftp 1; ~*libWeb 1; ~*libwww 1; ~*libwww-perl 1; ~*likse 1; ~*Lingewoud 1; ~*LinkChecker 1; ~*linkdexbot 1; ~*LinkextractorPro 1; ~*LinkScan 1; ~*LinksCrawler 1; ~*LinksManager\.com_bot 1; ~*linkwalker 1; ~*LinkWalker 1; ~*LinqiaRSSBot 1; ~*LivelapBot 1; ~*LNSpiderguy 1; ~*ltx71 1; ~*LubbersBot 1; ~*lwp\-trivial 1; ~*Mag-Net 1; ~*Magnet 1; ~*Mail.RU_Bot 1; ~*majestic12 1; ~*MarkWatch 1; ~*Mass.Downloader 1; ~*Mass\ Downloader 1; ~*masscan 1; ~*Mata.Hari 1; ~*maverick 1; ~*Maxthon$ 1; ~*Mediatoolkitbot 1; ~*megaindex 1; ~*MegaIndex 1; ~*Memo 1; ~*MetaURI 1; ~*MFC_Tear_Sample 1; ~*Microsoft\ URL\ Control 1; ~*microsoft\.url 1; ~*MIDown\ tool 1; ~*MIIxpc 1; ~*miner 1; ~*Missigua\ Locator 1; ~*Mister\ PiX 1; ~*MJ12bot 1; ~*Mozilla.*Indy 1; ~*Mozilla.*NEWT 1; ~*MSFrontPage 1; ~*MSIECrawler 1; ~*msnbot 1; ~*NAMEPROTECT 1; ~*Navroad 1; ~*NearSite 1; ~*Net\ Vampire 1; ~*NetAnts 1; ~*Netcraft 1; ~*netEstate 1; ~*NetMechanic 1; ~*NetSpider 1; ~*NetZIP 1; ~*NextGenSearchBot 1; ~*NICErsPRO 1; ~*niki\-bot 1; ~*NimbleCrawler 1; ~*Nimbostratus\-Bot 1; ~*Ninja 1; ~*nmap 1; ~*Nmap 1; ~*NPbot 1; ~*nutch 1; ~*Octopus 1; ~*Offline\.Explorer 1; ~*Offline\.Navigator 1; ~*Offline\ Explorer 1; ~*Offline\ Navigator 1; ~*Openfind 1; ~*OpenindexSpider 1; ~*OpenLinkProfiler 1; ~*OpenWebSpider 1; ~*OrangeBot 1; ~*OutfoxBot 1; ~*Owlin 1; ~*PageGrabber 1; ~*PagesInventory 1; ~*panopta 1; ~*panscient\.com 1; ~*Papa\ Foto 1; ~*pavuk 1; ~*pcBrowser 1; ~*PECL\:\:HTTP 1; ~*PeoplePal 1; ~*Photon 1; ~*PHPCrawl 1; ~*Pixray 1; ~*planetwork 1; ~*PleaseCrawl 1; ~*PNAMAIN\.EXE 1; ~*Pockey 1; ~*PodcastPartyBot 1; ~*prijsbest 1; ~*probethenet 1; ~*ProPowerBot 1; ~*ProWebWalker 1; ~*proximic 1; ~*psbot 1; ~*Pump 1; ~*purebot 1; ~*pycurl 1; ~*python\-requests 1; ~*QueryN\.Metasearch 1; ~*QuerySeekerSpider 1; ~*R6_CommentReader 1; ~*R6_FeedFetcher 1; ~*RealDownload 1; ~*Reaper 1; ~*Recorder 1; ~*ReGet 1; ~*RepoMonkey 1; ~*Riddler 1; ~*Ripper 1; ~*Rippers\ 0 1; ~*RMA 1; ~*rogerbot 1; ~*RSSingBot 1; ~*rv\:1\.9\.1 1; ~*RyzeCrawler 1; ~*SafeSearch 1; ~*SBIder 1; ~*scanbot 1; ~*Scrapy 1; ~*Screaming 1; ~*SeaMonkey$ 1; ~*search_robot 1; ~*SearchmetricsBot 1; ~*Semrush 1; ~*SemrushBot 1; ~*semrush\.com 1; ~*SemrushBot-BA 1; ~*SentiBot 1; ~*SEOkicks 1; ~*SEOkicks\-Robot 1; ~*seoscanners 1; ~*SeznamBot 1; ~*ShowyouBot 1; ~*SightupBot 1; ~*Siphon 1; ~*SISTRIX 1; ~*sitecheck\.internetseer\.com 1; ~*siteexplorer\.info 1; ~*Siteimprove 1; ~*SiteSnagger 1; ~*SiteSucker 1; ~*skygrid 1; ~*Slackbot 1; ~*Slurp 1; ~*SlySearch 1; ~*SmartDownload 1; ~*Snake 1; ~*Snapbot 1; ~*Snoopy 1; ~*sogou 1; ~*Sogou 1; ~*Sosospider 1; ~*SpaceBison 1; ~*SpankBot 1; ~*spanner 1; ~*spaumbot 1; ~*spbot 1; ~*Spinn4r 1; ~*Sqworm 1; ~*Steeler 1; ~*Stripper 1; ~*sucker 1; ~*Sucker 1; ~*SuperBot 1; ~*Superfeedr 1; ~*SuperHTTP 1; ~*SurdotlyBot 1; ~*Surfbot 1; ~*suzuran 1; ~*Szukacz 1; ~*tAkeOut 1; ~*Teleport 1; ~*Teleport\ Pro 1; ~*Telesoft 1; ~*The\.Intraformant 1; ~*TheNomad 1; ~*TightTwatBot 1; ~*TinEye 1; ~*TinEye\-bot 1; ~*Titan 1; ~*Toata\ dragostea\ mea\ pentru\ diavola 1; ~*Toplistbot 1; ~*trendictionbot 1; ~*trovitBot 1; ~*True_Robot 1; ~*turingos 1; ~*turnit 1; ~*TurnitinBot 1; ~*Twitterbot 1; ~*URI\:\:Fetch 1; ~*urllib 1; ~*URLy\.Warning 1; ~*Vacuum 1; ~*Vagabondo 1; ~*VCI 1; ~*VidibleScraper 1; ~*vikspider 1; ~*VoidEYE 1; ~*VoilaBot 1; ~*WallpapersHD 1; ~*WBSearchBot 1; ~*Web.Image.Collector 1; ~*Web\ Image\ Collector 1; ~*Web\ Sucker 1; ~*webalta 1; ~*WebAuto 1; ~*WebBandit 1; ~*WebCollage 1; ~*WebCopier 1; ~*WebEnhancer 1; ~*WebFetch 1; ~*WebFuck 1; ~*WebGo\ IS 1; ~*WebLeacher 1; ~*WebmasterWorldForumBot 1; ~*WebPix 1; ~*WebReaper 1; ~*WebSauger 1; ~*WebShag 1; ~*Website\.eXtractor 1; ~*Website\ eXtractor 1; ~*Website\ Quester 1; ~*Webster 1; ~*WebStripper 1; ~*WebSucker 1; ~*WebWhacker 1; ~*WebZIP 1; ~*Wells\ Search\ II 1; ~*WEP\ Search 1; ~*WeSEE 1; ~*Wget 1; ~*Whack 1; ~*Whacker 1; ~*Widow 1; ~*WinHTTrack 1; ~*WinInet 1; ~*WISENutbot 1; ~*woobot 1; ~*woopingbot 1; ~*worldwebheritage.org 1; ~*Wotbox 1; ~*WPScan 1; ~*WWW\-Collector\-E 1; ~*WWW\-Mechanize 1; ~*WWWOFFLE 1; ~*Xaldon 1; ~*Xaldon\ WebSpider 1; ~*Xenu 1; ~*XoviBot 1; ~*yacybot 1; ~*YisouSpider 1; ~*Zade 1; ~*zermelo 1; ~*Zeus 1; ~*zh\-CN 1; ~*ZmEu 1; ~*ZumBot 1; ~*Zyborg 1; ~*ZyBorg 1; ~*Yandex 1; ~*YandexBot 1; ~*Baiduspider 1; ~*BaiduSpider 1; ~*Slackbot 1; } map $http_user_agent $bad_bot1 { default 0; ~*^Lynx 0; # Let Lynx go through libwww-perl 1; ~*(?i)(80legs|360Spider|Aboundex|AhrefsBot|Daumoa|DataForSeoBot|DaumBot|applebot|BLEXBot|serpstatbot|MediaMathbot|Abonti|Acunetix|^AIBOT|^Alexibot|Alligator|AllSubmitter|Apexoo|^asterias|^attach|^BackDoorBot|^BackStreet|^BackWeb|Badass|Bandit|petalbot|Baid|Baiduspider|^BatchFTP|^Bigfoot|^Black.Hole|^BlackWidow|BlackWidow|^BlowFish|Blow|^BotALot|Buddy|^BuiltBotTough|^Bullseye|^BunnySlippers|BBBike|^Cegbfeieh|^CheeseBot|^CherryPicker|^ChinaClaw|^Cogentbot|CPython|Collector|cognitiveseo|Copier|^CopyRightCheck|^cosmos|^Crescent|CSHttp|^Custo|^Demon|^Devil|^DISCo|^DIIbot|discobot|^DittoSpyder|Download.Demon|Download.Devil|Download.Wonder|^dragonfly|^Drip|^eCatch|^EasyDL|^ebingbong|^EirGrabber|^EmailCollector|^EmailSiphon|^EmailWolf|^EroCrawler|^Exabot|^Express|Extractor|^EyeNetIE|FHscan|^FHscan|^flunky|^Foobot|^FrontPage|GalaxyBot|^gotit|Grabber|^GrabNet|^Grafula|^Harvest|^HEADMasterSEO|^hloader|^HMView|^HTTrack|httrack|HTTrack|htmlparser|^humanlinks|^IlseBot|Image.Stripper|Image.Sucker|imagefetch|^InfoNaviRobot|^InfoTekies|^Intelliseek|^InterGET|^Iria|^Jakarta|^JennyBot|^JetCar|JikeSpider|^JOC|^JustView|^Jyxobot|^Kenjin.Spider|^Keyword.Density|libwww|^larbin|LeechFTP|LeechGet|^LexiBot|^lftp|^libWeb|^likse|^LinkextractorPro|^LinkScan|^LNSpiderguy|^LinkWalker|msnbot|MSIECrawler|MJ12bot|MegaIndex|^Magnet|^Mag-Net|^MarkWatch|Mass.Downloader|masscan|^Mata.Hari|^Memo|^MIIxpc|^NAMEPROTECT|^Navroad|^NearSite|^NetAnts|^Netcraft|^NetMechanic|^NetSpider|^NetZIP|^NextGenSearchBot|^NICErsPRO|^niki-bot|^NimbleCrawler|^Nimbostratus-Bot|^Ninja|^Nmap|nmap|^NPbot|Offline.Explorer|Offline.Navigator|OpenLinkProfiler|^Octopus|^Openfind|^OutfoxBot|Pixray|probethenet|proximic|^PageGrabber|^pavuk|^pcBrowser|^Pockey|^ProPowerBot|^ProWebWalker|^psbot|^Pump|python-requests|^QueryN.Metasearch|^RealDownload|Reaper|^Reaper|^Ripper|Ripper|Recorder|^ReGet|^RepoMonkey|^RMA|scanbot|SEOkicks-Robot|seoscanners|^Stripper|^Sucker|Siphon|Siteimprove|^SiteSnagger|SiteSucker|^SlySearch|^SmartDownload|^Snake|^Snapbot|^Snoopy|Sosospider|^sogou|spbot|^SpaceBison|^spanner|^SpankBot|Spinn4r|^Sqworm|Sqworm|Stripper|Sucker|^SuperBot|SuperHTTP|^SuperHTTP|^Surfbot|^suzuran|^Szukacz|^tAkeOut|^Teleport|^Telesoft|^TurnitinBot|^The.Intraformant|^TheNomad|^TightTwatBot|^Titan|^True_Robot|^turingos|^TurnitinBot|^URLy.Warning|^Vacuum|^VCI|VidibleScraper|^VoidEYE|^WebAuto|^WebBandit|^WebCopier|^WebEnhancer|^WebFetch|^Web.Image.Collector|^WebLeacher|^WebmasterWorldForumBot|WebPix|^WebReaper|^WebSauger|Website.eXtractor|^Webster|WebShag|^WebStripper|WebSucker|^WebWhacker|^WebZIP|Whack|Whacker|^Widow|Widow|WinHTTrack|^WISENutbot|WWWOFFLE|^WWWOFFLE|^WWW-Collector-E|^Xaldon|^Xenu|^Zade|^Zeus|ZmEu|^Zyborg|SemrushBot|^WebFuck|^MJ12bot|^majestic12|^WallpapersHD) 1; } ## Add here all referrers that are to blocked. map $http_referer $bad_referer { default 0; ~(?i)(adcash|advair|allegra|ambien|amoxicillin|adult|anal|asshole|babes|baccarat|betting|bithack|blackjack|cash|casino|celeb|cheap|cialis|craps|credit|click|cunt|deal|debt|drug|diamond|effexor|equity|faxo|finance|fisting|forsale|gambling|gaysex|girl|hardcore|hold-em|holdem|iconsurf|ilovevitaly|insurance|interest|internetsupervision|jewelry|keno|levitra|lipitor|loan|loans|love|makemoneyonline|make-money-online|meds|money|mortgage|myftpupload|nudit|omaha|organic|paxil|pharmacy|pharmacies|phentermine|pheromone|pills|piss|poker|porn|poweroversoftware|refinance|replica|rimming|roulette|screentoolkit|seoexperimenty|sex|snuff|scout|seventwentyfour|slot|slots|syntryx|teen|texas|t0phackteam|tournament|tramadol|tramidol|valtrex|vvakhrin-ws1|viagra|vicodin|webcam|xanax|xnxx|xxxrus|zanax|zippo|zoloft) 1; } ## Add here all bad referer domains to be blocked - broken up into sections ## Alphabetical A - E (incl numbers) map $http_referer $bad_urls1 { default 0; ~(?i)(^http://(www\.)?38ha(-|.).*$|^http://(www\.)?4free(-|.).*$|^http://(www\.)?4hs8(-|.).*$|^http://(www\.)?4t(-|.).*$|^http://(www\.)?4u(-|.).*$|^http://(www\.)?6q(-|.).*$|^http://(www\.)?7makemoneyonline(-|.).*$|^http://(www\.)?8gold(-|.).*$|^http://(www\.)?911(-|.).*$|^http://(www\.)?adcash(-|.).*$|^http://(www\.)?.*(-|.)?adult(-|.).*$|^http://(www\.)?.*(-|.)?acunetix-referrer(-|.).*$|^http://(www\.)?abalone(-|.).*$|^http://(www\.)?adminshop(-|.).*$|^http://(www\.)?adultactioncam(-|.).*$|^http://(www\.)?aizzo(-|.).*$|^http://(www\.)?alphacarolinas(-|.).*$|^http://(www\.)?amateur(-|.).*$|^http://(www\.)?amateurxpass(-|.).*$|^http://(www\.)?.*(-|.)?anal(-|.).*$|^http://(www\.)?ansar-u-deen(-|.).*$|^http://(www\.)?atelebanon(-|.).*$|^http://(www\.)?beastiality(-|.).*$|^http://(www\.)?bestiality(-|.).*$|^http://(www\.)?belize(-|.).*$|^http://(www\.)?best-deals(-|.).*$|^http://(www\.)?bithack(-|.).*$|^http://(www\.)?blogincome(-|.).*$|^http://(www\.)?bontril(-|.).*$|^http://(www\.)?bruce-holdeman(-|.).*$|^http://(www\.)?.*(-|.)?blow.?job(-|.).*$|^http://(www\.)?buttons-for-website(-|.).*$|^http://(www\.)?ca-america(-|.).*$|^http://(www\.)?chatt-net(-|.).*$|^http://(www\.)?cenokos(-|.).*$|^http://(www\.)?cenoval(-|.).*$|^http://(www\.)?cityadspix(-|.).*$|^http://(www\.)?commerce(-|.).*$|^http://(www\.)?condo(-|.).*$|^http://(www\.)?conjuratia(-|.).*$|^http://(www\.)?consolidate(-|.).*$|^http://(www\.)?coswap(-|.).*$|^http://(www\.)?crescentarian(-|.).*$|^http://(www\.)?crepesuzette(-|.).*$|^http://(www\.)?darodar(-|.).*$|^http://(www\.)?dating(-|.).*$|^http://(www\.)?devaddict(-|.).*$|^http://(www\.)?discount(-|.).*$|^http://(www\.)?doobu(-|.).*$|^http://(www\.)?domainsatcost(-|.).*$|^http://(www\.)?econom.co(-|.).*$|^http://(www\.)?edakgfvwql(-|.).*$|^http://(www\.)?.*(-|.)?sex(-|.).*$|^http://(www\.)?e-site(-|.).*$|^http://(www\.)?egygift(-|.).*$|^http://(www\.)?empathica(-|.).*$|^http://(www\.)?empirepoker(-|.).*$|^http://(www\.)?e-poker-2005(-|.).*$|^http://(www\.)?escal8(-|.).*$|^http://(www\.)?eurip(-|.).*$|^http://(www\.)?exitq(-|.).*$|^http://(www\.)?eyemagination(-|.).*$) 1; } ## F - I map $http_referer $bad_urls2 { default 0; ~(?i)(^http://(www\.)?fastcrawl(-|.).*$|^http://(www\.)?fearcrow(-|.).*$|^http://(www\.)?ferretsoft(-|.).*$|^http://(www\.)?fick(-|.).*$|^http://(www\.)?finance(-|.).*$|^http://(www\.)?flafeber(-|.).*$|^http://(www\.)?fidelityfunding(-|.).*$|^http://(www\.)?freakycheats(-|.).*$|^http://(www\.)?freeality(-|.).*$|^http://(www\.)?fuck(-|.).*$|^http://(www\.)?future-2000(-|.).*$|^http://(www\.)?.*(-|.)?gay(-|.).*$|^http://(www\.)?gobongo.info(-|.).*$|^http://(www\.)?gabriola(-|.).*$|^http://(www\.)?gallerylisting(-|.).*$|^http://(www\.)?gb.com(-|.).*$|^http://(www\.)?ghostvisitor(-|.).*$|^http://(www\.)?globusy(-|.).*$|^http://(www\.)?golf-e-course(-|.).*$|^http://(www\.)?gospelcom(-|.).*$|^http://(www\.)?gradfinder(-|.).*$|^http://(www\.)?hasfun(-|.).*$|^http://(www\.)?herbal(-|.).*$|^http://(www\.)?hermosa(-|.).*$|^http://(www\.)?highprofitclub(-|.).*$|^http://(www\.)?hilton(-|.).*$|^http://(www\.)?teaminspection(-|.).*$|^http://(www\.)?hotel(-|.).*$|^http://(www\.)?houseofseven(-|.).*$|^http://(www\.)?hurricane(-|.).*$|^http://(www\.)?.*(-|.)?incest(-|.).*$|^http://(www\.)?iaea(-|.).*$|^http://(www\.)?ilovevitality(-|.).*$|^http://(www\.)?ime(-|.).*$|^http://(www\.)?info(-|.).*$|^http://(www\.)?ingyensms(-|.).*$|^http://(www\.)?inkjet-toner(-|.).*$|^http://(www\.)?isacommie(-|.).*$|^http://(www\.)?istarthere(-|.).*$|^http://(www\.)?it.tt(-|.).*$|^http://(www\.)?italiancharms(-|.).*$|^http://(www\.)?iwantu(-|.).*$|^http://(www\.)?ilovevitality(-|.).*$|^http://(www\.)?iskalko.ru(-|.).*$) 1; } ## J - P map $http_referer $bad_urls3 { default 0; ~(?i)(^http://(www\.)?jfcadvocacy(-|.).*$|^http://(www\.)?jmhic(-|.).*$|^http://(www\.)?juris(-|.).*$|^http://(www\.)?kylos(-|.).*$|^http://(www\.)?laser-eye(-|.).*$|^http://(www\.)?leathertree(-|.).*$|^http://(www\.)?lillystar(-|.).*$|^http://(www\.)?linkerdome(-|.).*$|^http://(www\.)?livenet(-|.).*$|^http://(www\.)?low-limit(-|.).*$|^http://(www\.)?lowest-price(-|.).*$|^http://(www\.)?luxup.ru(-|.).*$|^http://(www\.)?macsurfer(-|.).*$|^http://(www\.)?mall.uk(-|.).*$|^http://(www\.)?maloylawn(-|.).*$|^http://(www\.)?marketing(-|.).*$|^http://(www\.)?.*(-|.)?mature(-|.).*$|^http://(www\.)?mcdortaklar(-|.).*$|^http://(www\.)?mediavisor(-|.).*$|^http://(www\.)?medications(-|.).*$|^http://(www\.)?mirror.sytes(-|.).*$|^http://(www\.)?mp3(-|.).*$|^http://(www\.)?(-|.)musicbox1(-|.).*$|^http://(www\.)?myftpupload(-|.).*$|^http://(www\.)?naked(-|.).*$|^http://(www\.)?netdisaster(-|.).*$|^http://(www\.)?netfirms(-|.).*$|^http://(www\.)?newtruths(-|.).*$|^http://(www\.)?no-limit(-|.).*$|^http://(www\.)?nude(-|.).*$|^http://(www\.)?nudeceleb(-|.).*$|^http://(www\.)?nutzu(-|.).*$|^http://(www\.)?odge(-|.).*$|^http://(www\.)?oiline(-|.).*$|^http://(www\.)?onlinegamingassoc(-|.).*$|^http://(www\.)?outpersonals(-|.).*$|^http://(www\.)?o-o-6-o-o.ru(-|.).*$|^http://(www\.)?o-o-8-o-o.ru(-|.).*$|^http://(www\.)?pagetwo(-|.).*$|^http://(www\.)?paris(-|.).*$|^http://(www\.)?passions(-|.).*$|^http://(www\.)?peblog(-|.).*$|^http://(www\.)?peng(-|.).*$|^http://(www\.)?perfume-cologne(-|.).*$|^http://(www\.)?personal(-|.).*$|^http://(www\.)?php-soft(-|.).*$|^http://(www\.)?pisoc(-|.).*$|^http://(www\.)?pisx(-|.).*$|^http://(www\.)?popwow(-|.).*$|^http://(www\.)?porn(-|.).*$|^http://(www\.)?prescriptions(-|.).*$|^http://(www\.)?priceg(-|.).*$|^http://(www\.)?.*(-|.)?pus*y(-|.).*$|^http://(www\.)?printdirectforless(-|.).*$|^http://(www\.)?ps2cool(-|.).*$|^http://(www\.)?psnarones(-|.).*$|^http://(www\.)?psxtreme(-|.).*$) 1; } ## Q - Z map $http_referer $bad_urls4 { default 0; ~(?i)(^http://(www\.)?quality-traffic(-|.).*$|^http://(www\.)?registrarprice(-|.).*$|^http://(www\.)?reliableresults(-|.).*$|^http://(www\.)?rimpim(-|.).*$|^http://(www\.)?ro7kalbe(-|.).*$|^http://(www\.)?rohkalby(-|.).*$|^http://(www\.)?ronnieazza(-|.).*$|^http://(www\.)?rulo.biz(-|.).*$|^http://(www\.)?responsinator(-|.).*$|^http://(www\.)?s5(-|.).*$|^http://(www\.)?samiuls(-|.).*$|^http://(www\.)?savefrom(-|.).*$|^http://(www\.)?savetubevideo.com(-|.).*$|^http://(www\.)?screentoolkit.com(-|.).*$|^http://(www\.)?searchedu(-|.).*$|^http://(www\.)?semalt.com(-|.).*$|^http://(www\.)?seoexperimenty(-|.).*$|^http://(www\.)?seventwentyfour(-|.).*$|^http://(www\.)?seventwentyfour.*$|^http://(www\.)?sex(-|.).*$|^http://(www\.)?sexsearch(-|.).*$|^http://(www\.)?sexsq(-|.).*$|^http://(www\.)?shoesdiscount(-|.).*$|^http://(www\.)?site-4u(-|.).*$|^http://(www\.)?site5(-|.).*$|^http://(www\.)?slatersdvds(-|.).*$|^http://(www\.)?slftsdybbg.ru(-|.).*$|^http://(www\.)?sml338(-|.).*$|^http://(www\.)?sms(-|.).*$|^http://(www\.)?smsportali(-|.).*$|^http://(www\.)?socialseet.ru(-|.).*$|^http://(www\.)?software(-|.).*$|^http://(www\.)?sortthemesitesby(-|.).*$|^http://(www\.)?spears(-|.).*$|^http://(www\.)?spoodles(-|.).*$|^http://(www\.)?sportsparent(-|.).*$|^http://(www\.)?srecorder(-|.).*$|^http://(www\.)?stmaryonline(-|.).*$|^http://(www\.)?superiends.org(-|.).*$|^http://(www\.)?strip(-|.).*$|^http://(www\.)?suttonjames(-|.).*$|^http://(www\.)?talk.uk-yankee(-|.).*$|^http://(www\.)?tecrep-inc(-|.).*$|^http://(www\.)?teen(-|.).*$|^http://(www\.)?terashells(-|.).*$|^http://(www\.)?thatwhichis(-|.).*$|^http://(www\.)?thorcarlson(-|.).*$|^http://(www\.)?.*(-|.)?tits(-|.).*$|^http://(www\.)?.*(-|.)?titten(-|.).*$|^http://(www\.)?tmsathai(-|.).*$|^http://(www\.)?traffixer(-|.).*$|^http://(www\.)?tranny(-|.).*$|^http://(www\.)?valeof(-|.).*$|^http://(www\.)?video(-|.).*$|^http://(www\.)?vinhas(-|.).*$|^http://(www\.)?vixen1(-|.).*$|^http://(www\.)?vpshs(-|.).*$|^http://(www\.)?vrajitor(-|.).*$|^http://(www\.)?vodkoved.ru(-|.).*$|^http://(www\.)?w3md(-|.).*$|^http://(www\.)?websocial.me(-|.).*$|^http://(www\.)?webdevsquare(-|.).*$|^http://(www\.)?whois(-|.).*$|^http://(www\.)?withdrawal(-|.).*$|^http://(www\.)?worldemail(-|.).*$|^http://(www\.)?wslp24(-|.).*$|^http://(www\.)?ws-op(-|.).*$|^http://(www\.)?xnxx(-|.).*$|^http://(www\.)?xopy(-|.).*$|^http://(www\.)?xxx(-|.).*$|^http://(www\.)?yelucie(-|.).*$|^http://(www\.)?youradulthosting(-|.).*$|^http://(www\.)?ykecwqlixx.ru(-|.).*$|^http://(www\.)?yougetsignal.com(-|.).*$|^http://(www\.)?(-|.)zindagi(-|.).*$) 1; } ## Domains Linked to Yontoo Browser Malware and a Few Other New Ones ## Have split this into it's own section to keep lines shorter NOTE: changes to instructions ## adding if ($bad_urls5) and if ($bad_urls6) to your site(s) config. map $http_referer $bad_urls5 { default 0; ~(?i)(^http://(www\.)?101raccoon.ru(-|.).*$|^http://(www\.)?28n2gl3wfyb0.ru(-|.).*$|^http://(www\.)?627ad6438b58439cad1fc8cf6d67a92e.com(-|.).*$|^http://(www\.)?6ab9743d0152486387559b4abaa02ada.com(-|.).*$|^http://(www\.)?a342ae9750004b14b55f7310eff0ab65.com(-|.).*$|^http://(www\.)?aa08daf7e13b6345e09e92f771507fa5f4.com(-|.).*$|^http://(www\.)?aa14ab57a3339c4064bd9ae6fad7495b5f.com(-|.).*$|^http://(www\.)?aa625d84f1587749c1ab011d6f269f7d64.com(-|.).*$|^http://(www\.)?aa81bf391151884adfa3dd677e41f94be1.com(-|.).*$|^http://(www\.)?aa8780bb28a1de4eb5bff33c28a218a930.com(-|.).*$|^http://(www\.)?aa8b68101d388c446389283820863176e7.com(-|.).*$|^http://(www\.)?aa9bd78f328a6a41279d0fad0a88df1901.com(-|.).*$|^http://(www\.)?aa9d046aab36af4ff182f097f840430d51.com(-|.).*$|^http://(www\.)?aaa38852e886ac4af1a3cff9b47cab6272.com(-|.).*$|^http://(www\.)?aab94f698f36684c5a852a2ef272e031bb.com(-|.).*$|^http://(www\.)?aac500b7a15b2646968f6bd8c6305869d7.com(-|.).*$|^http://(www\.)?aac52006ec82a24e08b665f4db2b5013f7.com(-|.).*$|^http://(www\.)?aad1f4acb0a373420d9b0c4202d38d94fa.com(-|.).*$|^http://(www\.)?asrv-a.akamoihd.net(-|.).*$|^http://(www\.)?asrvrep-a.akamaihd.net(-|.).*$|^http://(www\.)?bestpriceninja.com(-|.).*$|^http://(www\.)?bronzeaid-a.akamaihd.net(-|.).*$|^http://(www\.)?browsepulse-a.akamaihd.net(-|.).*$|^http://(www\.)?cashkitten-a.akamaihd.net(-|.).*$|^http://(www\.)?coolbar.pro(-|.).*$) 1; } map $http_referer $bad_urls6 { default 0; ~(?i)(^http://(www\.)?davebestdeals.com(-|.).*$|^http://(www\.)?discovertreasure-a.akamaihd.net(-|.).*$|^http://(www\.)?discovertreasurenow.com(-|.).*$|^http://(www\.)?foxydeal.com(-|.).*$|^http://(www\.)?gameonasia.com(-|.).*$|^http://(www\.)?gameplexcity.com(-|.).*$|^http://(www\.)?gamerextra.com(-|.).*$|^http://(www\.)?gamerscorps.com(-|.).*$|^http://(www\.)?gamewrath.com(-|.).*$|^http://(www\.)?generousdeal-a.akamaihd.net(-|.).*$|^http://(www\.)?girlgamerdaily.com(-|.).*$|^http://(www\.)?hdapp1008-a.akamaihd.net(-|.).*$|^http://(www\.)?highstairs-a.akamaihd.net(-|.).*$|^http://(www\.)?hotshoppymac.com(-|.).*$|^http://(www\.)?matchpal-a.akamaihd.net(-|.).*$|^http://(www\.)?mecash.ru(-|.).*$|^http://(www\.)?monarchfind-a.akamaihd.net(-|.).*$|^http://(www\.)?myshopmatemac.com(-|.).*$|^http://(www\.)?nottyu.xyz(-|.).*$|^http://(www\.)?onlinemegax.com(-|.).*$|^http://(www\.)?outrageousdeal-a.akamaihd.net(-|.).*$|^http://(www\.)?pijoto.net(-|.).*$|^http://(www\.)?recordpage-a.akamaihd.net(-|.).*$|^http://(www\.)?resultshub-a.akamaihd.net(-|.).*$|^http://(www\.)?rvzr-a.akamaihd.net(-|.).*$|^http://(www\.)?savingsslider-a.akamaihd.net(-|.).*$|^http://(www\.)?searchinterneat-a.akamaihd.net(-|.).*$|^http://(www\.)?searchwebknow-a.akamaihd.net(-|.).*$|^http://(www\.)?seeresultshub-a.akamaihd.net(-|.).*$|^http://(www\.)?shoppytoolmac.com(-|.).*$|^http://(www\.)?skytraf.xyz(-|.).*$|^http://(www\.)?splendorsearch-a.akamaihd.net(-|.).*$|^http://(www\.)?strongsignal-a.akamaihd.net(-|.).*$|^http://(www\.)?surfbuyermac.com(-|.).*$|^http://(www\.)?treasuretrack-a.akamaihd.net(-|.).*$|^http://(www\.)?webshoppermac.com(-|.).*$|^http://(www\.)?pospr.waw.pl(-|.).*$|^http://(www\.)?abclauncher.com(-|.).*$|^http://(www\.)?alert-fjg.xyz(-|.).*$|^http://(www\.)?analytics-ads.xyz(-|.).*$|^http://(www\.)?bamo.xsl.pt(-|.).*$|^http://(www\.)?compliance-olga.top(-|.).*$|^http://(www\.)?digital-video-processing.com(-|.).*$|^http://(www\.)?eu-cookie-law.info(-|.).*$|^http://(www\.)?findpik.com(-|.).*$|^http://(www\.)?forum20.smailik.org(-|.).*$|^http://(www\.)?free-share-buttons.top(-|.).*$|^http://(www\.)?free-social-buttons2.xyz(-|.).*$|^http://(www\.)?free-social-buttons3.xyz(-|.).*$|^http://(www\.)?free-social-buttons4.xyz(-|.).*$|^http://(www\.)?free-social-buttons5.xyz(-|.).*$|^http://(www\.)?front.to(-|.).*$|^http://(www\.)?infokonkurs.ru(-|.).*$|^http://(www\.)?mapquestz.us(-|.).*$|^http://(www\.)?quick-offer.com(-|.).*$|^http://(www\.)?rank-checker.online(-|.).*$|^http://(www\.)?rankchecker.online(-|.).*$|^http://(www\.)?rapidokbrain.com(-|.).*$|^http://(www\.)?real-time-analytics.com(-|.).*$|^http://(www\.)?sharebutton.net(-|.).*$|^http://(www\.)?sharebutton.org(-|.).*$|^http://(www\.)?shemale-sex.net(-|.).*$|^http://(www\.)?site-speed-check.site(-|.).*$|^http://(www\.)?site-speed-checker.site(-|.).*$|^http://(www\.)?trafficmania.com(-|.).*$|^http://(www\.)?website-speed-up.site(-|.).*$|^http://(www\.)?website-speed-up.top(-|.).*$|^http://(www\.)?xn--80aagddcgkbcqbad7amllnejg6dya.xn--p1ai(-|.).*$|^http://(www\.)?xn--80aikhbrhr.net(-|.).*$|^http://(www\.)?pila.pl(-|.).*$|^http://(www\.)?dytohqka.su(-|.).*$|^http://(www\.)?fqvjhqciw.net.ru(-|.).*$|^http://(www\.)?wycjrqzy.ua(-|.).*$|^http://(www\.)?0ca29773681c7e82.com(-|.).*$|^http://(www\.)?intervsem.ru(-|.).*$|^http://(www\.)?candy-glam-hp.com(-|.).*$|^http://(www\.)?thecoolimages.net(-|.).*$|^http://(www\.)?rebuildermedical.com(-|.).*$|^http://(www\.)?gaygalls.net(-|.).*$|^http://(www\.)?keywordteam.net(-|.).*$|^http://(www\.)?netfacet.net(-|.).*$|^http://(www\.)?pattersonsweb.com(-|.).*$|^http://(www\.)?trapit.com.gg(-|.).*$) 1; } ## Add here all hosts that should be spared any referrer checking. ## Whitelist all your own IPs in this section, each IP followed by a 0; geo $bad_referer { 127.0.0.1 0; 40.82.153.189 0; 111.111.111.111 0; } # Geo directive to deny certain ip addresses geo $validate_client { default 0; # Cyveillance 38.100.19.8/29 1; 38.100.21.0/24 1; 38.100.41.64/26 1; 38.105.71.0/25 1; 38.105.83.0/27 1; 38.112.21.140/30 1; 38.118.42.32/29 1; 65.213.208.128/27 1; 65.222.176.96/27 1; 65.222.185.72/29 1; 85.25.176.0/20 1; 85.25.192.0/20 1; 85.25.208.0/22 1; }