Last year I did a blog post on how I use Log Parser to peruse the IIS logs from this site to see how many people come here, what they look at, where they come from, etc. Those of you that have seen me at conferences or talked to me in person have no doubt heard the hilarious byproduct of that. Seems a few images on my web site are very popular with the kids at MySpace. They really like that yellow bird image as their background. While I'm flattered by the attention, honest I am, they seem unable to copy it down, so they're all hotlinking off of my site. That's right, these hoodlums are stealing bandwidth right out of the hands of you hardworking SharePoint enthusiasts. Every time you go to download one of my blog posts or a netcast recording those guys are slowing you down. I decided I wouldn't stand for it anymore; I was going to do something about it to defend your honor. In the past I've gone through my IIS logs to see which MySpace pages are stealing my images, then I swap something hysterical out in its place. Hilarity ensues. Unfortunately I only remember to do it every few months and it results in a bunch of renamed images and trash on my site. I needed to be proactive, not reactive. I needed to find a way to handle traffic from MySpace automatically, not by hand like I had been. Our Apache using friends have been using mod_rewrite for years for this functionality. (we get SharePoint, they get mod_rewrite, seems a fair trade to me) In the past there has never been a good mod_rewrite module for IIS. Until now, that is. A few months ago I moved all of my SharePoint servers to 64 bit Windows Server 2008. This means my servers are running on IIS7, which has a modular design that IIS6 didn't have. In cruising around on IIS.net I found an IIS URL Rewrite Module. That's perfect!
I downloaded the module, and like a good SharePoint admin, I tested it in a VM to see if it did what I wanted. The first time I installed it, it killed the VM. L To avoid that, pay close attention to the "Important" instructions on the download page. Make sure and stop the services they suggest. To be safe the second time I stopped all IIS and SharePoint related services and it worked. Fortunately my test VM and my production server are VMs in Hyper-V, so I made snapshots before I installed it. If you've got that opportunity, I recommend taking it.
After I got it installed configuring it was pretty easy. It shows up as a module called "URL Rewrite" in IIS Manager. Double-click it to open up the rules page. It should look like this:
From the screenshot you can see that I've got one rule defined right now. Let's walk through creating another one. For now, I just want to block any requests that have a referrer from the Myspace.com domain. To create it we'll start by clicking "Add Rules…" on the right. You'll get a dialog box like this:
We want "Request blocking" so click that and hit OK. We want to block requests based on the referrer, so select that from the dropdown. Leave "Matches the pattern" for the requests that are blocked. For referrer pattern put in http://*.myspace.com/* and leave the Using as "Wildcards" and set "How to block" to "Abort Request." The finished dialog should look like this:
That's all there is to it. You have a lot of options when editing the rule. Feel free to poke around and see what you can do. You can do some pretty amazing things. If you want to test the referrer rules you can use Quick Spoof to spoof referrers on URL requests. The details of the rule will show up in the web.config file for your web app. If you're curious how they're defined, pop it up and take a look.
You may be wondering how well this works with SharePoint. I can saw that it's worked great for the last 24 hours. J The module has support for rewriting and redirecting URLs, but I didn't have much luck with them. I would have loved to have the image requested from the MySpace users be replaced with something more…racy, but in the time I spent playing with this I couldn't get it to work. If you have better luck, let me know.
I hope this helped some of you fight off those evil bandwidth stealers.
tk