Why you might need this
Social media, hate sites, and spammy/scraped sites may all be sending traffic to your application that you would rather not have land. In some cases this can generate storms of traffic that are functionally the same as as denial of service attack.
Blocking referred traffic is an easy way to blunt some of the unsavory traffic hitting your site.
What you need to get started:
- Expedited WAF add-on is setup in front of your application.
How To Block Referring Sites on Heroku
Add referring sites to be blocked to the Block Bots page of your Expedited WAF dashboard:
- Blocking is dependent upon the
HTTP_REFERERheader being passed by the browser. This may not be present for any number of reasons (HTTP -> HTTPS links in Chrome, command line tools, or browser extensions)
- If the traffic is significant enough to be posing you uptime problems, you may need to layer on additional anti DDOS rules like CAPTCHA or Geographic restrictions.
Learn more about
Try Expedited WAF.
Get a Free Tee.
Option 1: Install Expedited WAF (the Web Application Firewall service that shields your Heroku applications from attacks) from the Heroku Elements Marketplace..
Seven days later we'll ask for some feedback and your (US or Canada only) shipping details.
Option 2: Select a Date & Time below to talk to us about your existing web application security framework and see how Expedited WAF can help better secure your Heroku applications.