How to block referring website?

[masterb56]

Do you guys know how to block users coming from a specific website? I'm trying to figure out if there's an option in cpanel to put in the referrer to block but I cant see that option :/ I've tried to edit htaccess but it wont work, any ideas?

masterb56 Reviewed by masterb56 on 8th Jan 2011. How to block referring website? Do you guys know how to block users coming from a specific website? I'm trying to figure out if there's an option in cpanel to put in the referrer to block but I cant see that option :/ I've tried to edit htaccess but it wont work, any ideas? :( Rating: 5

[Lifetalk]

Here's a basic code outline. You can modify it to suit yourself.

Code: 

RewriteEngine On

RewriteCond %{HTTP_REFERER} ^http://(.+\.)?127.0.0.1/ [NC,OR] # This rule blocks a visitor originating from an IP
RewriteCond %{HTTP_REFERER} ^http://(.+\.)?sampledomain\.info/ [NC] # This one blocks any visitor originating from sampledomain.info or *.sampledomain.info (subdomain)
RewriteRule .*\.(jpg|gif|bmp|png)$ http://example.com/nohotlink.jpg [L] # This rule will redirect all requests to the images from the above referrers to an error image (or document/page).
RewriteRule .* http://sample.com/blocked.html [L] #This rule redirects a request for everything (images, files, web pages) to an error page/image.

What I've posted above will basically redirect the visitor from a specific referring website to a message/page that informs the user that he/she has been blocked (or you could redirect them to a blank page or a non-existent domain.

What's important is that the last line blocks requests to everything on the server. So if you were to redirect the blocked user to a page or anything on the same server informing them that they were blocked, it'd result in an endless loop and a possible timeout. Not a very handy solution. In my opinion, a more suitable option would be to redirect them to a different domain with a blocked message and/or to their localhost (if you're feeling evil).

Having said that, remember that referrer based blocking is not fool proof. Some browsers often remove the referrer. Some antiviruses/antispywares and security programs also do that. This is done to effectively enhance the surfer's security. Some websites fake the referrer too, or remove it altogether.
The likelihood of the above, though, is generally low. A very small % of the users have their referrer removed. So if a domain is abusing your server resources, by say, hotlinking to an image, the above code (expansible, of course) is a very neat way to bring it down by a lot.

An example? I use the above code (constructed differently) to block a few domains that hotlink to abuse images on my site. And I save hundreds of gigs on bandwidth and lots of time I would otherwise spend tweaking my server to handle all the hotlink requests.

[masterb56]

Thank you very much lifetalk

Actually I just want to derail some users coming from a specific site (where my site is hotlinked) I think I've tried RewriteCond but I'll try again, I was testing it on myself and modified the referer but it would not work, when I did it I'll try your technique