.... Internet marketing resources, ecommerce web site design tutorials
  Taming the Beast - quality web marketing and ecommerce development services .... .


Return to web marketing and ecommerce articles index

Blocking referrer domain traffic with htaccess

Ever had tons of traffic referred by a particular domain you wished to block? If your site is hosted on a server running Apache, it's easy to do with .htaccess. If you're not sure if the server your site is hosted on runs Apache, check with your web host.

You may be asking "why the heck would anyone want to block traffic?" 

Sometimes it's an annoyance factor - people being referred by a particular site who are being difficult. Another common reason is a sudden deluge of traffic from a single source that your server can't cope with. 

In these situations, your hosting company may suspend your account; but by using the following .htaccess trick, you can greatly decrease the load on the server while still making your site available to others. 

Another scenario might be where someone has posted on a forum you're offering free whatever as a prank, and they are sending a ton of garbage traffic your way. Believe me, it does happen :).

What's a .htaccess file?

.htaccess is essentially a plain text configuration file that provides per directory or domain instructions to Apache on how to handle certain requests relating to security and the way URLs are presented. If you can't see a .htaccess file in your file base, you can create one in NotePad or another plain text editor. Note the naming of the file ".htaccess" - the "." is important and there should be nothing after the "htaccess". 

If you do have a .htaccess file present, be sure to back it up before making changes and don't remove anything that's currently in it as doing so may prevent some of your applications from working or interfere with existing security.

Referrer domain traffic blocking code

Here's all you need to add to your .htaccess file:

RewriteEngine on
RewriteCond %{HTTP_REFERER} refererdomain1\.com [NC,OR] 
RewriteCond %{HTTP_REFERER} referrerdomain2\.com
RewriteRule .* - [F]

If you get an internal server error, try adding this line below "RewriteEngine on"

Options +FollowSymlinks

If you only have a single site you wish to ban referral traffic from, use this:

RewriteEngine on
RewriteCond %{HTTP_REFERER} refererdomain1\.com [NC]
RewriteRule .* - [F]

(Note the lack of OR flag in this example)

The result should be the visitor seeing a browser HTTP Error 403 - Forbidden.

If you wish to ban traffic from a referrer domain to your entire site; add the above to the .htaccess file in your root directory. If you only want to protect a specific folder or file; put the .htaccess file in that folder.

The backslash before the domain tail extension is very important to include, e.g. "lkjdfjlkd\.com"

NC, OR and F - what do they mean?

The NC flag makes the directive case insensitive so it will work on referrer traffic from the domain refererdomain.com, REFERERDOMAIN.COM, RefererDomain.com etc.

The OR flag simply means "or" and is only used when you have multiple domains listed. The last domain you wish to block in your list shouldn't have this flag.

The [F] flag causes Apache to return a 403 Forbidden status code to the viewer.

Referer vs. Referrer

Did you notice this in the code? "Referer" isn't a word in the English language, but if you spell it "referrer" in the code, it won't work. As to why this spelling was used when the HTTP protocol was developed, I really have no idea - if you know, please enlighten me so that I can add it to my party/dinner conversation repertoire :).

Will it block image hotlinking?

This htaccess hack also won't prevent other sites from hotlinking to your images; i.e. another site owner displaying your images in their content, but referencing the image directly from your server. It's a common problem that has the capacity to create excessive load and bandwidth usage on your hosting account. For a solution to this issue, see my tutorial on preventing image hotlinking with .htaccess.

Additional notes

The above htaccess hack isn't foolproof. If the number of requests is really over the top, it can still cause server problems as the actually request is still being made and the .htaccess file accessed. People may also still go to the trouble of typing in your domain name. The idea behind this is to alleviate a short term traffic deluge for long enough to allow your site to stay up until the storm blows over.

Related articles

htaccess 301 redirect tutorial
Creating custom error pages.
Changing domains? Preserve rankings with mod_rewrite

Michael Bloch
Taming the Beast
Tutorials, web content, tools and software.
Web Marketing, Internet Development & Ecommerce Resources

In the interests of transparency and disclosure, please note that the owner of Taming the Beast.net often receives goods and services mentioned in reviews for free, or may receive payments or affiliate commissions for advertising or referring others to merchants of products and services reviewed.

Copyright information.... This article is free for reproduction but must be reproduced in its entirety, including live links & this copyright statement must be included. Visit http://www.tamingthebeast.net  for free Internet marketing and web development articles, tutorials and tools! Subscribe to our popular ecommerce/web design ezine!

Click here to view article index 

Online meeting & webinar software review
Powerful, easy to use collaboration tools that can help improve your marketing sales and training efforts. Learn more about these services in this review & try a free trial!

The best shopping cart software
Our reviews of some of the best shopping carts around - free ecommerce solutions  through to premium services offering affiliate programs, marketing modules & online soft goods delivery.  Shopping cart software guide 

Autoresponder software/mailing list manager
 Read our beginners guide and reviews of all-in-one autoresponder & email marketing software solutions.

Credit card transaction fraud screening!  Effective fraud screening is an essential part of running an online businesses. Fraud transactions cost you money and can threaten your merchant account. Pick up a stack of transaction screening tips in this free guide! 

Need some advice/tools for writing/creating a web design, development or marketing proposal?






Get paid cash taking online surveys - free to join online 
survey companies that will pay you cash for your opinion!

In Loving Memory - Mignon Ann Bloch

copyright (c) 1999-2011  Taming the Beast  Adelaide - South Australia 

Profile - Contact - Privacy - Consultants Portfolio 

Search Site - Terms of Service - Social/environmental