When you notice a surprising increase in traffic and check your logs one day, and see tons of referrals from a particular site, yet upon inspection you can’t find a single visible link to your site on theirs. The referral isn’t a “legitimate” one, with the site most likely pinching content or hot linking to certain files on your site such as images, .css files, or files you can’t even make out it means that someone is attempting to hack your web site (this may simply mean trying to find non public content).
You will another big usage of .htaccess file: Blocking users or sites that originate from a particular domain.
The following code will block any visitor by referrer:
RewriteEngine on
Options +FollowSymlinks
RewriteCond %{HTTP_REFERER} thisbad_domain\.com [NC]
RewriteRule .* - [F]
RewriteEngine on – make sure mod_rewrite is turned on in your website; For how to check whether your mod_rewrite is on, please check Term MOD_Rewrite
Options +FollowSymlinks – prevent the server from displaying Error 500: Internal Server Error in some cases;
“thisbad_domain\.com” is the domain you wish to block. Note the backslash (\) proceeding the period (“.”) to actually donate a period, as in Regular Expressions, a period donates any character, which is not what we want;
The flag “[NC]” is added to the end of the domain to make it case insensitive, so whether the domain is “thisbad_domain.com”, “THISbad_domain.COM” etc, however bad it gets, it gets blocked. Finally;
RewriteRule .* – [F] the last line in the .htaccess file specifies that the action to take when a match is found is to fail the request, meaning the referrer traffic will hit a 403 Forbidden error.
the above code is to stop traffic from one domain, if you decided to prevent more than one domain, the code will be as the following:
RewriteEngine on
Options +FollowSymlinks
RewriteCond %{HTTP_REFERER} thisbad_domain\.com [NC,OR]
RewriteCond %{HTTP_REFERER} thatbad_domain\.com
RewriteRule .* - [F]
The only difference between blocking a single referrer and multiple referrers is the modified [NC, OR] flag in the later case to every domain but the last.
Cpanel and Plesk Control Panel can deny IP and Domain Easily
It is much easier to deny a bad IP or referer by Cpanel or Plesk control Panel. Both Cpanel and Plesk have IP Address Deny Manager. You just need click the link and you will go to following page:
Just add the IP address or the Domain you want to block. It is very easy.