How to block referrer spam traffic

Referrer spam has always been a nuisance, specially if you have some traffic restrictions on your hosting. The referral traffic robs your site from the precious bandwidth allocated (also know as Bandwidth Theft). Also with a large number of spam traffic, legitimate users will be greeted with a slow and sometimes non responsive site.

Htaccess enables one to block certain referrer sites and prevent referrer spam. The following post list some techniques to do so. One way to prevent referrer spam is to force a error and stop any further redirection. Note that the following requires that ‘mod_rewrite’ is enabled on your server.

RewriteCond %{HTTP_REFERER} sitetoblock\.com [NC]
RewriteRule .* - [F,L]

The above lines tells the Apache Server to block traffic from the URL ‘’. The ‘[NC]’ flag specifies that the referrer site url is not case-sensitive. The ‘F’ flag in [F,L] returns a ‘403 Forbidden’ error, while the ‘L’ flag stops further processing.

Another method is to redirect the traffic to another website, most probably a public website like Google (although I would not recommend this).

RewriteCond %{HTTP_REFERER} sitetoblock\.com [NC]
RewriteRule .* [R,L]

Or force it back to the referrer site.

RewriteCond %{HTTP_REFERER} sitetoblock\.com [NC]
RewriteRule .* %{HTTP_REFERER} [R,L]

To block multiple referrers one can use the [OR] flag.

RewriteCond %{HTTP_REFERER} sitetoblock1\.com [NC,OR]
RewriteCond %{HTTP_REFERER} sitetoblock2\.com [NC]
RewriteRule .* [R,L]

Another idea is to return a 301 error.

RewriteCond %{HTTP_REFERER} ^http://www\.sitetoblock\.com
RewriteRule (.*) http://%{REMOTE_ADDR}/$ [R=301,L]

You can also block traffic from certain ip addresses using the apache ‘Limit’ satement which does not require using ‘mod_rewrite’.

<Limit GET>
order allow,deny
deny from
deny from
allow from all

Honestly, I’m not an expert in htaccess issues, so readers with extensive knowledge in the area are welcome to add creative inputs to the post.

11 Responses

  1. Web Designer says:

    thank you.. this really help..

  2. Arafin Shaon says:

    thanks a ton helped me a lot…

  3. Hi,
    If you’re using WordPress, I wrote a plugin to help block spam referral traffic. Feel free to take a look !

  4. Farhan Islam says:

    How can we do testing on all this?

    Any suggestion will be appreciated.

  5. Noman says:

    Really useful guide.thanks for tips :)

  6. Mithun says:

    We hate spam referral traffic from your article i got solution.thanks bro

  7. Mithun says:

    I got my solution.thanks bro

  8. JD says:

    Do I need to use the following brackets for this to work? Doesn’t seem like .htaccess is stopping these spammers…

    RewriteCond %{HTTP_REFERER} semalt\.com [NC,OR]
    RewriteCond %{HTTP_REFERER} buttons-for-website\.com [NC,OR]
    RewriteCond %{HTTP_REFERER} darodar\.com [NC,OR]
    RewriteCond %{HTTP_REFERER} social-buttons\.com [NC,OR]
    RewriteCond %{HTTP_REFERER} simple-share-buttons\.com [NC]
    RewriteRule .* – [F,L]

  9. sameer says:

    The htaccess you mentioned is working on my side. Try using a single spam site first for testing.

    RewriteCond %{HTTP_REFERER} semalt\.com [NC]
    RewriteRule .* – [F,L]

  1. December 15, 2014

    […] Block sites by referrer & How to Block Referrer Spam Traffic. […]

  2. February 9, 2016

    […] To know more how to block using .htaccess read this post […]