Here is the detail of the process :

The trick is separated in 2 parts, the first one is the detection, the second one is the action on detected items.

The detection use RegExp to match the unwanted pattern in the referer or user-agent information returned by the requester.

Once identified the source is added to the "banned" environement  group.

Then we use a special trick to return the attack toward the spammer, we redirect them to their own link (301-Redirection)...
And in case the redirection fail, we just deny the request (403-Forbidden Page)

So all you need is to copy the file in the archive on the root of your website, and rename it as ".htaccess".

Note: will work only on Apache webserver !


# Reject from specific IP addresses
# - Reject a Single address
Deny from
# - Reject a Range of address (class-C)
Deny from 148.244.150.
# - Reject a Range of address (class-B)
Deny from 148.244.

# Deny access to all with status "banned"


# Referers Filter (Banned Sites)
SetEnvIfNoCase Referer"^http://([a-z0-9\-]+\.)?blogg\.de.*$" banned
SetEnvIfNoCase Referer "^http://([a-z0-9\-]+\.)?vjackpot\.com.*$" banned

Referer Filter (banned Words)
SetEnvIfNoCase Referer "^http://(\W)buy.*$" banned
SetEnvIfNoCase Referer "^http://(\W)cheap.*$" banned

# User-Agent (Browser/SearchBot/Agent) Filter
SetEnvIfNoCase User-Agent "extractor" banned
SetEnvIfNoCase User-Agent "grabber" banned
SetEnvIfNoCase User-Agent "harvest" banned

# Enable Rewrite mode
RewriteEngine On

# Nice trick.. => 301-Redirect to themself...
RewriteCond %{ENV:banned} ^1$
RewriteCond %{HTTP_REFERER} ^(.*)$
RewriteRule ^(.*)$ %1 [R=301,L]

# In any case => 403-Forbidden Page
Order Deny,Allow
Deny from env=banned

Some references:

  • -none-