403Page Labs Home

HOW TO: Block traffic coming from a specific domain

29 February, 2020

Inbound links are awesome. Except for when they’re not. Spam traffic coming from forums, spam comments can spend up server resources, skew your analytics and hurt your SEO.

Let’s assume you’ve just noticed a bunch of traffic coming to your site from www.iamaspamsite.com.

For Apache servers, this should do the job (in .htaccess):

RewriteCond %{HTTP_REFERER} www\.iamaspamsite\.com [NC]
RewriteRule .* - [F]

You can test the rule works in your terminal with a curl that makes you pretend to come from www.iamaspamsite.com:

curl -IL --referer https://www.iamaspamsite.com https://YOURDOMAIN.COM

The response beforehand should look like a bunch of headers and shenanigans – but at the top you should see a 200 response code:

HTTP/2 200

When the rule is in place, this should become:

HTTP/2 403


HTTP/2 503

..or something like that. It won’t be a 200 response anyway.

To accomplish the same block on an Nginx server, use this in your config:

if ($http_referer ~ "www\.iamaspamsite\.com")  { 
  return 444;