Title: block referrers?
Last modified: August 22, 2016

---

# block referrers?

 *  Resolved [LuciFit](https://wordpress.org/support/users/lucifit/)
 * (@lucifit)
 * [11 years, 5 months ago](https://wordpress.org/support/topic/block-referrers/)
 * I have a few referrers that are messing up my Google Analytics. Is there a way
   I can block spam referrers through the BPS security?
 * [https://wordpress.org/plugins/bulletproof-security/](https://wordpress.org/plugins/bulletproof-security/)

Viewing 15 replies - 1 through 15 (of 20 total)

1 [2](https://wordpress.org/support/topic/block-referrers/page/2/?output_format=md)
[→](https://wordpress.org/support/topic/block-referrers/page/2/?output_format=md)

 *  Plugin Author [AITpro](https://wordpress.org/support/users/aitpro/)
 * (@aitpro)
 * [11 years, 5 months ago](https://wordpress.org/support/topic/block-referrers/#post-5663494)
 * Yep you can do this: [http://forum.ait-pro.com/forums/topic/sewmalt-com-crawlers/#post-16823](http://forum.ait-pro.com/forums/topic/sewmalt-com-crawlers/#post-16823)
 *  Plugin Author [AITpro](https://wordpress.org/support/users/aitpro/)
 * (@aitpro)
 * [11 years, 5 months ago](https://wordpress.org/support/topic/block-referrers/#post-5663696)
 * Assuming all questions have been answered – thread has been resolved.
 * Thread Start Date: 1-12-2015
    Thread Resolved/Current Date: 1-14-2015
 *  Thread Starter [LuciFit](https://wordpress.org/support/users/lucifit/)
 * (@lucifit)
 * [11 years, 5 months ago](https://wordpress.org/support/topic/block-referrers/#post-5663733)
 * Hi.
    Thanks for this info. I read the article. I want to block semalt.com as 
   well as buttonsforwebsite.com
 * This is what I put into the CUSTOM CODE BOTTOM HOTLINKING/FORBID COMMENT SPAMMERS/
   BLOCK BOTS/BLOCK IP/REDIRECT CODE: Add miscellaneous code here
 * RewriteCond %{HTTP_REFERER} ^.*(semalt\.com|buttons-for-website.com.).*$ [NC]
   
   RewriteRule ^(.*)$ – [F]
 * I didn’t include the first line with the hashtag because the directions on BPS
   told me not to.
    Did I do this right?
 * Thank you…
 *  Plugin Author [AITpro](https://wordpress.org/support/users/aitpro/)
 * (@aitpro)
 * [11 years, 5 months ago](https://wordpress.org/support/topic/block-referrers/#post-5663734)
 * Yes. The code is generally correct and has been added in the correct BPS Custom
   Code text box.
 * To make the code 100% code correct make these minor changes:
 *     ```
       RewriteCond %{HTTP_REFERER} ^.*(semalt\.com|buttons-for-website\.com).*$ [NC]
       RewriteRule ^(.*)$ - [F]
       ```
   
 * In Regular Expressions code (RegEx) the dot (.) when it is not escaped with a
   backslash: `buttons-for-website.com` would match any character except a line 
   break. Example: `buttons-for-website.com, buttons-for-websiteacom, buttons-for-
   website1com`. escaping the dot (.) means match the dot (.) character literally–
   MUST be a dot (.) and cannot be any other characters.
 * **`.\*`** in RegEx code means match 0 or more of the proceeding token or in plain
   english everything and anything.
    Example: `buttons-for-website.com/post-url/,
   buttons-for-website.com/blog/, buttons-for-website.com/anything/, buttons-for-
   website.com/everything/`
 *  Thread Starter [LuciFit](https://wordpress.org/support/users/lucifit/)
 * (@lucifit)
 * [11 years, 5 months ago](https://wordpress.org/support/topic/block-referrers/#post-5663735)
 * Great. I understand.
 * Thanks for the correction and I went ahead and changed it.
    SO HAPPY that these
   guys aren’t going to be screwing up my Google Analytics now!!!
 * Thanks so much for your help. You are always so helpful.
 *  Thread Starter [LuciFit](https://wordpress.org/support/users/lucifit/)
 * (@lucifit)
 * [11 years, 5 months ago](https://wordpress.org/support/topic/block-referrers/#post-5663785)
 * Hey, guys,
    Since I made that change I’ve had several people report to me that
   they are getting the following error message when they try to see my site:
 * Forbidden
 * You don’t have permission to access / on this server.
 * Additionally, a 500 Internal Server Error error was encountered while trying 
   to use an ErrorDocument to handle the request.
 *  Plugin Author [AITpro](https://wordpress.org/support/users/aitpro/)
 * (@aitpro)
 * [11 years, 5 months ago](https://wordpress.org/support/topic/block-referrers/#post-5663786)
 * Post the custom code you are using. Get it from your root htaccess file code 
   on the htaccess File Editor page >>> Your Current root htaccess File tab and 
   NOT BPS Custom Code.
    Post a Security Log entry for one of these 403 errors.
 *  Thread Starter [LuciFit](https://wordpress.org/support/users/lucifit/)
 * (@lucifit)
 * [11 years, 5 months ago](https://wordpress.org/support/topic/block-referrers/#post-5663787)
 * On my htaccess File Editor page, in the current root htaccess file code section,
   it says at the bottom:
    # CUSTOM CODE BOTTOM HOTLINKING/FORBID COMMENT SPAMMERS/
   BLOCK BOTS/BLOCK IP/REDIRECT CODE RewriteCond %{HTTP_REFERER} ^.*(semalt\.com
   |buttons-for-website\.com).*$ [NC] RewriteRule ^(.*)$ – [F]
 *  Thread Starter [LuciFit](https://wordpress.org/support/users/lucifit/)
 * (@lucifit)
 * [11 years, 5 months ago](https://wordpress.org/support/topic/block-referrers/#post-5663788)
 * This is a security log entry. There are about 10 of these from yesterday alone.
   So I don’t know if it was blocking a bot, or a real person. So far I have 3 confirmations
   that real people got the 500 error.
 * [403 GET / HEAD Request: February 3, 2015 – 1:25 am]
    Event Code: BFHS – Blocked/
   Forbidden Hacker or Spammer Solution: N/A – Hacker/Spammer Blocked/Forbidden 
   REMOTE_ADDR: 173.208.203.138 Host Name: 173.208.203.138 SERVER_PROTOCOL: HTTP/
   1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: HTTP_X_CLUSTER_CLIENT_IP:
   REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: //edu.asp QUERY_STRING: HTTP_USER_AGENT:
   Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0)
 *  Plugin Author [AITpro](https://wordpress.org/support/users/aitpro/)
 * (@aitpro)
 * [11 years, 5 months ago](https://wordpress.org/support/topic/block-referrers/#post-5663789)
 * You custom code is fine.
    The Security Log entry does not appear to be related
   to anything legitimate being blocked and appears to be a random probe. `//edu.
   asp` seems to be part of a domain name, but it is not a legitmate Request URI.
 * When I visit your website I do not see any errors and your website displays fine
   to me. So most likely your server is having intermittent problems. Contact your
   host and ask them to look at your server logs to see what the server log errors
   are and to check if there are intermittent server issues going on – most likely
   whether or not there are any server issues occurring they will tell you everything
   is ok. 😉
 *  Thread Starter [LuciFit](https://wordpress.org/support/users/lucifit/)
 * (@lucifit)
 * [11 years, 5 months ago](https://wordpress.org/support/topic/block-referrers/#post-5663791)
 * I called GoDaddy (my server) twice and both times they had no record of any server
   problems.
 * Below are the 13 blocks from yesterday. My web designer tried to see the site
   from the front end and he got the error too. I’m not sure which one he is listed
   below… but I also sent a link to my FB followers and I can see from below that
   link was blocked a couple times too.
    another-reason-why-the-mediterranean-diet-
   works-so-well/
 * I’m beginning to think this plugin was the problem.
 * [403 GET / HEAD Request: February 4, 2015 – 9:35 am]
    Event Code: BFHS – Blocked/
   Forbidden Hacker or Spammer Solution: N/A – Hacker/Spammer Blocked/Forbidden 
   REMOTE_ADDR: 184.168.224.125 Host Name: p3nlwpweb006.shr.prod.phx3.secureserver.
   net SERVER_PROTOCOL: HTTP/1.0 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR:
   HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /contact-
   us/ QUERY_STRING: HTTP_USER_AGENT: WordPress/4.1; [http://lucifit.com](http://lucifit.com)
 * [403 GET / HEAD Request: February 4, 2015 – 9:45 am]
    Event Code: BFHS – Blocked/
   Forbidden Hacker or Spammer Solution: N/A – Hacker/Spammer Blocked/Forbidden 
   REMOTE_ADDR: 184.168.224.125 Host Name: p3nlwpweb006.shr.prod.phx3.secureserver.
   net SERVER_PROTOCOL: HTTP/1.0 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR:
   HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /another-
   reason-why-the-mediterranean-diet-works-so-well/ QUERY_STRING: HTTP_USER_AGENT:
   WordPress/4.1; [http://lucifit.com](http://lucifit.com)
 * [403 GET / HEAD Request: February 4, 2015 – 9:45 am]
    Event Code: BFHS – Blocked/
   Forbidden Hacker or Spammer Solution: N/A – Hacker/Spammer Blocked/Forbidden 
   REMOTE_ADDR: 184.168.224.125 Host Name: p3nlwpweb006.shr.prod.phx3.secureserver.
   net SERVER_PROTOCOL: HTTP/1.0 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR:
   HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /contact-
   us/ QUERY_STRING: HTTP_USER_AGENT: WordPress/4.1; [http://lucifit.com](http://lucifit.com)
 * [403 GET / HEAD Request: February 4, 2015 – 9:45 am]
    Event Code: BFHS – Blocked/
   Forbidden Hacker or Spammer Solution: N/A – Hacker/Spammer Blocked/Forbidden 
   REMOTE_ADDR: 184.168.224.125 Host Name: p3nlwpweb006.shr.prod.phx3.secureserver.
   net SERVER_PROTOCOL: HTTP/1.0 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR:
   HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /another-
   reason-why-the-mediterranean-diet-works-so-well/ QUERY_STRING: HTTP_USER_AGENT:
   WordPress/4.1; [http://lucifit.com](http://lucifit.com)
 * [403 GET / HEAD Request: February 4, 2015 – 9:45 am]
    Event Code: BFHS – Blocked/
   Forbidden Hacker or Spammer Solution: N/A – Hacker/Spammer Blocked/Forbidden 
   REMOTE_ADDR: 184.168.224.125 Host Name: p3nlwpweb006.shr.prod.phx3.secureserver.
   net SERVER_PROTOCOL: HTTP/1.0 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR:
   HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /contact-
   us/ QUERY_STRING: HTTP_USER_AGENT: WordPress/4.1; [http://lucifit.com](http://lucifit.com)
 * [403 GET / HEAD Request: February 4, 2015 – 9:45 am]
    Event Code: BFHS – Blocked/
   Forbidden Hacker or Spammer Solution: N/A – Hacker/Spammer Blocked/Forbidden 
   REMOTE_ADDR: 184.168.224.125 Host Name: p3nlwpweb006.shr.prod.phx3.secureserver.
   net SERVER_PROTOCOL: HTTP/1.0 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR:
   HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /another-
   reason-why-the-mediterranean-diet-works-so-well/ QUERY_STRING: HTTP_USER_AGENT:
   WordPress/4.1; [http://lucifit.com](http://lucifit.com)
 * [403 GET / HEAD Request: February 4, 2015 – 9:45 am]
    Event Code: BFHS – Blocked/
   Forbidden Hacker or Spammer Solution: N/A – Hacker/Spammer Blocked/Forbidden 
   REMOTE_ADDR: 184.168.224.125 Host Name: p3nlwpweb006.shr.prod.phx3.secureserver.
   net SERVER_PROTOCOL: HTTP/1.0 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR:
   HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /contact-
   us/ QUERY_STRING: HTTP_USER_AGENT: WordPress/4.1; [http://lucifit.com](http://lucifit.com)
 * [403 GET / HEAD Request: February 4, 2015 – 10:59 am]
    Event Code: BFHS – Blocked/
   Forbidden Hacker or Spammer Solution: N/A – Hacker/Spammer Blocked/Forbidden 
   REMOTE_ADDR: 184.168.224.125 Host Name: p3nlwpweb006.shr.prod.phx3.secureserver.
   net SERVER_PROTOCOL: HTTP/1.0 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR:
   HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /another-
   reason-why-the-mediterranean-diet-works-so-well/ QUERY_STRING: HTTP_USER_AGENT:
   WordPress/4.1; [http://lucifit.com](http://lucifit.com)
 * [403 GET / HEAD Request: February 4, 2015 – 10:59 am]
    Event Code: BFHS – Blocked/
   Forbidden Hacker or Spammer Solution: N/A – Hacker/Spammer Blocked/Forbidden 
   REMOTE_ADDR: 184.168.224.125 Host Name: p3nlwpweb006.shr.prod.phx3.secureserver.
   net SERVER_PROTOCOL: HTTP/1.0 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR:
   HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /contact-
   us/ QUERY_STRING: HTTP_USER_AGENT: WordPress/4.1; [http://lucifit.com](http://lucifit.com)
 * [403 GET / HEAD Request: February 4, 2015 – 10:59 am]
    Event Code: BFHS – Blocked/
   Forbidden Hacker or Spammer Solution: N/A – Hacker/Spammer Blocked/Forbidden 
   REMOTE_ADDR: 184.168.224.125 Host Name: p3nlwpweb006.shr.prod.phx3.secureserver.
   net SERVER_PROTOCOL: HTTP/1.0 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR:
   HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /another-
   reason-why-the-mediterranean-diet-works-so-well/ QUERY_STRING: HTTP_USER_AGENT:
   WordPress/4.1; [http://lucifit.com](http://lucifit.com)
 * [403 GET / HEAD Request: February 4, 2015 – 10:59 am]
    Event Code: BFHS – Blocked/
   Forbidden Hacker or Spammer Solution: N/A – Hacker/Spammer Blocked/Forbidden 
   REMOTE_ADDR: 184.168.224.125 Host Name: p3nlwpweb006.shr.prod.phx3.secureserver.
   net SERVER_PROTOCOL: HTTP/1.0 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR:
   HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /contact-
   us/ QUERY_STRING: HTTP_USER_AGENT: WordPress/4.1; [http://lucifit.com](http://lucifit.com)
 * [403 GET / HEAD Request: February 4, 2015 – 10:59 am]
    Event Code: BFHS – Blocked/
   Forbidden Hacker or Spammer Solution: N/A – Hacker/Spammer Blocked/Forbidden 
   REMOTE_ADDR: 173.208.177.59 Host Name: 173.208.177.59 SERVER_PROTOCOL: HTTP/1.1
   HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: HTTP_X_CLUSTER_CLIENT_IP:
   REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: /wp-login.php QUERY_STRING: HTTP_USER_AGENT:
 * [403 GET / HEAD Request: February 4, 2015 – 7:44 pm]
    Event Code: BFHS – Blocked/
   Forbidden Hacker or Spammer Solution: N/A – Hacker/Spammer Blocked/Forbidden 
   REMOTE_ADDR: 107.150.33.138 Host Name: 107.150.33.138 SERVER_PROTOCOL: HTTP/1.1
   HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: HTTP_X_CLUSTER_CLIENT_IP:
   REQUEST_METHOD: GET HTTP_REFERER: REQUEST_URI: //wp-login.php QUERY_STRING: HTTP_USER_AGENT:
 *  Thread Starter [LuciFit](https://wordpress.org/support/users/lucifit/)
 * (@lucifit)
 * [11 years, 5 months ago](https://wordpress.org/support/topic/block-referrers/#post-5663792)
 * The GoDaddy rep says that when she went to my site she got a 403 error first,
   then a 500.
 * In addition, this is what my .htaccess file contains. Is this normal? :
 *  ——————————————————————-
    # BULLETPROOF .51.4 >>>>>>> SECURE .HTACCESS
 * # PHP/PHP.INI HANDLER/CACHE CODE
    # Use BPS Custom Code to add php/php.ini Handler
   and Cache htaccess code and to save it permanently. # Most Hosts do not have/
   use/require php/php.ini Handler htaccess code
 * # TURN OFF YOUR SERVER SIGNATURE
    # Suppresses the footer line server version
   number and ServerName of the serving virtual host ServerSignature Off
 * # DO NOT SHOW DIRECTORY LISTING
    # Disallow mod_autoindex from displaying a directory
   listing # If a 500 Internal Server Error occurs when activating Root BulletProof
   Mode # copy the entire DO NOT SHOW DIRECTORY LISTING and DIRECTORY INDEX sections
   of code # and paste it into BPS Custom Code and comment out Options -Indexes #
   by adding a # sign in front of it. # Example: #Options -Indexes Options -Indexes
 * # DIRECTORY INDEX FORCE INDEX.PHP
    # Use index.php as default directory index
   file. index.html will be ignored. # If a 500 Internal Server Error occurs when
   activating Root BulletProof Mode # copy the entire DO NOT SHOW DIRECTORY LISTING
   and DIRECTORY INDEX sections of code # and paste it into BPS Custom Code and 
   comment out DirectoryIndex # by adding a # sign in front of it. # Example: #DirectoryIndex
   index.php index.html /index.php DirectoryIndex index.php index.html /index.php
 * # BRUTE FORCE LOGIN PAGE PROTECTION
    # PLACEHOLDER ONLY # Use BPS Custom Code
   to add Brute Force Login protection code and to save it permanently. # See this
   link: [http://forum.ait-pro.com/forums/topic/protect-login-page-from-brute-force-login-attacks/](http://forum.ait-pro.com/forums/topic/protect-login-page-from-brute-force-login-attacks/)#
   for more information.
 * # BPS PRO ERROR LOGGING AND TRACKING
    # Use BPS Custom Code to modify/edit/change
   this code and to save it permanently. # BPS has premade 403 Forbidden, 400 Bad
   Request and 404 Not Found files that are used # to track and log 403, 400 and
   404 errors that occur on your website. When a hacker attempts to # hack your 
   website the hackers IP address, Host name, Request Method, Referering link, the
   file name or # requested resource, the user agent of the hacker and the query
   string used in the hack attempt are logged. # All BPS log files are htaccess 
   protected so that only you can view them. # The 400.php, 403.php and 404.php 
   files are located in /wp-content/plugins/bulletproof-security/ # The 400 and 
   403 Error logging files are already set up and will automatically start logging
   errors # after you install BPS and have activated BulletProof Mode for your Root
   folder. # If you would like to log 404 errors you will need to copy the logging
   code in the BPS 404.php file # to your Theme’s 404.php template file. Simple 
   instructions are included in the BPS 404.php file. # You can open the BPS 404.
   php file using the WP Plugins Editor. # NOTE: By default WordPress automatically
   looks in your Theme’s folder for a 404.php Theme template file.
 * ErrorDocument 400 /wp-content/plugins/bulletproof-security/400.php
    ErrorDocument
   401 default ErrorDocument 403 /wp-content/plugins/bulletproof-security/403.php
   ErrorDocument 404 /404.php
 * # DENY ACCESS TO PROTECTED SERVER FILES AND FOLDERS
    # Use BPS Custom Code to
   modify/edit/change this code and to save it permanently. # Files and folders 
   starting with a dot: .htaccess, .htpasswd, .errordocs, .logs RedirectMatch 403\.(
   htaccess|htpasswd|errordocs|logs)$
 * # WP-ADMIN/INCLUDES
    # Use BPS Custom Code to remove this code permanently. RewriteEngine
   On RewriteBase / RewriteRule ^wp-admin/includes/ – [F] RewriteRule !^wp-includes/–[
   S=3] RewriteRule ^wp-includes/[^/]+\.php$ – [F] RewriteRule ^wp-includes/js/tinymce/
   langs/.+\.php – [F] RewriteRule ^wp-includes/theme-compat/ – [F]
 * # WP REWRITE LOOP START
    RewriteEngine On RewriteBase / RewriteRule ^index\.php
   $ – [L]
 * # REQUEST METHODS FILTERED
    # If you want to allow HEAD Requests use BPS Custom
   Code and # remove/delete HEAD| from the Request Method filter. # Example: RewriteCond%{
   REQUEST_METHOD} ^(TRACE|DELETE|TRACK|DEBUG) [NC] # The TRACE, DELETE, TRACK and
   DEBUG Request methods should never be removed. RewriteCond %{REQUEST_METHOD} 
   ^(HEAD|TRACE|DELETE|TRACK|DEBUG) [NC] RewriteRule ^(.*)$ – [F]
 * # PLUGINS/THEMES AND VARIOUS EXPLOIT FILTER SKIP RULES
    # To add plugin/theme
   skip/bypass rules use BPS Custom Code. # The [S] flag is used to skip following
   rules. Skip rule [S=12] will skip 12 following RewriteRules. # The skip rules
   MUST be in descending consecutive number order: 12, 11, 10, 9… # If you delete
   a skip rule, change the other skip rule numbers accordingly. # Examples: If RewriteRule[
   S=5] is deleted than change [S=6] to [S=5], [S=7] to [S=6], etc. # If you add
   a new skip rule above skip rule 12 it will be skip rule 13: [S=13]
 * # Adminer MySQL management tool data populate
    RewriteCond %{REQUEST_URI} ^/wp-
   content/plugins/adminer/ [NC] RewriteRule . – [S=12] # Comment Spam Pack MU Plugin–
   CAPTCHA images not displaying RewriteCond %{REQUEST_URI} ^/wp-content/mu-plugins/
   custom-anti-spam/ [NC] RewriteRule . – [S=11] # Peters Custom Anti-Spam display
   CAPTCHA Image RewriteCond %{REQUEST_URI} ^/wp-content/plugins/peters-custom-anti-
   spam-image/ [NC] RewriteRule . – [S=10] # Status Updater plugin fb connect RewriteCond%{
   REQUEST_URI} ^/wp-content/plugins/fb-status-updater/ [NC] RewriteRule . – [S=
   9] # Stream Video Player – Adding FLV Videos Blocked RewriteCond %{REQUEST_URI}
   ^/wp-content/plugins/stream-video-player/ [NC] RewriteRule . – [S=8] # XCloner
   404 or 403 error when updating settings RewriteCond %{REQUEST_URI} ^/wp-content/
   plugins/xcloner-backup-and-restore/ [NC] RewriteRule . – [S=7] # BuddyPress Logout
   Redirect RewriteCond %{QUERY_STRING} action=logout&redirect_to=http%3A%2F%2F(.*)[
   NC] RewriteRule . – [S=6] # redirect_to= RewriteCond %{QUERY_STRING} redirect_to
   =(.*) [NC] RewriteRule . – [S=5] # Login Plugins Password Reset And Redirect 
   1 RewriteCond %{QUERY_STRING} action=resetpass&key=(.*) [NC] RewriteRule . – [
   S=4] # Login Plugins Password Reset And Redirect 2 RewriteCond %{QUERY_STRING}
   action=rp&key=(.*) [NC] RewriteRule . – [S=3]
 * # TIMTHUMB FORBID RFI and MISC FILE SKIP/BYPASS RULE
    # Use BPS Custom Code to
   modify/edit/change this code and to save it permanently. # Remote File Inclusion(
   RFI) security rules # Note: Only whitelist your additional domains or files if
   needed – do not whitelist hacker domains or files RewriteCond %{QUERY_STRING}
   ^.*(http|https|ftp)(%3A|:)(%2F|/)(%2F|/)(w){0,3}.?(blogger|picasa|blogspot|tsunami
   |petapolitik|photobucket|imgur|imageshack|wordpress\.com|img\.youtube|tinypic\.
   com|upload\.wikimedia|kkc|start-thegame).*$ [NC,OR] RewriteCond %{THE_REQUEST}
   ^.*(http|https|ftp)(%3A|:)(%2F|/)(%2F|/)(w){0,3}.?(blogger|picasa|blogspot|tsunami
   |petapolitik|photobucket|imgur|imageshack|wordpress\.com|img\.youtube|tinypic\.
   com|upload\.wikimedia|kkc|start-thegame).*$ [NC] RewriteRule .* index.php [F]##
   Example: Whitelist additional misc files: (example\.php|another-file\.php|phpthumb\.
   php|thumb\.php|thumbs\.php) RewriteCond %{REQUEST_URI} (timthumb\.php|phpthumb\.
   php|thumb\.php|thumbs\.php) [NC] # Example: Whitelist additional website domains:
   RewriteCond %{HTTP_REFERER} ^.*(YourWebsite.com|AnotherWebsite.com).* RewriteCond%{
   HTTP_REFERER} ^.*lucifit.com.* RewriteRule . – [S=1]
 * # BEGIN BPSQSE BPS QUERY STRING EXPLOITS
    # The libwww-perl User Agent is forbidden–
   Many bad bots use libwww-perl modules, but some good bots use it too. # Good 
   sites such as W3C use it for their W3C-LinkChecker. # Use BPS Custom Code to 
   add or remove user agents temporarily or permanently from the # User Agent filters
   directly below or to modify/edit/change any of the other security code rules 
   below. RewriteCond %{HTTP_USER_AGENT} (havij|libwww-perl|wget|python|nikto|curl
   |scan|java|winhttp|clshttp|loader) [NC,OR] RewriteCond %{HTTP_USER_AGENT} (%0A
   |%0D|%27|%3C|%3E|%00) [NC,OR] RewriteCond %{HTTP_USER_AGENT} (;|<|>|’|”|\)|\(
   |%0A|%0D|%22|%27|%28|%3C|%3E|%00).*(libwww-perl|wget|python|nikto|curl|scan|java
   |winhttp|HTTrack|clshttp|archiver|loader|email|harvest|extract|grab|miner) [NC,
   OR] RewriteCond %{THE_REQUEST} (\?|\*|%2a)+(%20+|\\s+|%20+\\s+|\\s+%20+|\\s+%
   20+\\s+)HTTP(:/|/) [NC,OR] RewriteCond %{THE_REQUEST} etc/passwd [NC,OR] RewriteCond%{
   THE_REQUEST} cgi-bin [NC,OR] RewriteCond %{THE_REQUEST} (%0A|%0D|\\r|\\n) [NC,
   OR] RewriteCond %{REQUEST_URI} owssvr\.dll [NC,OR] RewriteCond %{HTTP_REFERER}(%
   0A|%0D|%27|%3C|%3E|%00) [NC,OR] RewriteCond %{HTTP_REFERER} \.opendirviewer\.[
   NC,OR] RewriteCond %{HTTP_REFERER} users\.skynet\.be.* [NC,OR] RewriteCond %{
   QUERY_STRING} [a-zA-Z0-9_]=http:// [NC,OR] RewriteCond %{QUERY_STRING} [a-zA-
   Z0-9_]=(\.\.//?)+ [NC,OR] RewriteCond %{QUERY_STRING} [a-zA-Z0-9_]=/([a-z0-9_.]//?)
   + [NC,OR] RewriteCond %{QUERY_STRING} \=PHP[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[
   0-9a-f]{4}-[0-9a-f]{12} [NC,OR] RewriteCond %{QUERY_STRING} (\.\./|%2e%2e%2f|%
   2e%2e/|\.\.%2f|%2e\.%2f|%2e\./|\.%2e%2f|\.%2e/) [NC,OR] RewriteCond %{QUERY_STRING}
   ftp\: [NC,OR] RewriteCond %{QUERY_STRING} http\: [NC,OR] RewriteCond %{QUERY_STRING}
   https\: [NC,OR] RewriteCond %{QUERY_STRING} \=\|w\| [NC,OR] RewriteCond %{QUERY_STRING}
   ^(.*)/self/(.*)$ [NC,OR] RewriteCond %{QUERY_STRING} ^(.*)cPath=http://(.*)$ [
   NC,OR] RewriteCond %{QUERY_STRING} (\<|%3C).*script.*(\>|%3E) [NC,OR] RewriteCond%{
   QUERY_STRING} (<|%3C)([^s]*s)+cript.*(>|%3E) [NC,OR] RewriteCond %{QUERY_STRING}(\
   <|%3C).*embed.*(\>|%3E) [NC,OR] RewriteCond %{QUERY_STRING} (<|%3C)([^e]*e)+mbed.*(
   >|%3E) [NC,OR] RewriteCond %{QUERY_STRING} (\<|%3C).*object.*(\>|%3E) [NC,OR]
   RewriteCond %{QUERY_STRING} (<|%3C)([^o]*o)+bject.*(>|%3E) [NC,OR] RewriteCond%{
   QUERY_STRING} (\<|%3C).*iframe.*(\>|%3E) [NC,OR] RewriteCond %{QUERY_STRING} (
   <|%3C)([^i]*i)+frame.*(>|%3E) [NC,OR] RewriteCond %{QUERY_STRING} base64_encode.*\(.*\)[
   NC,OR] RewriteCond %{QUERY_STRING} base64_(en|de)code[^(]*\([^)]*\) [NC,OR] RewriteCond%{
   QUERY_STRING} GLOBALS(=|\[|\%[0-9A-Z]{0,2}) [OR] RewriteCond %{QUERY_STRING} 
   _REQUEST(=|\[|\%[0-9A-Z]{0,2}) [OR] RewriteCond %{QUERY_STRING} ^.*(\(|\)|<|>
   |%3c|%3e).* [NC,OR] RewriteCond %{QUERY_STRING} ^.*(\x00|\x04|\x08|\x0d|\x1b|\
   x20|\x3c|\x3e|\x7f).* [NC,OR] RewriteCond %{QUERY_STRING} (NULL|OUTFILE|LOAD_FILE)[
   OR] RewriteCond %{QUERY_STRING} (\.{1,}/)+(motd|etc|bin) [NC,OR] RewriteCond %{
   QUERY_STRING} (localhost|loopback|127\.0\.0\.1) [NC,OR] RewriteCond %{QUERY_STRING}(
   <|>|’|%0A|%0D|%27|%3C|%3E|%00) [NC,OR] RewriteCond %{QUERY_STRING} concat[^\(]*\([
   NC,OR] RewriteCond %{QUERY_STRING} union([^s]*s)+elect [NC,OR] RewriteCond %{
   QUERY_STRING} union([^a]*a)+ll([^s]*s)+elect [NC,OR] RewriteCond %{QUERY_STRING}\-[
   sdcr].*(allow_url_include|allow_url_fopen|safe_mode|disable_functions|auto_prepend_file)[
   NC,OR] RewriteCond %{QUERY_STRING} (;|<|>|’|”|\)|%0A|%0D|%22|%27|%3C|%3E|%00).*(/\*
   |union|select|insert|drop|delete|update|cast|create|char|convert|alter|declare
   |order|script|set|md5|benchmark|encode) [NC,OR] RewriteCond %{QUERY_STRING} (
   sp_executesql) [NC] RewriteRule ^(.*)$ – [F] # END BPSQSE BPS QUERY STRING EXPLOITS
   RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule./
   index.php [L] # WP REWRITE LOOP END
 * # DENY BROWSER ACCESS TO THESE FILES
    # Use BPS Custom Code to modify/edit/change
   this code and to save it permanently. # wp-config.php, bb-config.php, php.ini,
   php5.ini, readme.html # Replace 88.77.66.55 with your current IP address and 
   remove the # pound sign # in front of the Allow from line of code below to be
   able to access # any of these files directly from your Browser.
 * <FilesMatch “^(wp-config\.php|php\.ini|php5\.ini|readme\.html|bb-config\.php)”
   >
    Order Allow,Deny Deny from all #Allow from 88.77.66.55 </FilesMatch>
 * # CUSTOM CODE BOTTOM HOTLINKING/FORBID COMMENT SPAMMERS/BLOCK BOTS/BLOCK IP/REDIRECT
   CODE
    RewriteCond %{HTTP_REFERER} ^.*(semalt\.com|buttons-for-website\.com).*
   $ [NC] RewriteRule ^(.*)$ – [F]
 *  Plugin Author [AITpro](https://wordpress.org/support/users/aitpro/)
 * (@aitpro)
 * [11 years, 5 months ago](https://wordpress.org/support/topic/block-referrers/#post-5663793)
 * I just checked your site again. I do not see any errors and the site is displaying
   fine/normally to me. Your htaccess file and code are fine – no mistakes.
 * Most of the Security Log entries have something in common: SERVER_PROTOCOL: HTTP/
   1.0 but you are not using the BPS Bonus Custom Code in the code you posted above
   that blocks by Server Protocol HTTP/1.0. At least not in this htaccess file that
   you posted above. Do you have another htaccess file somewhere else under your
   hosting account?
 * Either way the Server Protocol should be HTTP/1.1 and not HTTP/1.0. So you need
   to ask your host why the server protocol is HTTP/1.0
 * When I check your site with Built With: [http://builtwith.com/lucifit.com](http://builtwith.com/lucifit.com)
   I see that you have a Go Daddy SSL Certificate, but your site is loading HTTP
   and not HTTPS. Probably not related and you have an SSL Certificate, but are 
   not using it / have not installed it.
 * Since I cannot see a problem and your site displays normally without any errors
   then you can put your site in Default Mode and have other people check it to 
   see if they are still seeing errors. This will at least eliminate BPS as the 
   cause of the errors.
 *  Plugin Author [AITpro](https://wordpress.org/support/users/aitpro/)
 * (@aitpro)
 * [11 years, 5 months ago](https://wordpress.org/support/topic/block-referrers/#post-5663794)
 * Another very likely cause of the errors is that i see that you have a lot of 
   external links loading on your website. Let’s say you have an Ad link on your
   website that loads an external Ad link to another website and that other website
   is hacked. Google and other Search Engines will think your website is hacked 
   and display a warning to all visitors. What causes that is the Ad link is loading
   things on your website that appear to be coming from your website. You should
   eliminate 3rd party external links that are loading on your website as the cause
   of the errors.
 *  Plugin Author [AITpro](https://wordpress.org/support/users/aitpro/)
 * (@aitpro)
 * [11 years, 5 months ago](https://wordpress.org/support/topic/block-referrers/#post-5663795)
 * Or the Server Protocol HTTP/1.0 security log entries could just be miners, scrapers
   and harvestors doing what they do. The security log entries will always appear
   to be coming from your website when someone scrapes your site due to the fact
   that it is a type of website “mirroring” that is performed.

Viewing 15 replies - 1 through 15 (of 20 total)

1 [2](https://wordpress.org/support/topic/block-referrers/page/2/?output_format=md)
[→](https://wordpress.org/support/topic/block-referrers/page/2/?output_format=md)

The topic ‘block referrers?’ is closed to new replies.

 * ![](https://ps.w.org/bulletproof-security/assets/icon-128x128.png?rev=1731938)
 * [BulletProof Security](https://wordpress.org/plugins/bulletproof-security/)
 * [Support Threads](https://wordpress.org/support/plugin/bulletproof-security/)
 * [Active Topics](https://wordpress.org/support/plugin/bulletproof-security/active/)
 * [Unresolved Topics](https://wordpress.org/support/plugin/bulletproof-security/unresolved/)
 * [Reviews](https://wordpress.org/support/plugin/bulletproof-security/reviews/)

 * 20 replies
 * 2 participants
 * Last reply from: [AITpro](https://wordpress.org/support/users/aitpro/)
 * Last activity: [11 years, 5 months ago](https://wordpress.org/support/topic/block-referrers/page/2/#post-5663800)
 * Status: resolved