As a web administrator or blogger, it might become necessary at some point, to block access to visits from certain traffic sources. You might want to take this decision as a result of bot engagements, spammy traffic, ads serving vulnerability, or other reasons best known to you.
Recently, I had worries about an increase in spam traffic from domain names having .xyz extensions on one of my blogs. To counter this I was required to block visits from referral sites with a .xyz domain extension. This prompted me to do some investigations which I will subsequently be sharing in this post.
To effectively block traffic from spammy sources, I discovered two approaches that would be effective for any website, irrespective of the framework or technology used in setting it up. The first approach is what I would call the CLOUDFLARE APPROACH while the second is the .htaccess APPROACH. As you may be assuming, the former involves the use of Cloudflare technology while the latter involves adding a block of code to the root .htaccess file of your website.
1. THE CLOUDFLARE APPROACH
Before using this approach, ensure your website has been integrated with Cloudflare.
1. Go to Cloudflare’s Website and log in to your Cloudflare account.
2. On your Cloudflare Dashboard, click on an already integrated website you want to effect the referral blocking on.
3. In your website section toggle the Security menu and click on the WAF option. WAF is an acronym for Web Application Firewall.
4. Create a firewall rule.
5. On the next screen, give a name to your Firewall Rule. Select Referer in the Field, Contains in Operator, and add the common value (.xyz) in the referrals you are trying to block. Do not forget to select Block as the Action. What the parameters in the screenshot below do is block every visit from any website containing .xyz in the domain name. You need to deploy the firewall rule after inserting the correct parameter.
Voila! You have successfully blocked referral traffic from specific sources using Cloudflare.
2. THE .htaccess APPROACH
I really would not recommend this method as it is more technical and a little mistake on your end can render your website fractured. If you use WordPress, take advantage of the previous method because the .htaccess file can be regenerated whenever you save permalinks or change your blog theme which would make the block of code you have added to be lost. What happens when this block of code is lost is that the blocked referrals would regain access to your website.
If you insist on using the .htaccess method, locate the .htaccess file in your website’s root directory. If you are unable to find it, locate settings and toggle on show hidden files. Open the .htaccess file in your CPanel’s editor and add the following line of code from the last code block.
## SITE REFERRAL BLOCK
RewriteCond %{HTTP_REFERER} *\.xyz [NC,OR]
RewriteRule .* – [F]The block of code above blocks traffic from any website having a .xyz domain extension when added to your .htaccess file.
I hope you have been able to block spam referral traffic from granting access to your website. Do well to bookmark my blog for more tech tips. Thanks for coming along!