Maybe this solution?
# block visitors referred from indicated domains
RewriteEngine on
RewriteCond %{HTTP_REFERER} baddomain01\.com [NC,OR]
RewriteCond %{HTTP_REFERER} baddomain02\.com [NC]
RewriteRule .* - [F]
Or even this solution
To ban an IP address from accessing your website, create a .htaccess file within your root directory (usually public_html or www) and add the following configuration in the file:
order allow,deny
deny from 127.0.0.1
allow from all
Actually your sever does not store cookies due to which the server can't identify banned users.
To block multiple referrer, you can simply try one of the srings below:
RewriteEngine On
RewriteCond %{HTTP_REFERER} example\.com [NC,OR]
RewriteCond %{HTTP_REFERER} example\.net [NC]
RewriteRule .* - [F]
or
SetEnvIfNoCase Referer "example\.com" bad_referer
SetEnvIfNoCase Referer "example\.net" bad_referer
Order Allow,Deny
Allow from ALL
Deny from env=bad_referer
i try it but still bad users access to my chat via
127.0.0.1:35555/lite.swf?init_host=example.com&init_port=51127
this is my .htaccesss file
order allow,deny
allow from all
deny from 127.0.0.1
deny from 93.X.X.X # <--- this is my windows server to test this ip wads blocked yes but the 127.0.0.1 not blocked
RewriteEngine on
RewriteCond %{HTTP_REFERER} 127.0.0.1 [NC]
RewriteCond %{HTTP_REFERER} localhost [NC]
RewriteRule .* - [F]
# Redirect www to non-www first
RewriteCond %{HTTP_HOST} ^www\.(.+) [NC]
RewriteRule ^(.*) https://%1/$1 [R=301,NE,L]
# Then redirect http to https (if necessary)
RewriteCond %{HTTPS} off
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [NE,L,R=301]
RewriteCond %{HTTP_USER_AGENT} libwww-perl.*
RewriteRule .* ? [F,L]
# BEGIN Compress text files
<ifModule mod_deflate.c>
<filesMatch "\.(css|js|x?html?|php)$">
SetOutputFilter DEFLATE
</filesMatch>
</ifModule>
# END Compress text files
# BEGIN Expire headers
<ifModule mod_expires.c>
ExpiresActive On
ExpiresDefault "access plus 1 seconds"
ExpiresByType image/x-icon "access plus 2592000 seconds"
ExpiresByType image/jpeg "access plus 2592000 seconds"
ExpiresByType image/png "access plus 2592000 seconds"
ExpiresByType image/gif "access plus 2592000 seconds"
ExpiresByType application/x-shockwave-flash "access plus 2592000 seconds"
ExpiresByType text/css "access plus 604800 seconds"
ExpiresByType text/javascript "access plus 216000 seconds"
ExpiresByType application/javascript "access plus 216000 seconds"
ExpiresByType application/x-javascript "access plus 216000 seconds"
ExpiresByType text/html "access plus 600 seconds"
ExpiresByType application/xhtml+xml "access plus 600 seconds"
</ifModule>
# END Expire headers
# BEGIN Cache-Control Headers
<ifModule mod_headers.c>
<filesMatch "\.(ico|jpe?g|png|gif|swf)$">
Header set Cache-Control "max-age=2592000, public"
</filesMatch>
<filesMatch "\.(css)$">
Header set Cache-Control "max-age=604800, public"
</filesMatch>
<filesMatch "\.(js)$">
Header set Cache-Control "max-age=216000, private"
</filesMatch>
<filesMatch "\.(x?html?|php)$">
Header set Cache-Control "max-age=216000, private, must-revalidate"
</filesMatch>
</ifModule>
# END Cache-Control Headers
# BEGIN Turn ETags Off
<ifModule mod_headers.c>
Header unset ETag
</ifModule>
FileETag None
# END Turn ETags Off
# BEGIN Remove Last-Modified Header
<ifModule mod_headers.c>
Header unset Last-Modified
</ifModule>
# END Remove Last-Modified Header
<Files 403.shtml>
order allow,deny
allow from all
deny from 93.X.X.X #<--- when adding my windows server IP here its not blocked and i can login to chat
deny from 127.0.0.1 #<--- not blocked i can login via the link
</Files>
RewriteRule .*\.()$ - [F,NC]