malyousif,

Welcome to WebmasterWorld!

I assume you have a RewriteRule following that RewriteCond, and that the RewriteCond you show is not the last one in the ruleset:

Options +FollowSymLinks
RewriteEngine on
RewriteCond %{HTTP_REFERER} ^http://.*domain\.com [NC,OR]
RewriteCond %{HTTP_REFERER} ^http://otherbadsite\.com [NC]
RewriteRule .* - [F]

I have eliminated all unnecessary parts of the regular-expressions patterns, demonstrated that the last RewriteCond in your list must not have an [OR] flag, and shown a generic rule that will generate a 403-Forbidden response.

The requests from these sites will still show up if your logs, they'll just get a 403 response.

Jim

Thank you!

Yes indeed, the conditions you mention are actually in place. I was not aware however that even if they do get a 403 they will still be shown in the referrer log! I assumed that they won't, hence their attempt will not show up on my blog's referrers list, which was my intention all along...

I didn't however put the escape \ character before the dot. If that is necessary, then it is my error and it might have contributed to the problem.

Apache logs all incoming requests, so they will show up in your logs -- and on your blog referrer list unless your blog script filters them. Since you're returning a 403 response, you could filter based on that, and exclude those requests from your list.

The only way to really block this kind of stuff is to ask your host to block them by IP address at the firewall (or router). If the requests don't reach your server, they won't be logged.

Jim

thank you very much jd, I think I understand the situation a little bit better now.

regards
mahmood