Hi,
* you only need to switch on the RewriteEngine once
* leave out the OR in the last RewriteCond line, as there are no more conditions coming. So it should read

RewriteCond %{HTTP_REFERER} example\.co\.uk [NC]

If you have access to Apache's error log: read it, as it may contain relevant information.

[edited by: jdMorgan at 2:54 pm (utc) on Dec. 23, 2006]
[edit reason] Examplified [/edit]

Unfortunately I don't have access to that log.

I'm realy fumbling with this file. (Like I said I'm not very smart person)

It still doesn't appear to block referals from the sites I want to block. And I'm not certain at all if it's blocking the IP addresses I want to block.

But am I at least on the right track?
--------

order allow,deny
deny from 66.11.54.71
deny from 66.11.54.
allow from all
RewriteEngine on
RewriteCond %{HTTP_REFERER}!^$
RewriteCond %{HTTP_REFERER}!^http://(.*\.)?mysite.com [NC]
RewriteRule \.(gif¦jpg¦jpeg¦png¦mpg¦mpeg¦wmv¦avi¦mov¦asf¦swf)$ - [NC,F]

# Options +FollowSymlinks
RewriteCond %{HTTP_REFERER} alexa\.com [NC,OR]
RewriteCond %{HTTP_REFERER} example\.co\.uk [NC]
RewriteRule .* - [G]

I'd change those IP addresses to use CIDR notation, as described in the mod_access documentation. It's often the simplest way to cover IP address ranges that span more than one number in a class, but don't span the entire class. You can get the CIDR notation by looking up the IP address using arin.net and some other top-level WHOIS lookup sites.

If required, the Options directive should be placed before the RewriteEngine directive as shown, for clarity.

I made a few more tweaks for the sake of efficiency.

Order allow,deny
Deny from 66.11.48.0/20
Allow from all
#
# Options +FollowSymlinks
RewriteEngine on
#
RewriteCond %{HTTP_REFERER} .
RewriteCond %{HTTP_REFERER} !^http://([^.]+\.)*mysite\.com [NC]
RewriteRule \.(gif夸pe?g如ng妃pe?g安mv地vi妃ov地sf存wf)$ - [NC,F]
#
RewriteCond %{HTTP_REFERER} alexa\.com [NC,OR]
RewriteCond %{HTTP_REFERER} example\.co\.uk [NC]
RewriteRule .* - [G]

Be aware that this code will not stop accesses from these referrers to your site; only a firewall can do that. However, the code will stop successful accesses to your site from the named referrers, as long as the client sends a referrer request header.

As a result, you will still see requests with these referrers in your logs/stats, but your server's response should be a 403-Forbidden, rather than a 200-OK or any other "success" response.

For background information, see the documents cited in our forum charter [webmasterworld.com] and the tutorials in the Apache forum section of the WebmasterWorld library [webmasterworld.com].

Jim

I'm getting a server 500 error.

What's in your server error log?

[added] Oh, and note that posting on this forum modifies the pipe "¦" characters; You'll have to re-type those from your keyboard before using any code posted here. [/added]

Jim

[edited by: jdMorgan at 7:43 pm (utc) on Dec. 23, 2006]

I don't have access to that information.

I've been reading the tutorial and I'm just too stupid to understand it. What I'll do is search around and pay someone to write it for me. All of this is just way over my head and I'm really not a very smart person.

But thanks for your help and efforts.
I appreciate it a lot.

Well, I wouldn't have a server with no error log access, but the first thing I'd try is uncommenting the Options directive, which is required on some servers, but not allowed on others -- confusing, but true.

Take the "# " off the beginning of the Options line, and see if that helps.

Also, do you know for certain that mod_rewrite works on this server?

Lack of patience is far more disabling than lack of technical knowledge or confidence. I encourage you to keep trying.

Jim

I'm reading and reading and reading.

It's like learning a new language and the problem is I need a translation to understand the translation that explains that language.

What you technical guys do completely mystifies me.
Hopefully I just stumble on to something and it works.