Do spammers really leave referrers? 2006/9/18, Gabor Hojtsy <gabor@hojtsy.hu>:
We have some .htaccess directives at weblabor.hu to cut down on pointless CPU usage. One is denying requests based on referers (which is trackback related too).
SetEnvIfNoCase Referer ".*(casino).*" BadReferrer SetEnvIfNoCase Referer ".*(pharmacy).*" BadReferrer SetEnvIfNoCase Referer ".*(gambling).*" BadReferrer SetEnvIfNoCase Referer ".*(poker).*" BadReferrer SetEnvIfNoCase Referer ".*(pills).*" BadReferrer deny from env=BadReferrer
Also if you would like to send a proper(!) "Gone" HTTP code to user agents who try to request your previously available trackback URLs, you can do:
RewriteCond %{REQUEST_FILENAME} !-f RewriteRule ^trackback - [G]
This sends a "Gone" HTTP status to the requester. This is better then an "Access denied" status, since you explictly state that the resource does not exist anymore, and any reference to it should be removed. The actual difference in meaning is only relevant for well-behaving bots, not the spammers, but it is nice to accurately inform well-behaving bots about the situation.