From
Greenguy and Jim FAQ you could use those rules. Raymor refined those and I find them to be about as bulletproof as you can get.
Code:
RewriteEngine on
# leave this line in allow empty referrers, remove to disallow empty referrers
RewriteCond %{HTTP_REFERER} !^$ [NC]
RewriteCond %{HTTP_REFERER} !^http://(.*@)?([a-z0-9-]+\.)?yourdomain\.com([0-9]+)?(/.*)?$ [NC]
RewriteRule .*\.(asf|mpg|mpeg|wmv|avi|rm|gif|jpeg|jpg|zip)$ - [NC,F,L]
You can add in additional lines above the RewriteRule like:
Code:
RewriteEngine on
# leave this line in allow empty referrers, remove to disallow empty referrers
RewriteCond %{HTTP_REFERER} !^$ [NC]
RewriteCond %{HTTP_REFERER} !^http://(.*@)?([a-z0-9-]+\.)?yourdomain\.com([0-9]+)?(/.*)?$ [NC]
RewriteCond %{HTTP_REFERER} !^http://(.*@)?([a-z0-9-]+\.)?anotherdomain\.com([0-9]+)?(/.*)?$ [NC]
RewriteRule .*\.(asf|mpg|mpeg|wmv|avi|rm|gif|jpeg|jpg|zip)$ - [NC,F,L]
or, you could do something like:
Code:
RewriteEngine on
# leave this line in allow empty referrers, remove to disallow empty referrers
RewriteCond %{HTTP_REFERER} !^$ [NC]
RewriteCond %{HTTP_REFERER} !^http://(.*@)?([a-z0-9-]+\.)?(yourdomain\.com|anotherdomain\.com|andathirddomain\.com)([0-9]+)?(/.*)?$ [NC]
RewriteRule .*\.(asf|mpg|mpeg|wmv|avi|rm|gif|jpeg|jpg|zip)$ - [NC,F,L]
as far as performance, every line that is in your .htaccess file needs to be parsed. The fewer lines you have, the quicker it is going to parse it and the regexp engine within apache is pretty good.
For ease of use, a separate line for each domain probably won't be much of a performance hit.