I'm having problem with some fucker who keeps signing up under different ips and domains to trade but uses a hitbot. (A lot of sites are getting cheated by this guy) Its killing my productivity. I've added the following to .htaccess

RewriteEngine on
RewriteOptions inherit
RewriteCond %{HTTP_REFERER} sexualposes.net
RewriteCond %{HTTP_REFERER} nopplystan.com
RewriteCond %{HTTP_REFERER} 161.58.66.118
RewriteCond %{HTTP_REFERER} 161.58.142.3
RewriteRule /* http://www.redirecthere.com

This is helping to block hits coming from sexualposes.net and nopplystan.com but the hits are still coming in from the pages located on the IP adddresses. Can anyone give advice on how to block requests from a IP referrer.

Why you just use :

deny from sexualposes.net

It can block this domain.

rewritecond (unfortunately) forces you to use regular expressions, meaning you need to escape special characters such as "." with a preceeding backslash "\". you may also need to modify your expression so its more like

RewriteCond %{HTTP_REFERER} ^http://192\.168\.0\.1

also, you may have much better luck doing the inverse of this, ie only allowing traffic from your own domain

RewriteCond %{HTTP_REFERER} !^http://www\.yourdomain\.com/
RewriteCond %{HTTP_REFERER} !^http://yourdomain\.com/
RewriteCond %{HTTP_REFERER} !^$
RewriteRule /* http://www.yomama.com/

The problem is not blocking sexualposes.net or any other domain. That is being accomplished. Its the hits being referred by 161.58.66.118 and 161.58.142.3. I'm getting tons of hitbot hits from sites hosted on these IPs. How do you block hits referred by a IP address instead of a domain?

put this at the top of your .htaccess file

<Limit GET>
order allow,deny
deny from 161.58.66.118
deny from 161.58.142.3
allow from all
</Limit>

And then point your 403 error back to :
http://161.58.66.118 http://161.58.142.3

So they will how much more bandwidth they get.

just to be clear, referrer means the site they were at before they went to yours, ie it was appearing as http://192.168.0.1/ or something in your logs. if the hits are coming directly from that ip, that <limit> statement above here will do what you want.