We use suphp on this server and here was the solution. In the user’s public_html file we created a .htaccess with the following:
SetEnv PHPRC /home/$user/public_html/php.ini
Then a php.ini file with:
auto_prepend_file = /home/$user/public_html/checkrefer.php
//First we check to see if a valid session exists
//keep going and allow access
$domainref = parse_url($domain, PHP_URL_HOST);
//check to see what the referrer is
//start session and allow access
$_SESSION[‘allowme’] = 1; // store session data
//block access bad referrer and no session
print “Access Forbidden. Please visit this page for further information.”;
On this script you have to set $validreferdomain = to the referrer you want the visitor to come from.
Limitation – this only effects php pages and not images or other file types. You can get it to lock down html pages by setting the site to parse html as php.