Is there a way to block people from accessing my site if they came from a certin url?
 

Is there a way to block people from accessing my site if they came from a certin url?

Example:
site-xyz.com has a link to my site and I want apache to not display the site if that is the referring URL.

Is there anyway to do that?

You can edit your httpd.cond and inside the <Directory...> section that defines your DocumentRoot change the allow/deny directives to read:

I think that will deny all users who connect from a computer on the site-xyz.com domain. The original poster was asking about referalls. I'd probably use a simple PHP script to check the HTTP referrer variable and forward the user to an access deny page if they came from site-xyz.com. However, this is fairly easily circumvented, since browsers can be configured not to send referrer data. You can of course check for a valid referer, but this will probably block some amount of legitimate traffic.

You could also use mod_rewrite and base your decisions on the HTTP_REFFERER variable

There's an exact tutorial for doing this, under "Blocked Inline-Images".

Is there a way to do it with SNORT?

Do you already have it running as SNORT-inline or just as a sensor? Trying to use SNORT would be messy, you'd need to pull the referrer from the http header and then come up with a regex to match.

Apache already has mod_rewrite installed and all you need to do is turn the ReWriteEngine on and use the [F] Forbid target to block any requests where the refferer isn't you (except for index.html).