How to Use the HTTP Referer

Things you can do with the referer process

http://www shown in address bar

 ilco / Stock.xchng

The information that you see written on websites is only a piece of the data that those sites transmit as they travel from a web server to a person's browser and vice versa. There is also a fair amount of data transfer that happens behind the scenes - and if you know how to access that data, you may be able to use it in interesting and useful ways. Let's look at one specific piece of data that is transferred during this process — the HTTP referer.

Referer is a misspelling of the word referrer, that was introduced and has remained in the code and the naming of this capability.

What is the HTTP Referer?

The HTTP referer is data that is passed by web browsers to the server to tell you what page the reader was on before they came to this page. This information can be used on your website to provide extra help, create special offers to targeted users, redirect customers to relevant pages and content, or even to block visitors from coming to your site. You can also use scripting languages like JavaScript, PHP, or ASP to read and evaluate referrer information. 

Collecting Referer Information With PHP, JavaScript, and ASP

So how do you collect this HTTP referer data? Here are some methods you can use:

PHP stores referer information in a system variable called HTTP_REFERER. To display the referer on a PHP page you can write:

if(isset($_SERVER['HTTP_REFERER'])) {

This checks that the variable has a value and then prints it to the screen. Instead of

you would put script lines in place to check for various referers.

JavaScript uses the DOM to read the referer. Just like with PHP, you should check to make sure that the referer has a value. However, if you want to manipulate that value, you should set it to a variable first. Below is how you would display the referer to your page with JavaScript. Note that the DOM uses the alternate spelling of referrer, adding an extra "r" in there:

if (document.referrer) {
var myReferer = document.referrer;

Then you can use the referer in scripts with the variable


ASP, like PHP, sets the referer in a system variable. You can then collect that information like this:

if (Request.ServerVariables("HTTP_REFERER")) {
Dim myReferer = Request.ServerVariables("HTTP_REFERER")

You can use the variable

to adjust your scripts as needed.

Once You Have the Referer, What Can You Do With It?

So getting the data is step one. How you go about that will depend on your specific site. The next step, of course, is finding ways to use this information.

Once you have the referer data, you can use it to script your sites in a number of ways. One simple thing that you can do is to just post where you think a visitor came from. Admittedly, that is pretty boring, but if you need to run some tests, that may be a good entry point to work with.

What is a more interesting example is when you use the referer to display different information depending upon where they came from. For example, you could do the following:

  • General welcome message
    • You can print the referer URL at the top of your page in a general welcome message. As I mentioned above it's pretty boring but does offer some basic personalization. 
  • Welcome search engine visitors
    • When someone has arrived at your site from a search engine (i.e. their referer is or or, etc.), you might want to provide them with a little extra information to encourage them to stay longer on your site. You could point out your newsletter URL or give them links to some of the more popular pages on your site. 
  • Pass information to forms
    • If you have a link on your site for people to report problems with the site itself, knowing the referer can be very useful. People will often report problems with a web page without indicating the URL, but you can use the referer information to make a guess about what they are reporting. This script will add the referer to a hidden form field, allowing you some data as to where on the site they may have encountered the problem. 
  • Create a special offer for some visitors
    • Perhaps you want to give people who come from a specific page a special deal on your products or services. This is another example of personalization, where you are shaping their user experience and the content that they see based on their user data, For example, if you sell a variety of products, you can perhaps offer a deal relevant to what they have already been looking at on your site. 
  • Send visitors to another page
    • You can also send people from a specific referer to another page altogether. Be very careful with this, as Google and other search engines might consider this to be misleading and penalize your site.

Block Users with .htaccess by Referer

From a security standpoint, if you are experiencing a lot of referer spam on your site from one particular domain, it can help to simply block that domain from your site. If you're using Apache with mod_rewrite installed, you can block them with a few lines. Add the following to your

.htaccess file
RewriteEngine on
# Options +FollowSymlinks
RewriteCond %{HTTP_REFERER} spammer\.com [NC]
RewriteRule .* - [F]

Remember to change the word

to the domain you want to block. Remember to put the \ in front of any periods in the domain.

Don't Rely on the Referer

Remember that it is possible to spoof the referer, so you should never use the referer alone for security. You can use it as an add-on to your other security, but if a page should only be accessed by specific people, then you should set a password on it with