htaccess stop external script requests by domain match?

we've got a few sites using the same cms and we keep getting hacked which we're looking 开发者_JS百科at now.

Problem is its taking a while and its really hard to find all the compromised database entries quickly.

In the meantime how can we stop requests to external servers with htaccess?

ie if there's a request to an external domains script that contains ".ru" block?

any help would be much appreciated!!!

best, Dan.

ok found this article which has methods to do this;

http://stopmalvertising.com/security/securing-your-website-with-htaccess/Page-4.html

even five a list of other notorious robots to block;

##############################################################

# stop the hacks!

# useragents starting with
RewriteCond %{HTTP_USER_AGENT} ^atraxbot [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^Azureus [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^geohasher [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^PycURL [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^Python-urllib [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^research-scan-bot [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^Sosospider [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^Wget [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^xenu [NC,OR]

# user agent contains string
RewriteCond %{HTTP_USER_AGENT} ^.*onmult.ru [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*casper [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*goblox [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*sun4u [NC]
RewriteRule ^(.*)$ - [F]

best, Dan.