diff --git a/defaults/main.yml b/defaults/main.yml
index 1b6a229a561a9c740a9f2e30f503b10544a1e1fd..7491f6ba4b7dbfb6c8fbb33698f8cdf633b8a9a2 100644
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -1,8 +1,87 @@
 default_proxy: ''
 proxy_default_backend: ''
 proxy_certificates: []
-proxy_blacklist_ips: []
 proxy_timeout_connect: '5s'
 proxy_timeout_client: '20s'
 proxy_timeout_server: '45s'
 proxy_redirect_aliase: false
+proxy_blacklist:
+  ip:
+    - '146.185.176.158'
+    - '162.243.9.72'
+    - '173.199.114.0/24'
+    - '173.199.115.0/24'
+    - '173.199.115.112/29'
+    - '173.199.116.0/24'
+    - '173.199.117.0/24'
+    - '173.199.118.0/24'
+    - '173.199.119.0/24'
+    - '173.199.120.0/24'
+    - '182.50.130.0/24'
+    - '188.92.74.0/24'
+    - '195.239.0/24'
+    - '198.186.190.0/23'
+    - '198.186.192.0/23'
+    - '198.186.194.0/24'
+    - '208.167.230.0/24'
+    - '209.222.12.0/24'
+    - '210.171.3.0/24'
+    - '212.100.254.105'
+    - '212.113.0.0/24'
+    - '212.113.32.0/21'
+    - '212.113.37.0/24'
+    - '213.186.0.0/24'
+    - '213.186.96.0/19'
+    - '46.137.98.159'
+    - '5.10.83.0/24'
+    - '5.10.83.0/25'
+    - '5.9.0.0/24'
+    - '5.9.104.0/24'
+    - '50.112.126.117'
+    - '54.232.100.158'
+    - '54.235.220.243'
+    - '54.249.240.15'
+    - '54.251.45.250'
+    - '54.252.97.95'
+    - '69.42.83.0/24'
+  referer:
+    - 'best-seo-solution.com'
+    - 'best-seo-offer.com'
+    - 'buttons-for-website.com'
+    - 'buttons-for-your-website.com'
+    - 'semalt.com'
+    - '7makemoneyonline.com'
+  agent:
+    - 'AhrefsBot'
+    - 'Ahrefs'
+    - 'rogerbot'
+    - 'MJ12bot'
+    - 'majestic12'
+    - 'MJ12'
+    - 'SiteBot'
+    - 'Semrush'
+    - 'CCBot'
+    - '80legs'
+    - 'Sogou'
+    - 'DigExt'
+    - 'spbot'
+    - 'ia_archiver'
+    - 'Rankivabot'
+    - 'DBLBot'
+    - 'libw'
+    - 'Java'
+    - 'Voil'
+    - 'Twice'
+    - 'Sogou'
+    - 'psbot'
+    - 'Exabot'
+    - 'boitho'
+    - 'ajSitemap'
+    - 'Rankivabot'
+    - 'SeznamBot'
+    - 'DBLBot'
+    - 'Ezooms'
+    - 'Ezooms/1.0'
+    - 'exabot'
+    - 'dotbot'
+    - 'gigabot'
diff --git a/tasks/configure.yml b/tasks/configure.yml
index e04621ead58f17068ad52ba8227e68be55fd01b7..3ab58025c2c1a8bc908019bd38689d9672754518 100644
--- a/tasks/configure.yml
+++ b/tasks/configure.yml
@@ -2,58 +2,69 @@
 # file: roles/haproxy/tasks/configure.yml
 
 - name: "Proxy | Install SSL certificates"
-  copy: src={{inventory_dir}}/files/ssl/{{item.file}}
-        dest=/etc/haproxy/certs
+  copy:
+    src='{{inventory_dir}}/files/ssl/{{item.file}}'
+    dest='/etc/haproxy/certs'
   with_items: '{{ proxy_certificates }}'
   when: not item.letsencrypt|default(false)
   notify: 'Proxy | Restart HAProxy'
 
 - name: "Proxy | Create host lists"
-  template: src=host_list
-            dest=/etc/haproxy/{{item}}.list
-            owner=root
-            group=root
-            mode=644
+  template:
+    src='host_list'
+    dest='/etc/haproxy/{{item}}.list'
+    owner='root'
+    group='root'
+    mode='644'
   with_items: '{{ groups.all }}'
   notify: 'Proxy | Restart HAProxy'
 
 - name: "Proxy | Create host ssl lists"
-  template: src=host_ssl_list
-            dest=/etc/haproxy/{{item}}.ssl.list
-            owner=root
-            group=root
-            mode=644
+  template:
+    src='host_ssl_list'
+    dest='/etc/haproxy/{{item}}.ssl.list'
+    owner='root'
+    group='root'
+    mode='644'
   with_items: '{{ groups.all }}'
   notify: 'Proxy | Restart HAProxy'
 
 - name: "Proxy | Create empty crm lists files"
-  file: dest=/etc/haproxy/{{item}}.crm.list
-        owner=root
-        group=root
-        mode=644
-        state=touch
+  file:
+    dest='/etc/haproxy/{{item}}.crm.list'
+    owner='root'
+    group='root'
+    mode='644'
+    state='touch'
   with_items: '{{ groups.all }}'
   changed_when: false
 
 - name: "Proxy | Create config file"
-  template: src=haproxy_cfg
-            dest=/etc/haproxy/haproxy.cfg
-            owner=root
-            group=root
-            mode=644
+  template:
+    src='haproxy_cfg'
+    dest='/etc/haproxy/haproxy.cfg'
+    owner='root'
+    group='root'
+    mode='644'
   notify: 'Proxy | Restart HAProxy'
 
 - name: "Proxy | Install update php script"
-  copy: src=etc_haproxy_update_update_php
-        dest=/etc/haproxy/update/update.php
-        owner=root
-        group=root
-        mode=444
+  copy:
+    src='etc_haproxy_update_update_php'
+    dest='/etc/haproxy/update/update.php'
+    owner='root'
+    group='root'
+    mode='444'
 
-- name: "Proxy | Update blacklist"
-  template: src=blacklist
-            dest=/etc/haproxy/blacklist
-            owner=root
-            group=root
-            mode=644
+- name: "Proxy | Update blacklists"
+  template:
+    src='{{ item }}'
+    dest='/etc/haproxy/{{ item }}'
+    owner='root'
+    group='root'
+    mode='644'
+  with_items:
+    - 'blacklist.ip'
+    - 'blacklist.referer'
+    - 'blacklist.agent'
   notify: 'Proxy | Restart HAProxy'
diff --git a/templates/blacklist b/templates/blacklist
deleted file mode 100644
index 61d63081e819f356dc4286b10c2382b19749cfa3..0000000000000000000000000000000000000000
--- a/templates/blacklist
+++ /dev/null
@@ -1,5 +0,0 @@
-{% for host in groups['all'] %}
-{% for line in hostvars[host].proxy_blacklist_ips|default([]) %}
-{{line}}
-{% endfor %}
-{% endfor %}
diff --git a/templates/blacklist.agent b/templates/blacklist.agent
new file mode 100644
index 0000000000000000000000000000000000000000..ea4dc35443269c74d9e2573de99b20a4e74284b3
--- /dev/null
+++ b/templates/blacklist.agent
@@ -0,0 +1,3 @@
+{% for line in hostvars[host].proxy_blacklist.agent|default([]) %}
+{{line}}
+{% endfor %}
diff --git a/templates/blacklist.ip b/templates/blacklist.ip
new file mode 100644
index 0000000000000000000000000000000000000000..ff75180833ade677cd0c2f387e399275b0323ed5
--- /dev/null
+++ b/templates/blacklist.ip
@@ -0,0 +1,3 @@
+{% for line in hostvars[host].proxy_blacklist.ip|default([]) %}
+{{line}}
+{% endfor %}
diff --git a/templates/blacklist.referer b/templates/blacklist.referer
new file mode 100644
index 0000000000000000000000000000000000000000..99177e7fb6213e92483682ead14133b5e9424b53
--- /dev/null
+++ b/templates/blacklist.referer
@@ -0,0 +1,3 @@
+{% for line in hostvars[host].proxy_blacklist.referer|default([]) %}
+{{line}}
+{% endfor %}
diff --git a/templates/haproxy_cfg b/templates/haproxy_cfg
index 5d62636f74ce73e6cd10e94a1dc6928a67f7c187..9d3f4687c4df5875163f10c44d0cb8e7974aae56 100644
--- a/templates/haproxy_cfg
+++ b/templates/haproxy_cfg
@@ -52,8 +52,12 @@ userlist kibana
 
 frontend http_in
   bind *:80
-  acl blockedip src  -i -f /etc/haproxy/blacklist
+  acl blockedip src -f /etc/haproxy/blacklist.ip
   http-request deny if blockedip
+  acl blockedreferer hdr_sub(referer) -i -f /etc/haproxy/blacklist.referer
+  http-request deny if blockedreferer
+  acl blockedagent hdr_sub(user-agent) -i -f /etc/haproxy/blacklist.agent
+  http-request deny if blockedagent
 {% for host in groups['all'] %}
 {% for redirect in hostvars[host].proxy_redirect|default([]) %}
   redirect prefix {{ redirect.protocol|default('https') }}://{{redirect.to}} code 301 if { hdr(host) -i -n {{redirect.from}} }
@@ -92,8 +96,12 @@ frontend http_in
 
 frontend https_in_{{ cert.ip }}
   bind {{ cert.ip }}:443 ssl crt /etc/haproxy/certs/{{ cert.file }} no-sslv3
-  acl blockedip src  -i -f /etc/haproxy/blacklist
+  acl blockedip src -f /etc/haproxy/blacklist.ip
   http-request deny if blockedip
+  acl blockedreferer hdr_sub(referer) -i -f /etc/haproxy/blacklist.referer
+  http-request deny if blockedreferer
+  acl blockedagent hdr_sub(user-agent) -i -f /etc/haproxy/blacklist.agent
+  http-request deny if blockedagent
 {% for host in groups['all'] %}
 {% for redirect in hostvars[host].proxy_redirect|default([]) %}
   redirect prefix {{ redirect.protocol|default('https') }}://{{redirect.to}} code 301 if { hdr(host) -i -n {{redirect.from}} }