diff --git a/bubble-server/src/main/java/bubble/resources/stream/FilterMatchersRequest.java b/bubble-server/src/main/java/bubble/resources/stream/FilterMatchersRequest.java
index 0c058396..5947fcdb 100644
--- a/bubble-server/src/main/java/bubble/resources/stream/FilterMatchersRequest.java
+++ b/bubble-server/src/main/java/bubble/resources/stream/FilterMatchersRequest.java
@@ -25,7 +25,10 @@ public class FilterMatchersRequest {
     @Getter @Setter private String fqdn;
     @Getter @Setter private String uri;
     @Getter @Setter private String userAgent;
+
     @Getter @Setter private String referer;
+    public boolean hasReferer () { return !empty(referer); }
+
     @Getter @Setter private String remoteAddr;
     public boolean hasRemoteAddr() { return !empty(remoteAddr); }
 
diff --git a/bubble-server/src/main/java/bubble/rule/bblock/BubbleBlockRuleDriver.java b/bubble-server/src/main/java/bubble/rule/bblock/BubbleBlockRuleDriver.java
index d0e313fb..8276327f 100644
--- a/bubble-server/src/main/java/bubble/rule/bblock/BubbleBlockRuleDriver.java
+++ b/bubble-server/src/main/java/bubble/rule/bblock/BubbleBlockRuleDriver.java
@@ -22,6 +22,7 @@ import com.fasterxml.jackson.databind.JsonNode;
 import lombok.extern.slf4j.Slf4j;
 import org.apache.commons.io.input.ReaderInputStream;
 import org.cobbzilla.util.handlebars.HandlebarsUtil;
+import org.cobbzilla.util.http.URIUtil;
 import org.cobbzilla.util.io.regex.RegexFilterReader;
 import org.cobbzilla.util.io.regex.RegexReplacementFilter;
 import org.cobbzilla.util.string.StringUtil;
@@ -31,6 +32,7 @@ import org.glassfish.jersey.server.ContainerRequest;
 import java.io.IOException;
 import java.io.InputStream;
 import java.io.InputStreamReader;
+import java.net.URI;
 import java.util.*;
 import java.util.concurrent.ConcurrentHashMap;
 import java.util.concurrent.TimeUnit;
@@ -116,6 +118,26 @@ public class BubbleBlockRuleDriver extends TrafficAnalyticsRuleDriver {
                 return FilterMatchDecision.abort_not_found;  // block this request
 
             case allow: default:
+                if (filter.hasReferer()) {
+                    final URI refererURI = URIUtil.toUriOrNull(filter.getReferer());
+                    if (refererURI == null) {
+                        if (log.isInfoEnabled()) log.info(prefix+"invalid referer ("+filter.getReferer()+")");
+                    } else {
+                        final BlockDecision refererDecision = getDecision(refererURI.getHost(), refererURI.getPath(), filter.getUserAgent());
+                        switch (refererDecision.getDecisionType()) {
+                            case block:
+                                if (log.isInfoEnabled()) log.info(prefix+"decision for URL was ALLOW but for referer is BLOCK");
+                                incrementCounters(account, device, app, site, fqdn);
+                                return FilterMatchDecision.abort_not_found;  // block this request
+                            case filter:
+                                if (log.isInfoEnabled()) log.info(prefix+"decision is FILTER (based on referer), returning ALLOW");
+                                return FilterMatchDecision.no_match;
+                            case allow:
+                                if (log.isInfoEnabled()) log.info(prefix+"decision is ALLOW (after checking referer)");
+                                return FilterMatchDecision.no_match;
+                        }
+                    }
+                }
                 if (log.isInfoEnabled()) log.info(prefix+"decision is ALLOW");
                 return FilterMatchDecision.no_match;
 
diff --git a/utils/cobbzilla-utils b/utils/cobbzilla-utils
index c5e10eb7..922b01b6 160000
--- a/utils/cobbzilla-utils
+++ b/utils/cobbzilla-utils
@@ -1 +1 @@
-Subproject commit c5e10eb7a0a7f842f9d3a5a2cce0d2301cd20c9b
+Subproject commit 922b01b65c409a30950e76678d19daa17dd5b46f