The .htaccess http_referer and the php $_SERVER['http_referer'] will yield the same exact results.
The problem with using http_referer is what about if it's a real visitor is visited from another website?
That's an issue. What if it is? Well, then you've got to find a way to deal with that. One thing you could do is offer a "Lo-Fi" version of your site which uses no images what-so-ever. Kind of like the vBulletin Lo-Fi version of some sites. Then, once they're there, you start a session. Just keep that session going and always set a header like $_SESSION['HTTP_REFERRER']. Use a weird hashed key or something, or just a simple true/false.
Then, when a user visits your site, they'll see a "lo fi" version of your site. Any link past that will enable a "Hi fi" version where images are included. On every subsequent page, you'd just update the HTTP_REFERRER with the current URL.
Alternatively, you could just use a .htaccess in the images folder(s) and only allow your site access to it. Something along the lines of:
RewriteEngine On
RewriteCondition %{HTTP_REFERER}% !(www|subdomain1|\.?)mysite\.com(.?)$ [NC]
RewriteRule ^%1mysite\.com%2 [F]
Something like that should give direct "lookey loos" a 403 Forbidden page at that link, and your site should be allowed in. That is if you set the HTTP_REFERER header on every page:
header('REFERER: ' . $_SERVER['HTTP_HOST'] . $_SERVER['PHP_SELF']);
Not saying that exact code will work, but something along those lines.
You could also do a rewrite rule against the IP(s) of your server if you know they're static. That way, any traffic coming from ip 192.168.1.186 will be allowed, but coming from 192.168.1.245 will not. This way would probably catch more unauthorized people than the one above, but the one above should help cut-down on your bandwidth.
Oh, and you can add an index.php file that either gives them a 403 forbidden to view the directory contents, or reroutes them to your site. That's a good first step.
I'd take it one step further and use this type of .htaccess file:
RewriteEngine On
RewriteCondition %{HTTP_REFERER}% !^(.*?\.)mysite\.com(.*?)$ [NC,OR]
RewriteCondition %{REMOTE_ADDR}% !^192.168.1.186$
RewriteRule ^/$ [F]
Hope that helps.