No, it means NOT. But your usage is correct, because it’s a condition that says that the referring URL does not match the pattern you indicate.
The brackets before “(allowedsite1.org” and “(allowedsite2.com” are wrong, they don’t close in your example.
I could probably hotlink to your images by tagging paulaoffutt.com/ to a url. You could make it stricter with something like this (done out of my head - not tested):
but then the problem is that it is so strict that you ban things like translation services from showing the images on your site - and why would you want to prevent someone who wants to read your site in their own language from seeing your images?
You could of course start whitelisting translation services, but then you need to update those when they change and can you really keep track of all of them? I wouldn’t go down this road.
Sometimes people have something else as a referrer than a URL or a blank referrer. At least this used to happen quite a lot, but I haven’t noticed it much recently (only a dozen cases of “blockedReferrer” in over a million pageviews last month). The condition that the referrer not be empty doesn’t cover this, what you want is that the referrer is a URL of a site before you block it. So instead what I’ve used is that the referrer needs to start with http or https for the rewrite to apply (this replaces the not empty referrer condition):
I would not use the image http://i.imgur.com/qX4w7.gif because it accuses the visitor of “stealing bandwidth”. The visitor however has nothing to do with that, he just happened to browse a site that hotlinked an image on yours, he has no control over that and it’s not even remotely his fault. It’s the site that hotlinked not the visitor. Place blame where blame is due.
Overall, unless you are really affected by tons of hotlinking, I don’t think hotlinking is something to worry about too much, but if you do it, tread carefully and don’t make it too strict, it’s better to allow too much than too little.