looking thru my awstats external referrers, I found this http://localhost/somedir/somelink.php; now, how the heck did I get a localhost referrer? What are some of the purpose if they are spoofing their domain name? and how do I block this specific url and not the host name? Thanks.
localhost is if someone is working on some code on their localhost and they then click a link to your site, it's not someone on the same server. Based on the filename it's probably just someone testing some linking code and (s)he entered your url in whatever (s)he was doing.
this box only have my sites on it. I search entire file system and nothing of the name close to the directory name shows up.
Referrers are sent by the client software (browser or robot) to your web server. Most clients correctly send the referrer information. Some hide the referrer. Others send a fictitious (= false) referrer. There is nothing you can do about this, but common sense can help distinguish true referrers from false referrers. Jean-Luc
found it, I've grep thru some raw logs and found the ip and blocked them. Hope fully that will fix it for now. Thanks.