1. Advertising
    y u no do it?

    Advertising (learn more)

    Advertise virtually anything here, with CPM banner ads, CPM email ads and CPC contextual links. You can target relevant areas of the site and show ads based on geographical location of the user if you wish.

    Starts at just $1 per CPM or $0.10 per CPC.

Referrer logs are being spammed

Discussion in 'Traffic Analysis' started by dchapman, Jun 2, 2005.

0
  1. #1
    My awstats logs are full of this crap:

    - http://www.progressiveupdate.net/poker-games.html	171	171
- http://www.progressiveupdate.net/free-poker.html	95	95
- http://www.progressiveupdate.net/empire-poker.html	85	85
- http://www.progressiveupdate.net/poker-rules.html	84	84
- http://www.progressiveupdate.net/poker.html	83	83
- http://www.progressiveupdate.net/party-poker.html	82	82
- http://www.progressiveupdate.net/texas-hold-em.html	81	81
- http://www.progressiveupdate.net/pacific-poker.html	79	79
    Code (markup):
    How do I tell if my logs are open to the public and this is being counted as links out from my site? What can I do to prevent this kind of crap?

    Thank you for your help.
     
    dchapman, Jun 2, 2005 IP
  2. Smyrl

    Smyrl Tomato Republic Staff

    Messages:
    13,740
    Likes Received:
    1,702
    Best Answers:
    78
    Trophy Points:
    510
    #2
    If you are running an Apache server block with your .htaccess file.

    So a search on this forum for referrer spam with some lines of code you can add to your .htaccess files or do a Google Search for referrer spam for various suggestions.

    Referrer spam is an ongoing battle.

    Shannon
     
    Smyrl, Jun 2, 2005 IP
  3. J.D.

    J.D. Peon

    Messages:
    1,198
    Likes Received:
    65
    Best Answers:
    0
    Trophy Points:
    0
    #3
    View you stats pages through a proxy of some kind (e.g. http://www.anybrowser.com/siteviewer.html). If they can see it, anybody else can.

    J.D.
     
    J.D., Jun 2, 2005 IP
  4. sarahk

    sarahk iTamer Staff

    Messages:
    28,500
    Likes Received:
    4,460
    Best Answers:
    123
    Trophy Points:
    665
    #4
    here's a list of people who have got their logs open to Google

    http://www.google.com/search?q=progressiveupdate+poker.html

    are you on it?

    Yes, use .htaccess

    Don't have the links in your logs clickable or use <a href="" rel="nofollow">

    don't fret about it but consider banning the IP if it's causing bandwidth problems.

    I've got an article from 2003 on referral spam: http://sarahk.pcpropertymanager.com/blog/referral-spam/55/ it's not going to go away - we just have to make sure we don't fall into their traps :)

    Sarah
     
    sarahk, Jun 3, 2005 IP
  5. J.D.

    J.D. Peon

    Messages:
    1,198
    Likes Received:
    65
    Best Answers:
    0
    Trophy Points:
    0
    #5
    The fact that his website isn't on Google doesn't mean that his logs are not publicly accessible. Besides, he's running AWStats and this package has the following statement that prevents legitimate robots from indexing stats pages:

    <meta name="robots" content="noindex,nofollow" />

    There's no such value as nofollow for rel:

    http://www.w3.org/TR/REC-html40/types.html#type-links

    J.D.
     
    J.D., Jun 3, 2005 IP
  6. sarahk

    sarahk iTamer Staff

    Messages:
    28,500
    Likes Received:
    4,460
    Best Answers:
    123
    Trophy Points:
    665
    #6
    sarahk, Jun 3, 2005 IP
  7. I. Brian

    I. Brian Business consultant

    Messages:
    810
    Likes Received:
    59
    Best Answers:
    1
    Trophy Points:
    145
    #7
    Referrer spamming is actually an old issue. I'm not sure if the SE's actually ever totally ignored those links, but they are certainly aware of the method. Doesn't stop it still being employed, of course - I see plenty of crap from gambling, porn, and pharma in my logs.
     
    I. Brian, Jun 3, 2005 IP
  8. J.D.

    J.D. Peon

    Messages:
    1,198
    Likes Received:
    65
    Best Answers:
    0
    Trophy Points:
    0
    #8
    No it doesn't. Read the page you quoted. According to W3C, it is valid to define your own link types, but it has to be accompanied by a reference to the appropriate profile:

    This makes nofollow specified for an individual link a Google-specific extension. If other search engines pick up on this initiative, then it will be a good tool to fight blog comment spam.

    Note that in case of the referrer spam, all stats pages should be accompanied by the noindex/nofollow meta tag to prevent engines from even indexing these pages (indexing these pages is a good source of info for hackers).

    J.D.
     
    J.D., Jun 3, 2005 IP
  9. Bernard

    Bernard Well-Known Member

    Messages:
    1,608
    Likes Received:
    107
    Best Answers:
    0
    Trophy Points:
    185
    #9
    J.D., Last I knew, Google, Yahoo & MSN are on board with support for rel='nofollow'. Teoma/Ask Jeeves is not.
     
    Bernard, Jun 3, 2005 IP
  10. J.D.

    J.D. Peon

    Messages:
    1,198
    Likes Received:
    65
    Best Answers:
    0
    Trophy Points:
    0
    #10
    Good to know. Thanks!
     
    J.D., Jun 3, 2005 IP
  11. just-4-teens

    just-4-teens Peon

    Messages:
    3,967
    Likes Received:
    168
    Best Answers:
    0
    Trophy Points:
    0
    #11
    heres a nifty bit of code, put it in your .htaccess (requires apache)

    RewriteEngine On

RewriteCond %{HTTP_REFERER} ^http://(www\.)?.*(-|.)?pharmacy(-|.).*$ [OR]
RewriteCond %{HTTP_REFERER} ^http://(www\.)?.*(-|.)?phentermine(-|.).*$ [OR]
RewriteCond %{HTTP_REFERER} ^http://(www\.)?.*(-|.)?incestporn(-|.).*$ [OR]
RewriteCond %{HTTP_REFERER} ^http://(www\.)?.*(-|.)?rapeporn(-|.).*$ [OR]
RewriteCond %{HTTP_REFERER} ^http://(www\.)?.*(-|.)?diet-therapy(-|.).*$ [OR]
RewriteCond %{HTTP_REFERER} ^http://(www\.)?.*(-|.)?blonde-mature(-|.).*$ [OR]
RewriteCond %{HTTP_REFERER} ^http://(www\.)?.*(-|.)?phntrmn(-|.).*$ [OR]
RewriteCond %{HTTP_REFERER} ^http://(www\.)?.*(-|.)?car-insurance(-|.).*$ [OR]
RewriteCond %{HTTP_REFERER} ^http://(www\.)?.*(-|.)?sex(-|.).*$ [OR]
RewriteCond %{HTTP_REFERER} ^http://(www\.)?.*(-|.)?erotic(-|.).*$ [OR]
RewriteCond %{HTTP_REFERER} ^http://(www\.)?.*(-|.)?texas-hold(-|.).*$ [OR]
RewriteCond %{HTTP_REFERER} ^http://(www\.)?.*(-|.)?weight-loss(-|.).*$ [OR]
RewriteCond %{HTTP_REFERER} ^http://(www\.)?.*(-|.)?free-ringtone(-|.).*$ [OR]
RewriteCond %{HTTP_REFERER} ^http://(www\.)?.*(-|.)?airline-ticket(-|.).*$ [OR]
RewriteCond %{HTTP_REFERER} ^http://(www\.)?.*(-|.)?poker(-|.).*$ [OR]
RewriteCond %{HTTP_REFERER} ^http://(www\.)?.*(-|.)?ringtone-download(-|.).*$ [OR]
RewriteCond %{HTTP_REFERER} ^http://(www\.)?.*(-|.)?progressiveupdate(-|.).*$ [OR]
RewriteCond %{HTTP_REFERER} ^http://(www\.)?.*(-|.)?cialis(-|.).*$ [OR]
RewriteCond %{HTTP_REFERER} ^http://(www\.)?.*(-|.)?merchant-account(-|.).*$ [OR]
RewriteCond %{HTTP_REFERER} ^http://(www\.)?.*(-|.)?cialis5(-|.).*$ [OR]
RewriteCond %{HTTP_REFERER} ^http://(www\.)?.*(-|.)?cialisonline(-|.).*$ [OR]
RewriteCond %{HTTP_REFERER} ^http://(www\.)?.*(-|.)?phentermine2(-|.).*$ [OR]
RewriteCond %{HTTP_REFERER} ^http://(www\.)?.*(-|.)?phentermine45(-|.).*$ [OR]
RewriteCond %{HTTP_REFERER} ^http://(www\.)?.*(-|.)?scalaroi(-|.).*$ [OR]
RewriteCond %{HTTP_REFERER} ^http://(www\.)?.*(-|.)?cruelnitio(-|.).*$ [OR]
RewriteCond %{HTTP_REFERER} ^http://(www\.)?.*(-|.)?health-insurance(-|.).*$ [OR]
RewriteCond %{HTTP_REFERER} ^http://(www\.)?.*(-|.)?tramadol(-|.).*$ [OR]
RewriteCond %{HTTP_REFERER} ^http://(www\.)?.*(-|.)?vicodin(-|.).*$ [OR]
RewriteCond %{HTTP_REFERER} ^http://(www\.)?.*(-|.)?hydrocodone(-|.).*$ [OR]
RewriteCond %{HTTP_REFERER} ^http://(www\.)?.*(-|.)?permento(-|.).*$ [OR]
RewriteCond %{HTTP_REFERER} ^http://(www\.)?.*(-|.)?airline(-|.).*$ [OR]
RewriteCond %{HTTP_REFERER} ^http://(www\.)?.*(-|.)?cardinalo(-|.).*$ [OR]

RewriteCond %{HTTP_REFERER} ^http://(www\.)?.*(-|.)?auto-insurance(-|.).*$ [OR]
RewriteCond %{HTTP_REFERER} ^http://(www\.)?.*(-|.)?free-asian(-|.).*$ [OR]
RewriteCond %{HTTP_REFERER} ^http://(www\.)?.*(-|.)?nylon-pics(-|.).*$ [OR]
RewriteCond %{HTTP_REFERER} ^http://(www\.)?.*(-|.)?jamie-lee-curtis(-|.).*$ [OR]
RewriteCond %{HTTP_REFERER} ^http://(www\.)?.*(-|.)?homesexsearch(-|.).*$ [OR]
RewriteCond %{HTTP_REFERER} ^http://(www\.)?.*(-|.)?spyware-removal(-|.).*$ [OR]
RewriteCond %{HTTP_REFERER} ^http://(www\.)?.*(-|.)?bigsitecity(-|.).*$ [OR]
RewriteCond %{HTTP_REFERER} ^http://(www\.)?.*(-|.)?djsdesigns(-|.).*$ [OR]
RewriteCond %{HTTP_REFERER} ^http://(www\.)?astellsci.*$ [OR]
RewriteCond %{HTTP_REFERER} ^http://(www\.)?twentyfirstcc.*$ [OR]
RewriteCond %{HTTP_REFERER} ^http://(www\.)?lassaro.*$ [OR]
RewriteCond %{HTTP_REFERER} ^http://(www\.)?setiatpalm.*$ [OR]
RewriteCond %{HTTP_REFERER} ^http://(www\.)?iberbrasconsultoia.*$ [OR]
RewriteCond %{HTTP_REFERER} ^http://(www\.)?ybsearch.*$ [OR]
RewriteCond %{HTTP_REFERER} ^http://(www\.)?noamkts.*$ [OR]
RewriteCond %{HTTP_REFERER} ^http://(www\.)?setiromania.*$ [OR]
RewriteCond %{HTTP_REFERER} ^http://(www\.)?free-spyware-removal-download.*$ [OR]
RewriteCond %{HTTP_REFERER} ^http://(www\.)?download-free-ringtone.*$ [OR]
RewriteCond %{HTTP_REFERER} ^http://(www\.)?racepointfunding.*$ [OR]
RewriteCond %{HTTP_REFERER} ^http://(www\.)?warrenzanes.*$ [OR]
RewriteCond %{HTTP_REFERER} ^http://(www\.)?fresnay.*$ [OR]
RewriteCond %{HTTP_REFERER} ^http://(www\.)?adipex.epinoy.*$ [OR]
RewriteCond %{HTTP_REFERER} ^http://(www\.)?bigsitecity.*$ 

RewriteRule .* - [F,L]
    PHP:
     
    just-4-teens, Jun 4, 2005 IP
  12. exam

    exam Peon

    Messages:
    2,434
    Likes Received:
    120
    Best Answers:
    0
    Trophy Points:
    0
    #12
    The only thing is huge .htaccess files can slow down your server.
     
    exam, Jun 4, 2005 IP
  13. sarahk

    sarahk iTamer Staff

    Messages:
    28,500
    Likes Received:
    4,460
    Best Answers:
    123
    Trophy Points:
    665
    #13
    That's the trade off in this case... Slow server but reduced bandwidth drain or the other way around.

    I get my post notifications through gmail - it didn't like the post with the .htaccess code. Thought it was spam. You'd have thought it would think "not even a spammer would have that much crap in one email!" :)

    Sarah
     
    sarahk, Jun 4, 2005 IP
  14. jorge

    jorge Peon

    Messages:
    202
    Likes Received:
    2
    Best Answers:
    0
    Trophy Points:
    0
    #14
    can't you put the awstats behind user/password?
     
    jorge, Jun 4, 2005 IP
  15. Smyrl

    Smyrl Tomato Republic Staff

    Messages:
    13,740
    Likes Received:
    1,702
    Best Answers:
    78
    Trophy Points:
    510
    #15
    Supposedly mine is but I still get spammed. Maddening.

    Shannon
     
    Smyrl, Jun 4, 2005 IP