Stopping Referrer Spam

I'm not an expert on this, but in answer to Q1, I think the answer is no. Referral spam is usually handled by a program and they can usually be configured to operate through proxies, so the the spam is not necessarily coming from the same IP as the site they are "promoting".

 

I'm not sure what you mean by Referer Spam but I always get crackers trying to hack into my servers. When I notice someone attempting to breach my security, I add the IP to my hosts.deny file and deny them access to my machine, period.

 

... and web hosting companies.

 

That's very sad, isn't it?

BTW, I googled referrer spam, saw all kinds of ways to protect against it (thank you ), but in all the time I've been admin'ing sites, I've never run across this problem, or at least never realized I was being exploited.

 

Some of them operate from behind a DSL connection and blocking these addresses is impractical - who knows, may be somebody who'd get the address next would buy something from you I do check on a case-by-case basis who's the owner of the IP address and if it's a dedicated server, I usually block it for some time.

You didn't show the rule, so I'm assuming that you are redirecting spammers somewhere else. I haven't checked, but I would think that in this case the log line would still show the spamming referrer, which kind of defies the purpose of this exercise. Some log analyzers process log lines with HTTP errors differently, so if you return some error (e.g. 404, not found), you may avoid this referrer in the reports.

J.D.

 

Hi Smyrl,

The only static way to kill referrer spammers is by IP. Unfortunately that's the crux of it. The only dynamic way to do this (that I've used) is to look for discreet requests to pages or specific files that:
a. are files that should have a local referrer (ie images/css files that are typically subrequests of a page) or:
b. Should result in subrequests for images and the like (ie .html, .php etc) but don't.

This will be problematic for users who either:
a. Use text browsers (ie Lynx etc)
b. Use custom software for the visually impaired.

At the end of the day though (no matter how you garner the info), you end up having to filter them on an IP basis.

Bit of a bugger really :|

Cheers,

JL

 

Keep us informed...

Referral spam on my sites has been increasing steadily over the past few months and It's now really starting to tick me off.

 

Isn't referral spam only an issue when you have public stats that can be indexed by the spiders?

 

Very good point. Everybody has to make sure that access to all stats pages is properly authorized. At the very minimum all stats pages must have noindex and nofollow meta tag defined.

J.D.

 

I just password protected (htaccess) my webalizer stats folder. The way I understood the phenomenon is that it's killed by doing just that.

No access = no index = no link popularity = no reason to spam

Searching Google for two distinct webalizer (or similar stats package) lines of text (including the misspelled explaination) shows who can be spammed successsfully:

http://www.google.co.uk/search?hl=e...terms."+"webalizer+version"&btnG=Search&meta=

Just 47 results but if you get creative with the search there must be millions.

 

They still spam you either way.

My stats are protected on all of my sites.

 

Some of these pesky spammers make a quite few hits in order to be noticed and this distorts the stats for some sites quite a bit. Blocking IP's or doing some other filtering helps to avoid this problem.

J.D.

 

But then all you get is inflated stats. I'd worry more about customers than spammers.

 

I don't like inflated stats.

Makes quick stat checks difficult.

 

I don't either. Because I pretty much operate on a shoestring budget and it is impossible for me to ignore my own clicks, I always create a subdomain that keeps no logs and do my developing thru that.