Slashdot Mirror
Spam Through HTTP Referrer Logs
Max Romantschuk continues: "It took a moment to realize what was going on, but then it dawned to me, I was being spammed through my referrer logs! A quick google search on the words "referrer spam" confirmed my suspicions, this was indeed a widespread practice, and not new at all. In fact, Wired had an article on the subject dating almost a year back. It turns out the spammers aren't after blog authors, but what they are actually doing is targetting people which publish their referrer logs on their sites automatically. Fortunately, I don't.
I run a very small site, and get about 20 to 50 visits a day, and I don't publish my logs. Not exactly a likely target, am I? Clearly these spammers seem to do this in volume, and the phenomenon is bound to increase as email spamming is becomming increasingly hard. With email spam, IM spam, Windows Messaging spam (NET SEND popups) and HTTP referrer spam, how long will it take until every open technology has to be locked down? I hate to say it, but I doubt Wikis and similar systems will stay open for very long if things keep going in this direction."
I run a very small site, and get about 20 to 50 visits a day, until I posted a link to it on Slashdot.
I was having the same problem; getting literally thousands of hits to my site from referrers for all kinds of porn and other random domain names. I did a google search and found this site: http://www.spywareinfo.com/articles/referer_spam/. It shows how to use mod_rewrite with apache to block the most frequent domains. I took Mike's blacklist and created this page, which automatically creates the .htaccess file for you. The problem is that they seem to be registering tons of new domain names so it's hard to keep up a decent blacklist.