Stop referrer spam on your site
As i was checking WassUp stats of my blog, suddenly i found that my blog got 71 visits from some external sites (referrer) in last 24 hours. First my felling was “WOW, so may referrer”.
*screenshot: showing external referrer excluding search engines.
Later after i check some of those referring sites, i found these are just some sites, that using my site to get better position in site ranking. It’s call “referrer spam”. From wikipedia:
Referrer spam (also known as log spam or referrer bombing[1]) is a kind of spamdexing (spamming aimed at search engines). The technique involves making repeated web site requests using a fake referrer url that points to the site the spammer wishes to advertise.[2] Sites that publicize their access logs, including referrer statistics, will then end up linking to the spammer’s site, which will in turn be indexed by the search engines as they crawl the access logs.
This benefits the spammer because of the free link, and also gives the spammer’s site improved search engine ranking due to link-counting algorithms that search engines use.
Though these visits will not loss you any thing, but it will just waste your server resource. And also if you show some stats on your site like referrer, then your visitors will get some wrong links.
Ok lets see how we can stop them. I searched on net, but didn’t got any good solution. So here is my solution.
Just add these lines to your .htaccess file and smile.
Order Allow,Deny
Deny from 195.54.42.56
Deny from 89.149.244.217
Deny from 78.137.7.99
Deny from 94.142.134.155
Allow from all
Here i use ip to block/stop this abuse, because after some research i fount this is happening from just particular ips, means those ips running some scripts to do this. Its semi manual way (still looking for better way). Just get these ips from your access log or any 3rd party plugins or apps. then add “Deny from newip” before Allow from all .
That’s all . If you know any better option please share with us.
There is another trick. Suppose you want to block referring URLs that contains ‘viagra’ or ‘xxx’ you can use
RewriteCond %{HTTP_REFERER} (viagra) [NC,OR]
RewriteCond %{HTTP_REFERER} (xxx) [NC]
RewriteRule .* – [F]
@Mahmud Ahsan, yep, good tricks. but problem is they are always changing domains. so i think best way is to block their ip.
@lavluda, My trick is based on “word” not based
on domain or IP so if a url contains some slang words like viagra, porn or something
you can sure that is spamming site so it will automatically blocked.
@Mahmud Ahsan, yep, missed this idea before.
IP কৈ থেকে পাইছেন?
@অনà§à¦ª, you can get ip from access log (if you have access and have time 😉 ) . i use one wordpress plugin called WassUp to see the recent request. it’s very helpful plugin with lots of filter options. and this post screenshot showing WassUp’s graph.
@lavluda, না, তা তো জানি। কিনà§à¦¤à§ আমি জানতে চাচà§à¦›à¦¿à¦²à¦¾à¦® à¦à¦®à¦¨ কি কোন সাইট আছে যারা সà§à¦ªà¦¾à¦® কমেনà§à¦Ÿ à¦à¦° আইপি সগà§à¦°à¦¹à§‡ রাখে?
I think the easiest one is moderating trackback links.
I got 436 spam per day. your tricks will help me. as first thought its a visitor. then discover that its a spamm.
Is it possible to protect them by adding captcha image on comment form….? I got got some spam comment..but after adding captcha that problem has been stopped…….
Blocking an IP address is NOT the way to deal with referrer spam. Here’s why.
Most referrer spammers, based on my servers’ logs, connect to the net through some random IP in a pool with some internet provider, send out their referrer spams in blocks, reconnect with a different ip some time later and do it again; usually with different referrers, and of course IPS…
So seriously, filtering by referrer strings or IPS is like playing hungry hungry hippo with a constant stream of marbles. Eventually you’ll have blocked the entire internet and not solved the problem. That’s like putting a blanket over your business sign.
Most referrer spamers are sending more than one request in under a minutes time with matching referrer strings. Perhaps a partial solution would be to use fail2ban to filter out X referrers in less than Y minutes time and ban for 24 hours.
I’ve been reading a little on Project Honey Pot, but I’m not sure who is funding this and I’m certainly not going to let the government fool me into thinking they are helping me out, only to use my data served against me later. Until Project Honey Pot is verified truly private, I have hesitations of its use.
Another way to deal with the referrer spam, is to start a referrer spam database so that multiples can point at it. This may be what Project Honey Pot is.
@ Jordan
agree with u, though it’s very late reply.