Referrer spam revisited

In: Blogging

1 Mar 2004

Less than 3 weeks ago I wrote about referrer spam from fake blog sites. Today, as I peruse my access logs as part of my end-of-the-month ritual, I find myself again a victim of referrer spam.

I am getting hits from [1] [2] [3] [4] [5] [6] [7] [8] [9] [10] [11] (all redirected via JavaScript so that search engines ignore them). It doesn’t take a Photohunt expert to notice the similarities in each site. Amazing how this sites are appear to be purely legitimate – there is a dictionary site, a Bushido site and even an academic society’s anniversy meeting website . Most are just simply facades once you try to click around – links either lead back to the webroot or take you to some external site.

My conjecture: someone owns this collection of sites and is trying to get a high PageRank for the sites, either to later sell them off or for further abuse. Anyone else have a theory?

Anyhow, you can view my .htaccess to see my blacklist of referrer spamming sites as well as a mod_rewrite method of blocking referrers.

5 Responses to Referrer spam revisited

Avatar

Carlo Zottmann

March 2nd, 2004 at 5am

I have the same problem, so I’ve wrote a little PHP script to automatically deal with referrer spam. Take a look if you’re curious. Works fine for me, it’s running as cronjob once per day.

Avatar

0zone

March 2nd, 2004 at 7am

You have two:

RewriteCond %{HTTP_REFERER} pornwizzard\.com [OR]

:P

Avatar

Cheah Chu Yeow

March 3rd, 2004 at 8am

Carlo: Hmm… I took a look at it and it’s good that it’s automated, but letting it block out referrers using a simple threshold limit doesn’t seem to suit my purposes. For one, I won’t know when I get Slashdotted (well, just as an example). Plus, not all referrer spammers hit an overly large proportion of all accesses – most just pepper a few entries with backlinks.

0zone: Well, maybe that’s because I hate that site so much I want to block it twice… Oh how lame that was heh… Thanks :p

Avatar

Jan!

March 12th, 2004 at 11pm

On collegedictionary dot net:

Warning: fopen(http://www.pornwizzard.com/xml/link2.php?site=6): failed to open stream: Connection refused in /home/vis-1002/public_html/xml.php on line 26

On studio dash 8 dot net:

Warning: fopen(http://www.pornwizzard.com/xml/link2.php?site=16): failed to open stream: Connection refused in /web/sites/mcspike/studio-8.net/xml.php on line 26

PS: When I click the “No” (don’t remember my info) radio button, the three info fields are wiped.

Avatar

Alex

November 16th, 2004 at 11pm

Some sites use redirect via google, for example http://css-discuss.incutio.com/?page=UsefulResources