Loading ...
Sorry, an error occurred while loading the content.

2858referrer spamming

Expand Messages
  • Landon Noll
    Jul 31, 2004
    • 0 Attachment
      Are your referrer logs being spammed? Ours were.

      We have experienced an attempt by 69.50.191.130 to spam
      our webalizer referrer list. They were doing a GET of
      an HTML file on a semi-periodic basis with a collection
      of URL referrers that were related to pron and other
      stuff they were promoting on the Internet.

      None of these referrer sites had any links to our web page.
      When 69.50.191.130 accessed our web page, they only did
      a GET of that URL. They never downloaded any of the icons
      or images referenced by it. The URL was a static page that
      has not changed in nearly a year. The only activity that
      69.50.191.130 was to just GET this one URL with various
      referrer values at various semi-regular times of the day
      and night. It was most certainly not a user's web browser,
      but rather some referrer spamming robot.

      We complained to the ISP. The referrer spammers kept it
      up even after the ISP asked them to top. The ISP eventually
      blocked their IP addresses from accessing our IP range.

      Discussions with the ISP (and indirectly with the referrer
      spammers) seemed to suggest that the spammers wanted to
      create links to their porn site. Perhaps the spammers
      thought that this would improve traffic and/or search
      engine placement? Whatever the reason, we decided to deny
      them the joy of seeing their spamed referrers inside
      A tags on our site in our webalizer logs.

      The 0.basic.patch patch changes referrer A record tags into
      plain text (and removes the leading http://) to prevent the
      referrer spamm A tag links back to their sites.

      This patch was mentioned in a previous posting:

      http://groups.yahoo.com/group/webalizer/message/2850

      and is found, another with some other recommended patches under:

      http://www.isthe.com/chongo/src/webalizer-patch/

      chongo (Landon Curt Noll) /\oo/\
    • Show all 2 messages in this topic