News:

The anti-spam plugins have stopped being effective. Registration is back to requiring approval. After registering, you must ALSO email me with your username, so that I can manually approve your account.

Main Menu

Referrer spam

Started by reinder, March 12, 2007, 05:26:40 PM

Previous topic - Next topic

0 Members and 2 Guests are viewing this topic.

reinder

Although I don't publish the web stats from my CMS, it's been getting rather badly hit by referrer spammers, to the point where the statistics are no longer reliable. I want these, these, these...  creatures out of my statistics. I've been looking around and found one good article suggesting some ways to deal with this scourge. I could implement the apache directives-based one (I think - those can go into .htaccess, right?) but I thought I might as well ask around.

What else can be done to eliminate this problem, how much is already being done without me knowing it (obviously, these referrer spams I'm getting could be the tip of an iceberg of referrer spam that's already being filtered out server-wide), and what would people recommend? Do other Xepherites even have this problem at all?
Reinder Dijkhuis
Rogues of Clwyd-Rhan | Waffle

Xepher

There's nothing sitewide in place for filtering this, so any iceberg syndrome would only be from built-in filters in your CMS. As such, I'd say you should give the word-based filtering in that article a go. I don't think it can hurt. I'm not sure how many of those directives are allowed in .htaccess, but I'd imagine the ones in the top code block (aside from CustomLog... individual users don't have authority to mess with sitewide logs) should work. I've not dealt with this sort of spam before, only erroneous forum posts and the traditional email kind, so I'm afraid I'm a little light on advice for you. One question is if this spam is going to your custom-made (willow?) CMS, or your blog/other CMS? If it's not willow, which CMS system and version is it using? Also, are they targeting a particular page/file, or just broadsiding the whole thing? Often you can rename some of the scripts so the spambots don't recognize it as a known CMS. E.G. mt-comments.cgi becomes mtcom.cgi.

If you have any questions or need some help, let me know. I'm sure we can find a way to stop it.

reinder

I'm only concerned with referrer spam going to Willow, because that distorts my business information. One interesting tidbit: Mithandir, who uses Willow on his own comic, Chasing the Sunset, gets next to no referrer spam at all (he gets more, and smarter, comment spam though).

Some referrer spammers are targeting one page, which is prominently linked outside of ROCR.net. Others are picking random pages. Doesn't seem to be much of a pattern to it, to be honest.

I'll work on it when I have a little more time, and see what I can do.
Reinder Dijkhuis
Rogues of Clwyd-Rhan | Waffle