Don't know if anyone else here is running Apache with web logs, or 'blogs' and has had trouble with referrer spam but I thought I would mention my latest experience.
Blogs are one of the more interesting developments of the Internet and there are a lot of packages out there that allow people to maintain their own blogs. If you run Apache and host these packages, you may have noticed a lot of traffic recently as "marketers" try to adverise their web sites by throwing traffic at a blog and thereby moving their site to the top of the referrer's list. They are also hoping to increase their Google rank by increasing the number of sites that advertise links to their own sites.
Mostly porn sites currently, but several others have been doing this. I recently got hit by someone operating (out of Texas, I think) who had several sites hosted at EV1 and was using various open proxies to refer traffic to my blog and increase his rank. Initially, I just figured out how to ban his sites from my referrer listing but I was really unsatisfied with that response since he kept hitting my site anyway with robots and it just wasn't very gratifying to me. I would have had problems blocking his traffic altogether since he was using various open proxies and switching them regularly, so I wanted to be able to focus exclusively on his traffic. He was also rotating the browser agent and so on, so blocking that would have been problematic as well.
So, I finally did some research and figured out how to deny access to requests that contained certain keywords (including his web site domain names) in the request (referrer) which effectively resulted in him getting 403 errors rather than actually getting into my web page. After 2-3 days of him not getting into the site, I sent an email (to the admin account at one of the domains) and pointed out to him that he was wasting his time since I was blocking his spam bots and that he might do better to find an easier target. As of today, all the spam referrer traffic has stopped which I suspect means that he has given up.
If anyone else is having this problem and runs Apache to host their own site, I can quickly show you how to do this (add a few lines to httpd2.conf) and you can block these out yourself.
Yup, please do..
I have had about 200 comment spams added to my site in the last couple of months.. so I setup my
router withi a blacklist and I've just been adding the nasty IP to that blacklist.
I also changed the blog over to comment moderation..
I'd prefer a better answer though, so I'd love to read about yours.
In fact if you like I can even turn it into something of a tute and put it on the site for others to find.
rgds
Franki
____________________________________________________ Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com Join the Club : http://www.mandrakeclub.com ____________________________________________________
