A Smarter Way To Block Referer Spam

Referer Spam is the bane of anyone whose site has become popular, and been noticed by spam robots.

“When you click a hyperlink on one web site, your browser passes to the next site the address of the page where you clicked the link. This is logged by the server hosting the next web site.

The referer information can be faked very easily. Some unscrupulous web site owners will arrange to have several computers access a particular web site with a referer that lists their own web site address. There are a number of ways to accomplish this […] but the result is that the web server logs of the targeted site will contain hundreds or possibly thousands of entries with the fake referer information. This is known as “referer spamming” – SpywareInfo

A lot of people attempt to block referer spam by using mod_rewrite rules in their .htaccess file to stop specific cases like :

  • A particular REFERER eg:
    RewriteEngine On
    RewriteCond %{HTTP_REFERER} ^ [NC]
    RewriteRule .* – [F,L]
  • or a specific HOST eg:
    RewriteEngine On
    RewriteCond %{HTTP_HOST} arcor-ip.net$ [NC]
    RewriteRule .* – [F,L]

This is fine, but means that each time a new REFERER or HOST decides to spam your site, you have to manually add a new rule to your .htaccess file, which is not at all practical.

A better way is to try and see patterns in the information left behind by referer spammers, and create a rule that matches and blocks visitors to your site who fit that pattern.
Continue reading A Smarter Way To Block Referer Spam