I have been hit quite bad by referer spammers these last few days, with peaks at one hit every 2 seconds (bots loading pages of my site with a fake referer in order to make someone click on their site, have a look at this refer spam screenshot)
It's not like I really care : I don't display publicly my referers and I'm not dumb enough to click on their links, so they are not earning a single click from my site. Plus, I'm bandwith unmetered and uncapped on a fat 100 Mbits, so their bot loading pages is not a real problem. It's just that I'd rather be slashdotted than refer-spam-hammered :)
So I wrote a simple anti refer spam script, sending back the spammers to their own site.
Update 2005-02-25 : I'm currently improving quite a few things in this script, yet having in mind that I want to keep it as easy as possible. Stay tuned if you're interested, feel free to leave a comment asking for a notice when it's available.
Update 2005-09-01 : this script is deprecated. I've made a much much more efficient, smarter, and that require ultra light if any maintenance. I just have to find time to publish it :)
Get the script
The script is rather simple : an array of obvious spammers site (or keywords, or top domain), and a loop comparing the referer with each entry of the array. If one matches, client gets redirected to its own site. Now if they want to hammer themselves once every 2 seconds, I really don't care :)
- <?php
- $spams = array (
- "terashells.com", "chat-nett.com", "exitq.com", "cxa.de", "sysrem03.com",
- "pharmacy.info", "guide.info", "drugstore.info",
- ); // array of evil spammers
- $ref = $_SERVER["HTTP_REFERER"];
- foreach ($spams as $site) {
- $pattern = "/$site/i";
- if (preg_match ($pattern, $ref)) {
- header("Location: $ref"); exit();
- }
- }
- ?>
You can either cut and paste the code above, or download the script which contains my real-time updated spammers list (which doesn't grow fast, hopefully) :
- no-refer-spam.txt : save as .php
- no-refer-spam.php : copy and paste in a blank .php, but don't download it directly, this is highlighted html, not plain code
Install and customize
To add more entries to the spam array, just add comma separated strings, enclosed with quotes. These strings can be a full url (www.i-am-a-naughty.spammer.com), just the main domain (spammer.com), or even a keyword (poker-online, but be warned that a genuine visitor coming from http://joesblog.com/archives/i-hate-poker-online/ will be bounced back)
Make sure strings contain no slashes, or otherwise modify the script as suggested by Chris in comment #2 (and, by the way, thanks for the tip Chris :)
Unless bandwith is a real problem to you and you are being hit real bad, I'd suggest not to give the list too much attention. Just add entries when you notice a serious spammer, or you are quickly going to manage a 1000 entry array :)
Then, add the following line to the very beginning of the pages you want to protect (in most blog, adding it at the top of index.php in your blog root will protect your whole site)
- <?php
- require('/home/you/blog/physical/path/to/no-refer-spam.php');
- ?>
Your file, i.e. index.php, must begin with these 3 lines.
Final words
My script is one solution amongst many. If your host permits it, you can as well use mod_rewrite and add lines to your .htaccess, but I find mod_rewrite rules less user friendly than a straight PHP script.
If you are looking for a neat script to watch your referers, I'd suggest you give Refer a try.
Shorter URL
Want to share or tweet this post? Please use this short URL: http://ozh.in/4b
Great.
Thanks a lot. I just installed it. But I replaced
preg_match()withstrstr()because I got an error message ("unknown modifier…") when I entered a string that includes slashes, like a full URI.I hope it works i'm getting sick from that @#$% online casino every 2 min.
it does work pretty well, at least for me : I've been refer spam free since I wrote it. Keeping an eye on my refer list to update the spam list, if needed, but so far everything is much better :)
http://www.planetOzh.com
http://www.planetOzh.com
I have been hit quite bad by referer spammers these last few days, with peaks at one hit every 2 seconds (bots loading pages of my site with a fake referer in order to make someone click on their site, have a look at this refer spam …
Cool…will give it a try. Can one use wildcards with this? *windowsoftware.biz for instance, or *software.biz to cover whateversoftware.biz?
Unfortunately, it's fairly likely that the referer spam client won't follow the redirect. I added similar redirecting to my comment spam measures, redirecting to go.php?remote_url on my server but that url hasn't appeared in my logs yet, despite getting 2 comment spams in the minutes since.
You could be referer free simply because the request isn't getting through. The
exittakes care of that. I'll leave the code in for a while, but damn, I was looking forward to getting some revenge on those guys!from a spam bot point of view, don't know exactly what is going to happen, I guess it depends on how the bot is actually programmed. The thing I can be sure of, is that since I wrote this script, my refer log is casino and other crap free :)
[…] ound that someone had written a very straight forward way to block referrer spam. Over at frenchfragfactory.net, there is a nice little script that basically loops thr […]
Just installed it…hopefully it'll start catching the referrers I keep seeing :)
[…] ustom fields" + Amazon Wishlist: para quem não tem o Amazon Hacks (como o Spiceee) + No-Refer-Spam: bloqueador de insetos humanos na sua referer list + WordPress […]
Hi and thanks, I have used your script now for a few weeks and I must say that I am very impressed. Only a very few spammers a getting through, good thing is that I just add their domain and they are gone.
Thanks for making my day a bit easier.
O.K. I'm not that good at programming so exactly where does the inital code go? Is it in the section of each page–or the index page? Then the three lines of code goes where? In the body?
thanks,
Hi, i found your script very useful, but i changed it that way:
——————
In that way i only need to place a part of the string composing the spammer name.
Thank you, anyway.
Uriel
[…] ). Wish me luck because I definitely need it! Site news (or something): Since I installed this script and this patch [via aestia], my referrers list is free of spam. R […]
This thing is great!
I've installed it on my blog as well as a dozen more than I host. It has given me back the usefulness of awstats (no longer is it flooded with garbage).
Thanks for a great plugin!
Thank you. However stay tuned : I think I'm going to release a much much more efficient version of this script later on this script, that will require no maintaining nor adding new hosts ever.
Thanks a million – I'm gettin tired of seeing all this stuff in my logs!
Works great ! Thank you very much ! :D
I tried to post an explanation why this doesn't work but alas… it gets marked as spam. *baffled*
Anyway, it doesn't work. A bot doesn't follow redirects.
Here's what I tried to post, for those who are interested:
http://www.i-marco.nl/weblog/ozh-why.txt
Marco, you're right, and I know this :)
Actually this script is mostly deprecated. I have written a much more efficient and smarter one, I have yet to find some time to release the thing :)
Ah ok! Well if you've found a way to make spammers eat up their own bandwidth while saving our own I'm extremely interested!
I would love to see your new solution as well. Hope you don't use the approach Marco has available by using a htaccess file. My host doesn't support this.
Hey, it seems like I really have to release the thing now :)
Marco » no, unfortunately, this doesn't waste spammers bandwidth :) But it saves yours, and your referral log, which is cool anyway :)
"localhost" » no, it only relies on a PHP script you can include on any PHP powered website.
Just mail it. I'm more then willing to post it on my own blog with all needed credits to you.
[…] Ich werde jetzt mal das Skript von planetOzh testen und hoffen, dass ich damit erst einmal sicher bin. Abgelegt von Kolja Schönfeld unter: Berichte | Webbericht | Spam […]
I'd like to know when you update this :)
To my horror only the other day I started getting refer spam in awstats, about 400 domains…is very depressing.
Would not it be easier to block unwanted referers through .htaccess?
I'm NOT spammer. likejazz.com is just written in Korean.