Blog | Admin | Archives | Random | Recent | Thanks

Referer Spam Countermeasures

Like all spam, referer spam takes what could be useful – in this case, information where people come from to a site – and make it mostly useless – just more links for google to index. However, one of the unique aspects of referer spam also makes it easier to counter than many other types of spam. Generally, referer spam must surpass a threshold – usually, the top ten referrers, to be listed at all on a site. This means that instead of spreading out the referrers, referrer spam generally all points to one place. Which makes it easy to implement a simple anti-referer-spam script like the one I came up with to help fight referer spam on Theo’s blog:

// Ryan's anti-spam hack starts here
$spam_words = file('spam_words');
if(isset($_SERVER['HTTP_REFERER']))
{
foreach($spam_words as $spam_word)
{
if(stristr($_SERVER['HTTP_REFERER'],rtrim($spam_word)) !== false)
{
die("You look like you're trying to refer spam this site with this word: $spam_word".
'If not, sorry for the inconvenience and please '.
'<a href="'.$_SERVER['PHP_SELF'].'">click here to continue</a>');
}
}
}
// End Ryan's anti-spam hack

Then, as a companion, a post-facto script that can be called from the command line or from the web:

<?php
require('./conf/_config.php');
mysql_connect(DB_HOST, DB_USER, DB_PASSWORD);
mysql_select_db(DB_NAME);
$spam_words = file('spam_words');
foreach($spam_words as $spam_word)
{
// echo $spam_word;
$spam_word = rtrim($spam_word);
$sql = "DELETE FROM `evo_hitlog` WHERE `referingURL` LIKE '%$spam_word%'";
echo $sql . "n";
mysql_query($sql);
}
?>

Then, the admin can simply periodically check their top referer output, and if they see a bad guy creeping up, add an appropriate word to their spam_words file and run the killoldspam.php script. The bad stuff goes away and can never come back. Best of all, its not very intrusive to the average visitor, even when they are accidently flagged. Javascript or a meta or http redirect could make it less annoying still.

3 Responses to “Referer Spam Countermeasures”

  1. nordsieck Says:

    Wow! I just looked at my blog stats – you are a genius!

  2. dc Says:

    ooo yummy :D

  3. nordsieck Says:

    A minor improvement to your script: it now ignores whitespace. Yes, I did get bit by that.

Leave a Reply