Home > Tricks > Stop referrer spam on your site

Stop referrer spam on your site

February 14th, 2011 Leave a comment Go to comments

As i was checking WassUp stats of my blog, suddenly i found that my blog got 71 visits from some external sites (referrer) in last 24 hours. First my felling was “WOW, so may referrer”.

referrer spam

referrer spam

*screenshot: showing external referrer excluding search engines.

Later after i check some of those referring sites, i found these are just some sites, that using my site to get better position in site ranking. It’s call “referrer spam”. From wikipedia:

Referrer spam (also known as log spam or referrer bombing[1]) is a kind of spamdexing (spamming aimed at search engines). The technique involves making repeated web site requests using a fake referrer url that points to the site the spammer wishes to advertise.[2] Sites that publicize their access logs, including referrer statistics, will then end up linking to the spammer’s site, which will in turn be indexed by the search engines as they crawl the access logs.

This benefits the spammer because of the free link, and also gives the spammer’s site improved search engine ranking due to link-counting algorithms that search engines use.

Though these visits will not loss you any thing, but it will just waste your server resource. And also if you show some stats on your site like referrer, then your visitors will get some wrong links.

Ok lets see how we can stop them. I searched on net, but didn’t got any good solution. So here is my solution.

Just add these lines to your .htaccess file and smile.

Order Allow,Deny
Deny from
Deny from
Deny from
Deny from
Allow from all

Here i use ip to block/stop this abuse, because after some research i fount this is happening from just particular ips, means those ips running some scripts to do this. Its semi manual way (still looking for better way). Just get these ips from your access log or any 3rd party plugins or apps. then add “Deny from newip” before Allow from all .

That’s all . If you know any better option please share with us.

  1. February 15th, 2011 at 00:01 | #1

    There is another trick. Suppose you want to block referring URLs that contains ‘viagra’ or ‘xxx’ you can use

    RewriteCond %{HTTP_REFERER} (viagra) [NC,OR]
    RewriteCond %{HTTP_REFERER} (xxx) [NC]
    RewriteRule .* – [F]

    • February 15th, 2011 at 00:03 | #2

      @Mahmud Ahsan, yep, good tricks. but problem is they are always changing domains. so i think best way is to block their ip.

      • February 15th, 2011 at 00:06 | #3

        @lavluda, My trick is based on “word” not based
        on domain or IP so if a url contains some slang words like viagra, porn or something
        you can sure that is spamming site so it will automatically blocked.

  2. February 15th, 2011 at 00:02 | #5

    IP কৈ থেকে পাইছেন?

    • February 15th, 2011 at 00:11 | #6

      @অনুপ, you can get ip from access log (if you have access and have time 😉 ) . i use one wordpress plugin called WassUp to see the recent request. it’s very helpful plugin with lots of filter options. and this post screenshot showing WassUp’s graph.

      • February 15th, 2011 at 00:42 | #7

        @lavluda, না, তা তো জানি। কিন্তু আমি জানতে চাচ্ছিলাম এমন কি কোন সাইট আছে যারা স্পাম কমেন্ট এর আইপি সগ্রহে রাখে?

  3. February 15th, 2011 at 00:09 | #8

    I think the easiest one is moderating trackback links.

  4. April 30th, 2011 at 06:19 | #9

    I got 436 spam per day. your tricks will help me. as first thought its a visitor. then discover that its a spamm.

  5. July 19th, 2011 at 18:42 | #10

    Is it possible to protect them by adding captcha image on comment form….? I got got some spam comment..but after adding captcha that problem has been stopped…….

  6. November 13th, 2011 at 22:43 | #11

    Blocking an IP address is NOT the way to deal with referrer spam. Here’s why.

    Most referrer spammers, based on my servers’ logs, connect to the net through some random IP in a pool with some internet provider, send out their referrer spams in blocks, reconnect with a different ip some time later and do it again; usually with different referrers, and of course IPS…

    So seriously, filtering by referrer strings or IPS is like playing hungry hungry hippo with a constant stream of marbles. Eventually you’ll have blocked the entire internet and not solved the problem. That’s like putting a blanket over your business sign.

    Most referrer spamers are sending more than one request in under a minutes time with matching referrer strings. Perhaps a partial solution would be to use fail2ban to filter out X referrers in less than Y minutes time and ban for 24 hours.

    I’ve been reading a little on Project Honey Pot, but I’m not sure who is funding this and I’m certainly not going to let the government fool me into thinking they are helping me out, only to use my data served against me later. Until Project Honey Pot is verified truly private, I have hesitations of its use.

    Another way to deal with the referrer spam, is to start a referrer spam database so that multiples can point at it. This may be what Project Honey Pot is.

  7. February 15th, 2013 at 15:09 | #12

    @ Jordan
    agree with u, though it’s very late reply.

  1. July 7th, 2011 at 20:56 | #1

68 queries in 0.248 seconds