Today I took some entries from another fellow’s .htaccess file, and just in time. Today TGB was hit with over 70 referer spam attempts.
For those who don’t know, referer spamming was originally designed to increase page rank in Google back when many blogs posted lists of their referers or left open links to their stats pages. Google would index the pages, and the spammers get a ping to the site they listed. Of course, there is almost no reason to do it these days. Unfortunately, it’s so easy and cheap to do, spammers don’t care that they are pointlessly clogging up the logs and eating the bandwidth of thousands of blogs that do not help pagerank for the off chance they get the one that does.
There are currently not many viable options for web masters looking to kill this behavior. Spammers use zombie machines or open web proxies to prevent effective IP banning, and they mass register domains only to let them live for 24 hours, in the case of mail spam, or in my recent referer spams, showing a fake termination page for a week and then turning on a redirect to another domain.
Currently what most of us are doing is constantly chasing the ever expanding list of spam domains with a blacklist in a .htaccess file. Here’s the one I’m currently using and stopped today’s load of 70. At least in this case, the page getting served to the spammer is just the very small 403 error page rather than a comparatively large regular HTML page from the server and they don’t show up as much in our stats packages.