[users@httpd] Out of control Referrer spam; I'm puzzled.

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi All:

I don't know about everyone else, but Referrer Spam on my site has reached epic proportions. I've been reading up on it, but one thing still puzzles me.

If the referrer url is phony and the ip address from which it came is phony, how does that benefit the spammer? It seems to me that the url that got posted to a stats page would simply be a dead end.

Moving on - Since a lot of the spam urls have certain things in common (ie., "porn", "foto", etc.) I can return an error code to a lot of spammers via mod_security, but of course, the spammers don't care. They wind up in the logs anyway. This raises some questions.

1. Is it possible to redirect the http request back to the referrer url, thus letting spammers with valid urls spam themselves?

2. Is it possible, using the commonalities above, to prevent them from getting into the log file? Can apache simply drop the request making it appear there is no server running?

3. Can the referrer url be validated before accepting the http request?

4. Since my page shouldn't be linked to from anywhere else, except maybe search engines, is it possible to create a sort of whitelist of referrer urls and reject all others (letting the request drop into a black hole) ?

5. How about an rbl for referrer spam? (or did I see that somewhere already. I don't remember.)

Anyway, anyone find a way to deal with it that at least reduces the spam? My ISP graciously allows me to run a server as a hobby, but if this spam keeps increasing, they're liable to consider me a commercial enterprise.

Maybe we should get a thread going and see what we come up with (or was there one that I missed?)

Any thoughts appreciated.

Regards,
Gene


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
  "   from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx



[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux