If you watch your website visitor statistics you may have been baffled (and then annoyed) to see that the Referrer section - (called Links from an External Page in Awstats) which lists sites that have sent visitors to your website - may contain bogus listings. No visitors actually arrived at your website from some-icky-spam-site.com, but the log file seems to indicate that people did. This is a new form of Spam, created by automated programs set up to visit your site with faked referrer headers just for the purpose of putting links to spam sites in your weblogs. Why are they spamming your website statistics logs? A) They get you to visit the site when you become curious if there really is a link to your site at some-icky-spam-site.com. Just as importantly, B) They are hoping that your site’s referrer info will be found by the search engines. How? 1. Some servers have the log files unprotected and available for the outside world to see - and hence for search engines to find. Not on our hosting service! 2. Even if the log files are protected, certain blogs inadvertently re-opened a window to them, and as a result all blogs are now being targeted for this new form of Spam. That is because of the (hopefully former) popularity of widgets that display links from referring sites as a sign of the blog’s importance and popularity. Spammers found that if they could trick insecure blogs into putting a link to some-icky-spam-site.com on the web page, then it will not only drive traffic to the spam site, but it also helps that spam site’s search engine ranking. To enhance their results, referrer spammers may direct their bots to hit a site dozens of times, wasting your account’s bandwidth, log file space, and messing up your visitor statistics. Some blogs have literally been spammed to death - when hosting provider kicked them out because of bandwidth being gobbled up by spammers.

What to do? At FrozenBlues we have installed security measures (mod_security apache module) to protect our server and allow our hosting clients thwart this new sort of Spam. Besides filtering out spurious referrers with a default set of typical spam keywords (you can easily guess what they are), our clients can add and edit keywords and names of spam sites appearing in their site’s logs and banish them from appearing again. Score one for the good guys!

This entry was posted on Wednesday, January 30th, 2008 at 6:18 pm and is filed under Domains & Hosting, Hosting. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.