Categories
PHP WordPress

Bye bye Referer Spammers!

Take a quick look at your logfiles any time and you’re likely to see referer spam in there somewhere. Not only do those requests pollute your log files and stats pages, but they also consume resources on your server when you serve them pages that aren’t even going to be viewed by anyone. Here’s one way of stopping the spammers eating into your server resources:

  • Look through your logfiles and examine the referers. Here’s a quick bit of code to do that. (Remove the backslashes (“\”) from before double quotes. WP is putting them in on me!) :
    awk '{print $11}' < /var/log/apache2/access_log| sort|uniq -c|sort -r|grep -v "mydomain.com"|less
  • Copy and paste any likely looking referer spam sites somewhere else for safe keeping. The ones that use most of your resources will be at the top of the list.
  • Add this code to some page that every page on your site loads, it should be included before main execution of the page occurs. Fill in the array of referer sites with the list your assembled from your log file. I’ve added a few from this morning’s log file.
    if( isset( $_SERVER["HTTP_REFERER"]  ) )
    {
        $referers_to_avoid = array(
                "ttp://texas-holdem.andrewsaluk.com",
                "ttp://www.highprofitclub.com/",
                "ttp://www.sex4singles.com/",
                "ttp://www.parishillton.com/",
                "ttp://www.moneylinebet.com/",
                "ttp://www.free-hentai-anime-sex.com",
                "ttp://www.bondage-bdsm.us",
                "ttp://www.handjob-movies.us",
                "ttp://www.zoothumbnails.com",
                "ttp://www.bestiality-animal-sex-stories.com",
                "ttp://www.gay-men-sex-movies.com",
                "ttp://russ-darrow-kia.gq.nu/",
                "ttp://nissan-xterra.sbn.bz/",
                "ttp://nissan-thermos.gq.nu/",
                "ttp://folding-chair.wol.bz/",
                "ttp://www.xcites-0-cost-interracial-cum-teen-sex-movie.com"
        );
        while( list( $key, $val ) = each( $referers_to_avoid ) )
        {
            if( strpos( $_SERVER["HTTP_REFERER"], $val ) )
            {
                die();
            }
    
        }
    }
  • Add an error_log() to the “if” condition to spot when a spammer visits.
  • Add this to index.php of a WordPress installation to protect your blog and make your legitimate requests go that much faster!