phranque
msg:4203743 | 12:10 am on Sep 19, 2010 (gmt 0) |
welcome to WebmasterWorld [webmasterworld.com], nickelman!
you are probably hosting some images that are being hotlinked from ebay listings.
|
nickelman
msg:4203943 | 7:34 pm on Sep 19, 2010 (gmt 0) |
Thanks for the heads up, I will check into that. :)
|
nickelman
msg:4203949 | 8:02 pm on Sep 19, 2010 (gmt 0) |
OK after thinking about that for a bit that can't be the reason. I have another site that has forums hotlink images and they always appear as an image then the website as the referer like this:
/Assets/Images/Games/GamesSale/Guilty_Gear_Thumb.jpg
Http Code: 200 Date: Sep 19 10:49:12 Http Version: HTTP/1.1 Size in Bytes: 223954
Referer: [gameplay.com.ua...]
Agent: Opera/9.80 (Windows NT 5.1; U; ru) Presto/2.6.30 Version/10.62
What I am getting from Ebay is like this:
/
Http Code: 200 Date: Sep 19 08:53:00 Http Version: HTTP/1.1 Size in Bytes: 3391
Referer: [coins.shop.ebay.com...]
Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0)
Followed by the items that would load from the user actually being on my landing page. I wouldn't get that from a hotlink, but from an actual link to the page that someone clicks.
Is there any way a referer could be shown if the person were to just type a web URL into their browser and click go? Or does the referer only show if they are actually sent from the site listed in the log?
|
phranque
msg:4204036 | 2:19 am on Sep 20, 2010 (gmt 0) |
my first guess would be they embedded your home page in an iframe, which would also send a referer.
however, that particular page looks like a search results page, so i'm not sure how an iframe of your home page would appear on that referring url.
|
enigma1
msg:4206779 | 11:03 am on Sep 25, 2010 (gmt 0) |
It can be spam using the referer field. The referer can be setup anyway the request party wants.
By having a referer pointing to a link of their choice they hope the server logs are/or will be published (via statistics or other methods like with what you already did by posting the link) to promote their spam.
Fortunately the forum includes an intermediate redirect method to remove incentives for external link posting.
|
nickelman
msg:4206796 | 1:03 pm on Sep 25, 2010 (gmt 0) |
So where I think this is someone coming to my site interested in buying, in actuality this is someone visiting my site trolling trying to get me to buy something from them...
Interesting.
How does one go about making their referer do that?
|
phranque
msg:4206811 | 1:54 pm on Sep 25, 2010 (gmt 0) |
the Modify Headers add-on for firefox, a perl script and the HTTP::Headers [search.cpan.org] module, etc.
|
enigma1
msg:4206858 | 4:42 pm on Sep 25, 2010 (gmt 0) |
Yes and with PHP using fsockopen, header, curl etc, programmatically they can setup not only the referrer but other info like the user agent etc. So you never trust user input other than the remote IP/Port in incoming requests.
|
nickelman
msg:4206884 | 5:45 pm on Sep 25, 2010 (gmt 0) |
Thanks for the replies they have been both informative and helpful!
|
|
