/ Http Code: 200 Date: Sep 19 08:53:00 Http Version: HTTP/1.1 Size in Bytes: 3391 Referer: [coins.shop.ebay.com...] Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0)
Followed by the items that would load from the user actually being on my landing page. I wouldn't get that from a hotlink, but from an actual link to the page that someone clicks.
Is there any way a referer could be shown if the person were to just type a web URL into their browser and click go? Or does the referer only show if they are actually sent from the site listed in the log?
Msg#: 4203639 posted 2:19 am on Sep 20, 2010 (gmt 0)
my first guess would be they embedded your home page in an iframe, which would also send a referer. however, that particular page looks like a search results page, so i'm not sure how an iframe of your home page would appear on that referring url.
Msg#: 4203639 posted 11:03 am on Sep 25, 2010 (gmt 0)
It can be spam using the referer field. The referer can be setup anyway the request party wants.
By having a referer pointing to a link of their choice they hope the server logs are/or will be published (via statistics or other methods like with what you already did by posting the link) to promote their spam.
Fortunately the forum includes an intermediate redirect method to remove incentives for external link posting.
Yes and with PHP using fsockopen, header, curl etc, programmatically they can setup not only the referrer but other info like the user agent etc. So you never trust user input other than the remote IP/Port in incoming requests.