Don't worry about it. He's just hoping for a linkback (in case your stats pages are not password protected).

This is referer spam.

There is software to produce per hour some 1000 false referer log entries.

Webmasters are usual very curriouse and visit all this referers.

This problem just stops me to make a new site about many different web statistics. My current web statistic site got last month about 15.000 wrong referer log entries by referer spamers.

To sort out all the wrong statistic entries makes publishing of the stats site much more work intensive.

Referral spam?
So these guys spam false referrals hoping that webmasters will click on the referring link from their webstats?

I learned that already- never click on the incoming links in your stats.

What do they do with it once they get a look at your stats?

Oh yeah Im curious what is the deal with the double header ending?

their hoping for a backlink indexed by google or another bot to increase their incoming links

I also catch strange IP's like this trying to access wierd files in wierd directories. I imagine they're bots out looking for server vulnerabilities.

What can you do? Other than doing a lookup on the IP and reporting it to whoever owns it for abuse, there's not much else you can do.

I did some research on this stuff.
It is becoming a growing problem. It is the latest spam tecnique.
I even found some marketers selling it as a service, they call it neural marketing but what it really is is referral spam and comment spam (spamming blog comments).
Some people are getting swamped with this crap in their referral logs. I'm getting diet pill guys linking to me and illegible search terms now.
One guy said he set up a script that goes to the referring page and verifies wether a link exists, if not then he redirects it back to the referrer.
For me this could be an option because I have only a few dozen valid inbound links but what about the guys that have hundreds or thousands of valid inbound links? You cant go verifying every request spamming your partner sites with link validation scripts constantly.
Anyone else have this problem or what? Should we just ignore it or try to come up with a solution? I was thinking maybe to maintain a 'white list' since a blacklist is futile (because of too many zombies and too large a list) if a referrer is not on the white list then send a verification script and if it is good then add it to the white list. Or is this just too much trouble for something that should be ignored?

Make sure that your log files arent public and ignore. Anything else is a waste of time, unless it helps relieve your blood pressure. :)

If there are some keywords that you are sure won't be in legitimate referrals, ban these by .htaccess. This is useful for simplifying log files and conserving bandwidth.

The only other thing to do about this is to educate other webmasters, and don't leave open-access stats pages if you build sites for others.

Man ...
I hate referral spam. Mind you, wait until you get some joker with a network of 40+ sites spamming your statistics with software, day after day, week after week, month after month. It's more fun with public statistics, but public statistics are not required, these spammers did not visit your site to see if you have public statistics, they don't even care because they usually spam 1,000 or so sites found via a robot crawling google for whatever keywords the spammer thought up.
Yeah, it is a serious problem.
What can you do?
One method which works and it's the only one I know of (and I dislike it because it uses a blacklist which simply grows longer and longer) but it's the only thing I know:

First, always tag dynamic (auto-updated) statistic pages with NOINDEX/NOFOLLOW meta tags. This will never stop the spammer, don't even think a spammer would be so kind as to obey silly meta tags, but Google can and will lower your own site's ranking if it finds a slew of garbage links in your site's pages, and this helps keep it from happening.
Then:
Write a script for .htaccess which either:
a) bounces the hit back to them
advantage: spammer can feel the pain when they see they are self-referring themselves in their statistics, ought to be a kodak moment.
disadvantage: the not-so-smart spammer fails to realize the obvious, thinking instead it is working! After all, it still records as a hit on their site even if it is the same hit they sent.
b) absorbs the hit
advantage: spammer gets nothing for their effort.
disadvantage: spammer feels no pain and may never cease and desist (actually this is true of tactic 'a' as well).

Anyway, the script goes:

###STOP REFERRAL SPAMMERS
# Options +FollowSymlinks

RewriteEngine On
RewriteCond %{HTTP_REFERER} ^http://(www\.)?firstspamrefsite.com.*$ [OR]
RewriteCond %{HTTP_REFERER} ^http://(www\.)?spamrefsite2.com.*$ [NC,OR]
RewriteCond %{HTTP_REFERER} ^http://(www\.)?spamrefsite3.com.*$ [NC,OR]
RewriteCond %{HTTP_REFERER} ^http://(www\.)?spamrefsite4.com.*$ [NC,OR]
RewriteCond %{HTTP_REFERER} ^http://(www\.)?spamrefsite5.org.*$ [NC,OR]
RewriteCond %{HTTP_REFERER} ^http://(www\.)?spamrefsiteetcetcetc.etc*$ [NC,OR]
RewriteCond %{HTTP_REFERER} ^http://(www\.)?lastspamrefsite.org.*$ [NC]
### For the last part: this absorbs the hit
RewriteRule .* - [F,L]
# This next rewrite rule bounces the hit:
# RewriteRule ^(.*)$ %1 [R=301,L]
# And this last sends any referrer you want:
# RewriteRule \.*$ [fah-Q.ref.spammer...] [R,L]

That is it. It would be nice if someone could write a script to auto-detect refspammers, blacklists get quite lengthy after time.
Hope is help,
Pascal

[edited by: tedster at 7:32 pm (utc) on Mar. 14, 2005]
[edit reason] remove extended signature [/edit]