Will this code help referrer spam!

Forum Moderators: phranque

Message Too Old, No Replies

Will this code help referrer spam!

Sends referrer back to own site

surfgatinho

11:26 am on Nov 11, 2005 (gmt 0)

As all the referrals from these top level domains to my site is utter junk. I thought I'd redirect them back to themselves!
It seems to work but could someone with a little more experience let me know of any possible negative effects?

if(preg_match("/\.(cx$)¦(nu$)¦(by$)¦(to$)¦(st$)¦(pl$)¦(mn$)¦(bz$)¦(ru$)¦(cc$)¦(ki$)¦(br$)¦(us$)¦(de$)¦(md$)/i",$_SERVER['HTTP_REFERER'])){
header("Location: ".$_SERVER['HTTP_REFERER']);
}

The idea was they could eat up their own bandwidth if nothing else

Thanks Chris

surfgatinho

11:29 am on Nov 11, 2005 (gmt 0)

This is the response I'm now getting in the logs:

/index.php?disp=stats
Http Code: 302 Date: Nov 11 11:23:03 Http Version: HTTP/1.1 Size in Bytes: 16878
Referer: http:// dodgy pharmaceuticals .ru!
Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)

jdMorgan

3:23 pm on Nov 11, 2005 (gmt 0)

Hmmm... This might be a two-part question.

First, "will this [prevent] referrer spam?" No, probably not. The reason is that log spammers 'fire and forget.' To begin with, their chances of log-spamming a site that makes its stats publicly-visible is pretty low. And second, many of the sites that do this are fairly low-tech sites. So, they crank out several hundred thousand requests, and if they get into one publically-published log or stats file, they are happy.

A few may notice your back-referral in their logs and take you off their URL-list, but it's probably not worth the bother.

My preferred approach for these guys is to internally rewrite the request to a subdirectory on my site. In that subdirectory is a .htaccess file that forbids access to any page in that subdirectory. It also contains an ErrorDocument directive that applies to requests in that subdirectroy only. The trick is that the custom 403 page is only 2 bytes long. In this way, my server sends the shortest practical 403 error response, and I go on about addressing more important problems.

You may have have an implied question as to whether your server's response was correct. If you'd prefer to use a 301-Moved Permanently redirect, then the following code change, lifted from the WebmasterWorld PHP forum, would write the 301 response:


if(preg_match("/\.(cx$)�(nu$)�(by$)�(to$)�(st$)�(md$)/i",$_SERVER['HTTP_REFERER']))
{
header("HTTP/1.1 301 Moved Permanently");
header("Location: ".$_SERVER['HTTP_REFERER']);
}

(shortened country-code list to avoid side-scroll on this page)

Jim

surfgatinho

5:55 pm on Nov 11, 2005 (gmt 0)

Thanks for the (as always) well informed response Jim.
I guess I'm just being vindictive, but I want to just return the 'favor' and hopefully waste a little of the spammer's bandwidth.

What really annoys me is the stats page was disabled months ago, but that doesn't make any difference to these idiots!

jdMorgan

7:28 pm on Nov 11, 2005 (gmt 0)

> and hopefully waste a little of the spammer's bandwidth.

Two points to ponder:

How do you know that the apammer even has a server running?
The additional bandwidth you use by doing this slows down the entire 'net between you and him, as well as anyone unfortunate enough to share an ISP with the spammer, and so affects all users on that segment.

Jim