Do you think it's actually coming from the widget people or from the SEO company they hired?

If it's coming from the SEO rather than the widget people then couldn't the answer be to unnerve the widget people about the side-effects their campaign is having (ie generating a negative view of their product because of their actions).

As for solutions - didn't the bloggers come up with some tools to combat their versions of this, referrer and comment spam?

- Tony

Why not exclude bots from your logs using robots.txt? If your logs don't appear in the engines you won't be a target for the log spammers.

do you want the world to see your website stats anyway?

It doesn't work like that incywincy.

The bot only has to request a public page on your site with the spamming websites URL in the referrer field.

The spammers don't check whether or not your logfile data is public - spamming is a carpet-bombing approach.

TJ

Oh I see, then I guess it's an htaccess job then!

i redirect nasty bots to a gay pron site

Yes, I think what I need is a little tool that I can just click a button and have it auto-edit the .htaccess sin-bin.

TJ

I am leaning towards a solution that might hurt a little, but it's nice in a long run. I am thinking to disable all agents by default and allow major ones only:
- mozilla
- google
- yahoo
- msn
- safari?
- etc...

Basically major SE bots and major browsers. The rest should RIP.

The bigger problem is that anyone can fake the user agent string.

Yes, that's the big problem, the ones I'm seeing always fake the userstring.

I presume they do the page request and then disconnect instantly, which would mean at least they're not sucking up bandwidth.

But what would be happening is the php engine will be building the pages.

Had 1,000 like this just today. I can see it escalating.

I don't really understand it for "widget" sites - I can see the logic of spamming webmasters for SEO or hosting related services, but I just can't think that they sell many widgets this way?

TJ

They probably don't sell directly, more likely they are just using the shotgun approach to appear on "top referrers" and "stats" pages for cheap links, or to trick people into posting the link because they can't see how that page has referred traffic to them.

- Tony

Yes I suspect you're right Tony.

Unfortunately due to the carpet-bombing approach of spammers they're indiscriminate about the fact that my logfiles are not public and won't get them anywhere....

A few days ago I got logfile spam from a page advertising software to automate logfile spamming. So yes, I think this one is about to escalate.

My .htaccess grows larger every time I find another. It's easy to add keywords for the worst offenders amongst unrelated sites (webmaster, rx, pron), but this is spreading, and it's not just stores.

What I'd like to see would be a trustworthy list of the most common ref. spammers. I've found one or two webmasters posting them, and obviously there are all those public stats. But it still means checking each time, for those times it looks like a legit link. It would be useful to be able to block more of this in advance.

We've being seeing loads of this for quite a while, but yeah, I would say it's definitely getting worse. A friend registered a new domain on 23-Aug-2004, they are already getting hit on that domain.

With respect to my site, I've found log-spamming to be nearly dead.

Where I used to have hundreds of lines in succession, several times every day and have posted several times accordingly, I now have maybe one line twice a week.

Now, for those who would argue they are using different tactics for different reasons. You may be right. Back then, they were targetting those whose stat pages are exposed to the 'Net and today they appear as though they are simple, single referer string.

For some type of sites it may very well be increasing, but not in my house. :)

In past threads the common wisdom was '...leave them alone, you'll never be able to stop them'. Not being one to capitulate, I banned via IP Number and eventually they got tired of being force fed 403s.

I've been noticing many more lately. I have taken a combatitive approach to ridding myself of these log spammers and have been successful in getting some of them to stop.

Usually I politely ask them to remove my domain name from their spam list (this has never worked).

Next I do a WHOIS lookup, find their host, and report them to their host for spamming. On a couple of occasions the spammers have had Adsense on their websites so I reported them to Google as spammers who are directing visitors to their website by log spamming. On two occasions I have revisited the sites I have reported and found that they no longer have Adsense; I don't know if my efforts were the cause of their removal, but I believe they could have contributed.

If every webmaster who is sick of log spamming took the time to report at least 3 spammers per month, we could beat these spammers.

I've recently had a number, most of them Belgian (we're in Belgium), some looking like real legit sites that would have no need for the greasier type of SEO - universities, airports. My guess is that these were there along with the others as some sort of subterfuge to hide the bad guys. Problem is it just makes for more worthless entries in the referer logs. Each only registered one visit - my guess is it's some kind of bot that then looks to see if it can find the links corresponding with the referers, and drops more if it can. Our referer log isn't public.

Some I've seen in the past will play ping pong with you if you actually click on the link - drop another referer shortly afterwards. Sorta like clicking on the 'remove me' link in spam mails - 'hey, we gotta live one here, let's do it again!'.

I have a new site with little traffic - 1/10 of my logs are spammers, argh! It's messing up my statistics, it makes it difficult to see the natural, HUMAN traffic patterns.

I've started to use IP block but the same spammers return with new IPs.

Does anyone have a list of spammer IPs? If you do, please consider "sticky-mail"-ing them to me.

Thanks.