Right around the time you realize that people you don’t know are actually reading your blog, you probably are going to start checking your stats to see where in the world they’re coming from. Your web host gave you a package like awstats or webalizer to generate nice statistics and graphs for you, and you go through it looking for the search terms people used to find you and the sites which linked to you.
You check one out, and suddenly you’re at an online casino, or a porn site.
You’ve been hit by referrer spam.
What’s Referrer Spam?
Unlike comment spam, where spammers try to post comments and trackbacks to your site, in order to get links to their spammy garbage, referrer spam doesn’t show up on your site, but in your web server logs. A spammer loads up your pages using fake referrers, their own nasty sites, that don’t actually link to you. And when you check them out, you’re horrified. You want this crap out of your logs and the spammers to suffer horrible fates.
But why are they doing this? What’s the point of putting a link where nobody but you, the blogger, will ever see it?
Unfortunately, whether by accident or design, too many people actually publish their web server statistics. Search engines crawl them, and the spammers have “good” links back to their spammy sites.
Fortunately, there are several things you can do to get rid of referrer spam and make it useless for referrer spammers to hit your site.
Killing Referrer Spam
Hide your statistics: The very first thing you should do, before anything else, is to stop publishing your web server statistics. It’s best to download them to your computer for offline viewing. If you want to leave them online, though, password protect your statistics directory. Your web host should have an option in the control panel to set up password protection for portions of your site, or you can set it up manually. This will ensure that referrer spammers, even if they do hit your site, can gain no benefit from doing so.
Block referrer spammers: Next, you will want to block referrer spammers. Install the Referrer Bouncer Plugin for WordPress and referrer spammers will be delivered a nice 403 Forbidden error message. The 403 errors can then be filtered out of your web server statistics so that you never have to see them in your finished reports. If you don’t see an option in your hosting control panel to filter these out of your statistics, ask your web host. And if you don’t use WordPress, or you want to protect other parts of your site from referrer spam, try Referrer Karma. It’s a lot more work to set up, but it doesn’t require WordPress to run. It can protect almost any web site which uses PHP from referrer spam.
Prevent referrer spam: Finally, prevent referrer spam by blocking malicious robots which crawl your site. Bad Behavior is a plugin for WordPress and many other PHP-based platforms which blocks many types of malicious crawlers, as well as comment spam. A referrer spammer has to crawl your site to deliver spam. Bad Behavior can stop many of these crawlers before they even have a chance to get started.
- WordPress Plugins Battling Evil
- Bad Behavior Continues to Give the Finger to Comment Spammers
- I’m Winning the Battle Against Comment Spam