It’s been a while since I posted, for various reasons. One of them was really cool: a six months long road trip across the US. I’m blogging about that in my personal blog here. I’m finally back now, and catching up on work.
One annoying task I’m facing is combating referrer spam on a blog I currently manage. A combination of high-intensity graphics and a bunch of pesky referrer spam bots who constantly crawl the site are causing an influx of bandwidth usage I would really like to curb. I figured I may ask well make this into a post – hopefully this will be helpful for other bloggers.
What is Referrer Spam
Whether you check your stats on a WordPress plug-in or using a server-side script like Awstats you may be seeing them. Referring websites that -
- Don’t seem to be related to your niche.
- Don’t actually have a link back to your site.
Congratulations! You’ve been hit by referrer spam!
Why are they doing this?
Surely, they don’t think traffic from a frustrated webmaster checking his stats will give them any benefits? Truth is, they couldn’t care less about your visiting their site. They are hoping that by some widget or link to an unsecured page, some of their spam links will eventually end up on web pages that are accessible to search engine. For example, some people have widgets on their sites celebrating top referrals. They mean well – to automatically reciprocate with traffic and link juice to those who link to their site.
Well, we all know what the road to hell is paved with. These “good karma” widgets became food for spam scripts, who hope to gain exposure by faking traffic from their website to yours. Unfortunately, they are indiscriminate in nature, hitting every site they can with robust scripts that just go after every site they can find. I think they may have a preference for blogs too.
How to Fight Referrer Spam?
To be honest, I don’t think there is a very good solution. At least, I haven’t found one, and I have been looking. If you know of an effective quick fix, WordPress plug-in or otherwise, please let me know in a comment. The best plug-in, specifically designed to counter referrer spam, that I could find, is six years old and compatible with WordPress 1.5 *roll eyes*
I did find two possible solutions.
The first is using the Bad Behavior WordPress plugin which is an overall anti-spam solution, based on an analysis of user agents used to access your site. According to the developers
Bad Behavior complements other link spam solutions by acting as a gatekeeper, preventing spammers from ever delivering their junk, and in many cases, from ever reading your site in the first place. This keeps your site’s load down, makes your site logs cleaner, and can help prevent denial of service conditions caused by spammers.
The second possible solution is to manually edit the site’s htaccess file to block specific domain names or ip addresses, or both. There is more than one way to achieve this, and this page on the official WordPress site provides a detailed description.
For my blogs, at least for now, I won’t be blocking referrer spam using the htaccess file. For one thing, this is a cumbersome task that requires continuous maintenance. I have read accounts by webmasters who have to work daily to keep their own list of blocked sites up to date. Additionally, blocking ip addresses is a tricky business. You can never be sure you’re blocking the right ip address, and you may end up blocking innocent surfers from visiting your site, while still letting spammers through.
I am going to give Bad Behavior a go. I’ll install it on one of the blogs that is most effected by this and see how this works. I will be back with an update as soon as I have some data to analyze.
Twitter: movingacross
says:
This has gotten so bad for me that I started to reach my server space limits because of the logs generated. I have subsequently turned off pingbacks, trackbacks, and comments to try and stop these people.
Mac´s last [type] ..Truck Rental Unlimited Mileage
Hi Anne, I know what you mean about editing your htaccess file, it’s very easy to make mistakes and block legitimate traffic and keeping it up to date is a nightmare. One solution I’ve been using on some sites to good success is the service offered by Cloudflare, to quote from their site “CloudFlare leverages the knowledge of a diverse community of websites to power a new type of security service. Online threats range from nuisances like comment spam and excessive bot crawling to malicious attacks like SQL injection and denial of service (DOS) attacks. CloudFlare provides security protection against all of these types of threats and more to keep your website safe.”
Has several other features to take the load off your server and speed up your site too such as CDN (Content Delivery Network).
Beth´s last [type] ..How to Get an Ex Back That Dumped You