Category: TechTus


Permalink 12:06:04 pm, Categories: TechTus, TechTus, 496 words   English (CA)

Referrer spam take 2.2

include dirname(Blocking the IP of a referer spammer is good but this is not a 100% solution as some of them change there ips as fast as you block them. Using some mod-rewrite rules is another way for blocking referrer spam. After g O o O o O o O o O o O o gling and technorati tagging on the subject a little I found a neat rule that send the culprit from where they came from instead of just serving them a simple forbidden page.
If you are on an Apache webserver you can add some rules to your "htaccess" file in order to implement this function.
I found also this rule :

RewriteCond %{HTTP_REFERER} ^(http://www.)[a-z]+-[a-z]+- [NC]

which block any domain where there is 2 - (dashes) in the domain name like "" as most spammer do use this type of domain name. I modified it to :

RewriteCond %{HTTP_REFERER} ^http://([a-z0-9-]+\.)[a-z]+-[a-z]+- [NC,OR]

as some don't use the www in the beginning like ""
Another rule for those that don't use 2 - in the domain name

RewriteCond %{HTTP_REFERER} ^http://([a-z0-9-]+\.)?keyword.*$

Replacing keyword with your favorite spammer domain.
Adding the lines below to the "htaccess" helped a lot.

RewriteEngine On

RewriteCond %{HTTP_REFERER} ^http://([a-z0-9-]+\.)[a-z]+-[a-z]+- [NC,OR]
RewriteCond %{HTTP_REFERER} ^(http://www.)[a-z]+-[a-z]+- [NC,OR]
RewriteCond %{HTTP_REFERER} ^(http://)[a-z]+-[a-z]+- [NC,OR]
RewriteCond %{HTTP_REFERER} ^http://(www\.)?.*(-|.)?keyword1(-|.).*$ [OR]
RewriteCond %{HTTP_REFERER} ^http://([a-z0-9-]+\.)?keyword2.*$ [OR]
RewriteCond %{HTTP_REFERER} ^http://(www\.)?keyword3.*$ [OR]
RewriteCond %{HTTP_REFERER} ^http://([a-z0-9-]+\.)?keyword4*$

RewriteRule ^(.*) %{HTTP_REFERER}/ [R=301,L]

Don't forget to replace the word Keyword with whatever is needed like porn, vicodin, poker....

This is still not 100% efficient as you still need to add more keywords as new ones appear in your logfiles.

What I did also is a redirection from the public stats page whenever it is accessed with a referrer, as most of the spammer try to access mostly this page. So those who manage to pass the rules of the "htaccess" get redirected anyway. The only way to access this page is through a direct access (paste the URL in your browser location try it and if you click here you get redirected back to this page). And instead of the referrer stats this page displays the banned IPs.
In order to do this redirection you need to make those changes below to the _main.php and to _stats.php pages from your b2evolution skin:

Add those lines in the very beginning of _main.php:


if( $disp == 'stats' && $ref ) {
require( dirname(__FILE__).'/_stats.php');

and those lines in _stats.php just after if( $disp == 'stats' ) :


if ($ref){
header("Location: $ref");

This seems to work for around 98% of the referrer spam I get here.
Coupled with Antispam cron and the B2 Antispam Bandwidth



Permalink 03:32:58 pm, Categories: TechTus, TechTus, 184 words   English (US)

Referrer spam IP list

Here is my ever growing Referer spam IP list. It will be frequently updated as there is always a new spammer around the corner.
I've banned those IP's from accessing the site, because even if you use the included antispam list in b2 evolution this does not stop them from the continuous bombardment of the site with the result of excessive use of bandwith (Antibandwidth) for no valid reason.
What I did also is emptied the _stats.php template from it's content so it is for no use for the referer spammers, as all what they want is just links in this page so they can get some page ranks but even this does not seem to stop them as they don't even check the results of their action.

NB: I included the Referer spam IP list on the statistics page. Certainly if it is included and distributed with b2 antispam system this will be a much better solution.

I encourage the b2 users to do the same in the hope that on the long run those actions would help to stop those culprits.


Sounds that comes out of the ordinary can have something extraordinary. Altersound comming to an ear near u.

jamZradio :a:

WebEcho  :a:

GuessThis :a:

<  January 2018  >
Mon Tue Wed Thu Fri Sat Sun
1 2 3 4 5 6 7
8 9 10 11 12 13 14
15 16 17 18 19 20 21
22 23 24 25 26 27 28
29 30 31        




Heard & Read (Linksroll)

Sound links

Unsound links


Syndicate this blog XML

Creative Commons License
All works under the Categorie
"Mp3 to download"
are licensed under a
Creative Commons License.

powered by

Visually linked by
Visually linked by

Valid XHTML 1.0!

Valid CSS!

Valid RSS!

Valid Atom!

© 2003 - 2005 Ze1 cWnD Productions