Arg! Referer spam is annoying!

In case you're not familiar with it, referer spam is created by an automated program that crawls thousands of sites and leaves a spoofed web page as the referer link, making it look like someone linked to your site, when really no one did. The spammers hope that you show referer links publicly (also called trackback links), which might give them a bump in search engine results. At the very least, they would be seen by web masters viewing their traffic logs.

Even if your site doesn't publish referer links, they figure it only takes a milisecond to ping you so they stick you in the list anyway.

For web masters, referer spam really messes up our logs. When we want to see who is linking to us, our real stats are jumbled up with spoofed URLs pointing to poker and viagra sites.

The following is about to get a little technical.

What to do?

If you're hosted on a Linux box, you can treat the culpruit with a site-wide HTTP ban. On a Windows box? You can do the same with your ASP scripting language. Here's how to do it in Linux:

1. Create or edit a .htaccess file in the main directory of your web site.

2. Add the following lines to it:

#
# Block referer spam.
#
RewriteEngine on

RewriteCond %{HTTP_REFERER} (spammydomain.com) [NC,OR]
RewriteCond %{HTTP_REFERER} (anotherspammydomain.com) [NC,OR]
RewriteCond %{HTTP_REFERER} (onemorespammydomain.com) [NC]
RewriteRule .* - [F]

3. Save the .htaccess file and upload it to your web server.

Now, anyone with an HTTP referer of any of the listed domains above, will be banned from the site and receive an "Access Denied" page instead. They will not be recorded in your traffic stats log as a referring hit (instead it will be a 403 hit) nor will they take up bandwidth.

Only drawback to this approach is that you have to add domains to your block list as you come across them in your logs.