Referral Spam and Obsession
Posted by glo on 18 Jan 2005 | Tagged as: Referral Spam
While I like to say that I have great determination, some might call it stubborn. I have also said that my determined nature is a blessing and a curse. It’s a blessing when I decide to learn something or get something done. It becomes a curse when I won’t stop, even when it’s obvious that stopping is the best thing to do. Maybe that defines obsession in it’s rawest form, I’m not sure but I’m beginning to think that I have a sick mind. Right now I’m determined to keep the referral spammers from using my bandwidth. Determined to the point of becoming obsessive. I have spent the day watching my logs and can’t believe that I’ve wasted my day, especially since it was such a beautiful one. I hate that I’ve allowed the low-life of the Internet to rob me of spending quality time with fresh air and sunshine.
Yes, my mind is as sick as those determined to spam me, perhaps sicker. The only difference is the side of the fence each is standing on. I doubt they waste any of their time on my little piece of Internet real estate. No, they have everything setup to spam me automatically while they are out having fun. Well … I’m probably not going to stop my fight against them now but I sure as hell am not going to waste a whole day watching their automated spam trying to get past my blocks, either in my comments or my referral logs.
I did discover another IP they are using, making it now three different IPs. I should note that blocking these IPs will not keep comment spam out because the spammers are spoofing their IPs or using random proxy servers. Blocking them with the code below will stop them from using your bandwidth to spam your referral logs. I’m posting the code with the three IPs so that I don’t feel like my day was a complete waste of time. I hope it helps others keep their referral logs clean and the bandwidth thieves out!
Place the code between the < ?php and the ?> at the top of the index.php page. I put mine after calling the wp-blog-header.php line.
if (strpos($HTTP_REFERER, ‘ttp://’) > 0)
{
$pieces=explode(”/”, $HTTP_REFERER);
$lookup = gethostbyname($pieces[2]);
if ($lookup == “161.58.59.8″)
{
syslog(LOG_ALERT,”redirected $pieces[2]”);
header(”Location: ” . $HTTP_REFERER);
exit();
}
if ($lookup == “219.150.118.16″)
{
syslog(LOG_ALERT,”redirected $pieces[2]”);
header(”Location: ” . $HTTP_REFERER);
exit();
}
if ($lookup == “64.234.220.141″)
{
syslog(LOG_ALERT,”redirected $pieces[2]”);
header(”Location: ” . $HTTP_REFERER);
exit();
}}
Posting this code along with the IPs probably isn’t the smartest thing to do and the spammers will probably discover it eventually and change their IPs or find a way around the block. Hopefully someone smarter than me will just find another way to stop them. I can find their IPs, I’m very good at detective work and I can turn them in to their upscale provider but that will not stop them either. By sharing, others will benefit, even if it turns out to be a temporary benefit and the spammers will know that there will always be those who are willing to find a way to stop them.