Moderator
James Huff
(@macmanx)
Volunteer Moderator
It’s a form of referrer spam. Not a common form, but I have seen it on a few other sites.
In referrer spam, visitors or simple bots spoof their referrer to be something like a porn site for instance, assuming you’d be gullible enough to visit.
I believe this form of spam is a poor attempt to sort of disguise the above tactic. They’re probably spread by sites that are in the first page of Google results for those keywords.
Hello Tixrus, I definetely agree with James. One thing you could do is to block the IP of the referrer spam bot, but I guess that would only be a temporary solution!
Thread Starter
tixrus
(@tixrus)
Not getting any obvious porn sites in referrers in Google Analytics or in wp stats. However that porn term plus a couple of others did show up in my list of “terms people searched for to get to your site.” both in WP-stats and GA. So that means it is not a wp-stats issue. One of my referrers however is a proxy and people are also looking for the name of the proxy to find my site. So that’s probably where all this crap is coming from. My visitors don’t see any of this and the site is not compromised AFAIK.
I understand referrer spoofing quite well, but I’m not sure how I would make “hot wet pu**y” show up in the search term list for “Barney the Dinosaur website.” are you saying that the bogus search term comes in as part of the spoof URL?
Sigh. Guess I better go grep the raw logs.
Blocking IP’s is not a game I want to play.
Thread Starter
tixrus
(@tixrus)
Yep I found the offending line in the server logs. As you expected the initial referer was google with all sorts of crazy encoded stuff after it. I’m not going to worry about it too much. They are just messing with ME, but really not with my visitors AFAIK. Or is there ways that stuff can get out?
