Referrer spammer caught
-
I’ve been keeping an eye out on referrer-spammer attempts, and I’ve ‘caught’ a big one. You’ll find this one under many domains, and he’s quite succesful – here’s a google search for one of his domains, but most texas-holdem spams are his as well. An interesting tactic (as you can see in above results page) is that ALL his referring domains, when you type them in the browser address bar, give a variant of an “this account is closed” page, to give you the feeling his hosting provider pulled the plug on him and you don’t have to take any further action. In reality, ALL his domains run on a single IP address. It’s useless trying to block the computers he’s using for his spam runs, as he’s using a zombie network that keeps growing.
So, I wrote a little code that I put a the top of my index.php, and will redirect all his referer spam to his primary website. That way, you’ll generate zero traffic for yourself, don’t run the risk that you link to him, and play around with his zombie net at the same time. Here it is;
if (strpos($HTTP_REFERER, ‘ttp://’) > 0)
{
$pieces=explode(“/”, $HTTP_REFERER);
$lookup = gethostbyname($pieces[2]);
if ($lookup == “161.58.59.8”)
{
syslog(LOG_ALERT,”redirected $pieces[2]”);
header(“Location: ” . $HTTP_REFERER);
exit();
}}
- The topic ‘Referrer spammer caught’ is closed to new replies.