It’s really a point of principle, rather than anything else. I have to fork out a chunk of money each year for hosting leyton.org, and part of that is to cover the bandwidth that is used. Whilst XCalibre are cheap for the UK, in the grand scheme of things I’m seeing better offers out there, and am starting to look around for another hosting provider, particularly one which offers a better deal regarding MySQL databases (the 5Mb quota per “instance” purchased or included in the package is to be perfectly frank, pathetic, especially given the otherwise generous quotas).
The principle I’m complaining about is the particularly loathsome habit on the part of the weblog spammers of referrer log spamming. This is where they are trying to get their websites mentioned on referrer pages, ie. weblogs which show where people have visited from. This is so easy to spam simply by writing a tool which fetches weblog pages repeatedly with their site in the referrer field. At first I thought it was harmless, but when you add up the sheer number of pages they fetch it really gets quite scary. It also polluted the count of how many people visit my website (at least until I installed a cookie based system, which they don’t affect). Out of the thousands of pages that are fetched each day from this site, only a quarter to a third are actually genuine people. The rest are spammers with entirely suspicious URL’s in the referrer field. This is a waste of my money, and I don’t like other people wasting what is mine.
I’m used to spammers trying their loathsome tricks to publicise entirely awful websites, be it porn, poker or goodness knows what else. I’ve measures in place to battle it and make the tiresome task of deleting it a little easier. But it’s the fact that they’re sucking my bandwidth away for absolutely no good reason that bugs me. I don’t even publish referrer details!
A spot of googling turned up some serious .htaccess toolset to at least cut the basic referrer log spammers which I’ve deployed which has - so far - cut things down quite substantially:
SetEnvIfNoCase Referer dodgyurl.com spammer=yes SetEnvIfNoCase Referer somethingelsedodgy.com spammer=yes SetEnvIfNoCase Referer poker spammer=yes SetEnvIfNoCase Referer holdem spammer=yes order allow,deny allow from all deny from env=spammer
The risk of course is that it’s only a matter of time before they change the URL’s, so I’ll be in a never ending battle which I have no hope of winning. But at least it’s a start. I’m also benefiting somewhat from the recent move to Wordpress. The spammers don’t seem to have realised that the posts to my old movable type installation are no longer valid. But seeing old posts to an old php calendar system I put up (and took down) over a year ago are still coming in, I suppose they’ll keep at the old URL’s for quite some time. Still, at least I’m getting what I think is a well-earned break from the task of deleting spam, and have managed to bring it under control at least in the short term.
