First, I'd like to point out that the misspelling of "referrer" in the title is intentional; that is how the HTTP RFC spells it for the Referer: header. So before you fire off an email to me stating that I made a mistake and should stop complaining about grammar, I have warned you.
With that squared away, this page is basically a rant about referer spam and how to help fight it.
What is referer spam? It's when lowlife assholes bombard a website with known statistics pages that display referrer URLs with requests containing Referer: headers pointing to some porn site or other spam-ish venue. Then, when the stats update, they show the URL (which usually is innocent-looking) and the user clicks on it, generating traffic and ad revenue for the site. It is one of the sleaziest forms of advertising that I know of, next to spam, telemarketing, adware, and popup ads.
Basically, those lowlifes should be left on a mountainside to die somewhere with no chance of escape and no food or water. Actually, confinement in a welded steel box that has some air holes in it (but no food or water) would be a better method. Starvation ought to teach them a lesson.
They feel that they can use my private property as their own personal billboard. This is akin to seeing that your neighbour has no curtains on his windows and breaking into his house and putting an advertisement in his window (yes, bad analogy, but I'm tired, I have a cold, and I am only trying to prove a point).
There are many ways to fight this. I have employed a couple of measures that I found online to do so. The first consists of telling apache not to log requests when a certain environment variable is set. Here is the appropriate httpd.conf line:
CustomLog /var/log/some_access_log combined env=!dontlog
Then, in a RewriteRule directive (after a bunch of RewriteConds to do what you want), use the E= parameter. This is what I have:
RewriteCond %{HTTP_REFERER} .*(porn|xxx|mortgage|finance|viagra|virgin|ecard|in[cv]est).* [NC,OR] RewriteCond %{HTTP_REFERER} ^http://www.[a-z0-9]+-[a-z0-9]+-.*$ [NC,OR] # not trying to be unfair to the Polish, but they do have a few miscreants in their country: RewriteCond %{HTTP_REFERER} ^http://.*\.us.$|http://.*\.pl/*$ [NC] RewriteRule (.*) /cgi-bin/refconfirm.cgi?realsite=http://www.theamigan.net/$1 [R,L,E=dontlog:1]
I have it redirect to a CGI script that uses a little javascript to confirm if the person exists. If not, it gives them a few choice words.
This system still hasn't proven to be 100% effective, but it sure helps. I'm refining it with each and every jackass that attempts stupid stunts like spamming my stats.