referral spam from random wordpress blogs

i got an interesting hit like that in my logs today. was one of them a christian web site by chance???

IN Fact, know that ive looked I have 3 referers, none of which have ANY link to me on thier site, AND all the blogs are running wordpress … version check from the header is next.

https://obfuscated.net/index.php?p=230 is in my referers … NO link, its an old post, and theyre running 1.2

https://www.timesandseasons.org/wp-comments-popup.php?p=1895&c=1 is in my referers, its an old post, and I have no clue what version but its definitely WP.

the 3rd one links to me :))) Atleast i was wrong in a good way

It’s easy for spam bots to spoof referrers. My guess is that as they swim through WP blogs, posting spam comments and trackbacks, they take with them a URL from the blog they last visited and use it as a referrer when accessing your site. This would help them by pass the popular technique of blocking a list of known spam referrers with .htaccess.

For example, I always block a list of spam referrer URLs via .htaccess, but I can’t (nor do I want to) block all referrers. So, using referrer spoofing, the bot finishes it’s spam posting at https://obfuscated.net/index.php?p=230, and uses https://obfuscated.net/index.php?p=230 as its referrer when entering my site. This allows it to bypass my blocked list of spam referrers.

I highly recommend enabling this plugin: https://www.ioerror.us/software/bad-behavior/

It will be a long time before you notice any spam bot activity after activating it.

nm. i wont bother.

What the fuck, Whooami? Honestly, what the fuck is your problem.

I’m not.

This was totally interesting to me, and makes a great case for using something like “badbehavior”

call me polyanna for being a cheer leader, that’s fine. I look even cuter in a pleated dress and braids.

referral spam is a huge issue right now in terms of php performance, page load times, spam reporting, blacklisting, and all kinds of serious background BS that is of (or really better be of) serious interest to all WP users…

keep up the good work bro!

F.

i edited my post because I didnt want to get into a back and forth about plugins.

“What the fuck, Whooami? Honestly, what the fuck is your problem.”

Ill let you moderate yourself. However if you must know, its that same ole’ “lock step” answer (get this plugin) most “gurus” on here like to toss out. I dont use any plugins, macmanx, and guess what, until today, I hadnt seen ANY spam in atleast 4 months. Not one.

As for your suggestion about it being a bot, thats a possibilty, however its a very new possibiltiy for me, and I find the timing coincidental at the very least. There is a spam posting on one of those pages, however there arent any on the other one.

Thats all, nothing less, nothing more.

PS: Work on those people skills macmanx, I didnt disrespect you in my reply.

I really have to agree about “Bad Behavior” (which is the best “blocker” I’ve seen). I’ve been using it for about a month now and I’ve seen a huge (and positive) difference. Give it a whirl ??

jennmiller rocks!

No plugins?!? I think I’d die without my 25+plugins (or maybe get a life….) I don’t know anything about .htaccess or php or anything computer-related, really. I have to rely on the “quick and easy” method of plugins/hacks (or mods as I think they are now known). It’s just a fun thing for me, trying out new things with my site. I don’t think there’s anything wrong with plugins, but if you have the knowledge to make a site without them, that’s great too.

And thank you, dss. You’re spiffy, too ??

However if you must know, its that same ole’ “lock step” answer (get this plugin) most “gurus” on here like to toss out.

Really? Is that it? I really am sorry that I tried to help. From now on, I have a new answer. “Go figure it out and find a solution yourself, Asshole.”

macmanx is correct – I’ve just read a couple of blogs on this new technique. It’s just like the spam battle – drdave writes RK, io_error writes BB and the spammers up their game too.

nonononono, I use plugins, jen .. just NO spam plugins. its all in the htaccess. thats WHY io-error’s plugin works so well. If I were to use one, it would be that one, for sure. Thing is though I wrote a little page that lets me edit it if and when I never to, which isnt very often these days.

macmanx, you were replying to the original poster, not me.. I didnt ask for help, in truth, which is why I edited my post, and which you seem to think gives you the right to act like a jerk. Since when are you above the rules of this forum?

I clearly hope you dont deal with all the people that irritate in such a manor. I assure you not everyone is going to agree with what you say, or how you say it.

its all in the htaccess. thats WHY io-error’s plugin works so well.

Just for a quick correction, Bad Behavior (ioerror’s plugin), never uses (nor does it ever touch) .htaccess.

Oh, oops, I didn’t mean to imply that it did…I have no idea how it works, just that it does *g*.

I’m sorry, Jennmiller, I wasn’t correcting you. I was correcting the Asshole (Whooami).

Asshole (Whooami), go sudo rm / yourself.