Skip to content

Wordpress + Apache Referer Abuse

Wordpress

New version of WordPress available; get it or get hacked.

Referer Spam?

What do people here on Debian Planet do about referer spam?

I’ve seen several people mention using mod_rewrite with a massive list of keywords to drop bogus referers; but that just seems … doomed to failure over time.

I was considering a bayasian filter, or other learning AI system, to recognise valid referers by frequency count or similar. But I suspect that would fail too. (Since I’m getting 400+ bogus referers a day).

WordPress/MT plugins are no good, I’m getting the spam on virtual hosts. So something Apache-wide seems most useful.

The obvious approach is to see if the given referer actually exists, and contains a link to “my” page – but making a request back is going to cripple apache. So I guess that can’t work either.

Thoughts/Comments appreciated..