Recognizing and handling referrer spam
Recognizing and handling referrer spam
I regularly check my AWStats. I began to see many Russian URLS in "Links from external page". The URLs neither referred to my site nor had the remotest connection to site content. There was a roughly even distribution of Russian links, not the expected Poisson distribution. I contacted website support which assured me there was no problem.

The following month many URLs hit an unlikely page. A Google search for a few Russian URLs returned mostly referrer logs from websites with a wide range of unrelated topics. These logs contained many of the same URLs that were in my log. At this stage I discovered referrer spam. Referrer spam arises from IPs that visit your site and simulate client URLs. They hope you'll publish the logs enhancing client search engine ranking. I suspect that Google is on to this and that it may work primarily with Russian search engines.

A reverse lookup for IP addresses that frequent my site (multiple hits and "hits = pages") revealed several Ukrainian sites. Google showed them to be spammers. I blocked these IPs in the .htaccess file and voila!, Russian "links" stopped with a corresponding increase in "Forbidden" hits.

Since then spurious referrers occasionally appear and I've blocked many more IPs. Lookup of IPs on google generally reveals the bad ones. Project Honey Pot is particularly helpful.

Ultimate guide, Apache tutorial, Ultimate htaccess