403 Forbidden
Posted by: Steve Jamieson in Site News, Technology, Villainy, tags: referrer spam, webserverIf you tried visiting my site in the past 24 hours you probably received a 403 Forbidden error. Last night I was apparently on the receiving end of a ginormous referrer spam attack. What’s a referrer spam attack, you ask?
Here’s how it works. Whenever you attempt to visit a web page, your browser sends an HTTP request to the server, which specifies the file that you want as well as some other information about your browser and such. If you request a page by clicking on a link, the URL of the document containing that link is sent in the HTTP request. Web servers log these HTTP requests and then log analysis tools can generate statistical reports.
My stats have been publicly available (if you knew where to look), and one of the parts of the reports is top referrers, so I can see where traffic to my site is coming from. The addresses in the referrer report are live links, so when Google’s web crawler indexes my site, it sees these top referrers as sites that I have linked to, which increases their PageRank score. Therefore, if a devious individual can have a bunch of zombie computers make a bunch of bogus HTTP requests with the perpetrator’s site as the referrer, this nefarious person can get a link to their site on mine and thus increase their web site’s rank in Google searches (or perhaps more likely the weight that Google gives to their site when determining the rank of the pages that others may pay them to link to).
I’ve known that this sort of thing has been going on for some time, but the referrer spam that I’ve seen has always been rather light—just a small (though not insignificant) percentage of the traffic on my site. Last night, however, my server was being hit so hard that the server was being overloaded and my web host had to block all web access.
You’ll notice that web access has been restored, although, for now, only if you enter the address directly. Referred traffic is still blocked, so trying to access my site from a link on another site will still be blocked. Perhaps I’ll go in and unblock some of the legitimate sites that I know link to me.
Entries (RSS)
November 30th, 2006 at 1:48 PM
Steve, that’s weird, and annoying.
I have a vaguely related question that you may or may not know how to deal with.
Several months ago I posted a picture of Conan O’Brien on my blog that I got from Google images. Ever since then, I get about 50-60 hits a day from people who are accessing that image from Google. I took the image off the page, but I guess it’s still in the file on the server. Maybe that’s not right but I don’t know how else to explain that I’m still getting the hits.
Do you have any ideas how to either block the hits from counting or to just get the image removed? I guess it’s not a big deal. It’s just annoying that my visitor stats are always way off.
November 30th, 2006 at 5:01 PM
poor Steve. evil spammers bad!
December 1st, 2006 at 7:00 AM
Thanks for unblocking me. I get here through the link on my website most of the time.
What a bummer!