[vox] [OT] reffering sites

Daniel Nelson packetcollision at gmail.com
Fri Jan 11 13:38:19 PST 2013


On Friday, January 11, 2013 at 12:27 PM, jimbo wrote:
> I check to see who is referring me and find a lot of UK sites doing this.
> So I go to these sites and find no link to mine, even in source code.  

> So here I am asking this group. I know that some of the smartest minds are 
> within this group. My main questions are why are these sites doing this and 
> how are they doing it?

The "Referrer" header is sent along with any requests that are made by clicking on a link from another site, but here's the thing, you can fake the referrer. I haven't checked it recently, but a few years ago I would see referrers listing porn sites quite frequently in my logs. The idea behind this was, I think, that some sites show a list of the sites that people most frequently come from, which is based on the data in the referrer logs. If a shady site can have a bot make enough connections to your server to get into the top-ten referrers list on some popular site, it might net them some good free traffic, or even improve their page rank.

As an Example of how easy it is to spoof referrer headers, here's a command that will tell google that "example.com" is sending them traffic:
$ curl --referer http://example.com http://www.google.com
 
-- 
Daniel Nelson

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.lugod.org/pipermail/vox/attachments/20130111/22827181/attachment.htm 


More information about the vox mailing list