|
Mojo -> How to Log File Spam (10/11/2005 0:07:40)
|
Many people have unknowingly linked to competitor or spammy sites – I’m sure it happened today to some OF members. How?
Referral Spam. Referral spam is when a site appears in your log files as having referred visitors to your site –when in actuality it never referred anyone and doesn’t even have a link to your site.
Why? Log file spamming is done to sites that (usually) have their stats package publicly available. Search engines index these files and take notice of the referral sites listed in many stats packages. In most cases, these referral sites are listed as a link back to the site where the ‘visitor’ came from.
This used to be a method of gaming out the search engines so they would think your site was more popular due to all the backlinks. In some cases, it still works, but it’s outdated and doesn’t really work by itself any more, but some of you may find how to log spam…. interesting.
If I were to do this I would use a computer that is connecting to the internet from a dial-up connection or at least a connection that I don’t normally use.
Step 1 – find an alternative internet connection.
Next you’ll need to find sites that are using stats programs that are open for public (and search engine) viewing. There are many ways to find these sites, but the easiest is to run a search for phrases that are common to these open stats programs. Here are two search queries to start you off:
Usage Statistics
inurl:cgi-bin/awstats
Step 2 – fill a database with URL’s for open stat sites. I wrote a separate program to scrape the results so I could grab an entire page worth of URL’s with a single click.
Step 3 - Write your own log file referral program or just follow along to a simple one I wrote:
quote:
Function logRef(url)
If Left(url, 4) = "www." Then
url = "http://" &url
Else
url = "http://www." &url
End if
Here I begin the function. I am also cleaning up the URL’s. The rest of this Function is the code that pushes your site as a referring URL to the targeted open stat site.
quote:
For i = 1 To 11
Set the number of times you want to make it look like your site has sent visitors to the target site. I have it set at 11. It is best to change the number around each day.
quote:
set xmlhttp = CreateObject("MSXML2.ServerXMLHTTP")
on error resume next
xmlhttp.open "GET", url, false
xmlhttp.setRequestHeader "Referer","http://www.example.com"
We’re requesting the target page in this bit of code. The url variable is populated with a URL from the database. That code is passed through the function.
The line with “Referer” is the line where you identify the site you want to appear in the log files of the target site.
quote:
xmlhttp.send ""
if err.number <> 0 then
WScript.Echo("Url not found: " &url)
Exit for
else
wscript.Echo("done" &url)
end if
set xmlhttp = Nothing
'Call closeAll()
'WScript.Quit
Next
End Function
More code to finish the function. As I’m running this as a WSH file (Windows Scripting Host) I just double click the file icon to run the program. I also have the program output the results and I am running it within PrimalScript – which is not necessary.
quote:
Set oConn = CreateObject("ADODB.Connection")
oConn.ConnectionString = "Provider=Microsoft.Jet.OLEDB.4.0;Data Source=C:\Documents and Settings\xxxxxxxxx\My Documents\access files\logSpamming.mdb"
Typical database connection to an Access database residing on my hard drive. This is the database that you would have filled up with targeted URL’s.
quote:
sSQL = "select [domain] from logS where id NOT IN (36,37,38,39,40)"
The SQL statement. I am also not including several domains/url’s in the query. You should add this to the database to make it easier to manage.
quote:
oConn.open
Set oRS = oConn.Execute(sSQL)
Do While Not oRS.eof
More database stuff.
quote:
logRef(oRS(0))
This is the money shot. This is where the code calls the function (logRef) and passes the target URL to the function
quote:
oRS.movenext
Loop
Call closeAll()
Sub closeAll
oConn.close
Set oConn = Nothing
End sub
Finishing up with the code. Note that you loop through each domain in the database and then you look through each domain a predetermined number of times that you specify (currently set at 11). I can take a while to complete the program if you have many URL’s and set the loop too high.
This whole operation would be much slicker if all aspects were database driven.
Now, let's look at a couple of things you can do to help prevent log file spamming.
The first thing you should do is to lock down any publicly available stats packages on your site. I don't feel bad for sites that get hammered by log spam when they have their stats program set to allow anyone, including search engines to come and look at them. That is just too tempting.
Most people will start to block the IP addresses of the log spammers, but why stop there -that's no fun.
When you identify an IP address that's sending referral spam add it to a database of other targeted IP addresses.
If you're on a Windows Server you can do something like this:
pimpslap = request.ServerVariables("REMOTE_HOST")
if pimpslap = "214.130.5.54" then
response.Redirect("http://127.0.0.1")
end if
Change the 214 IP with the target IP - I would run this off a database anyhow so the IP should be a variable. This code needs to be before anything else on the page. This is giving a 302 redirect of the target IP address back to the localhost - their own machine. They hit you - you hit them back. The global.asa file would be where I would put the code.
For a more harsh redirect try sending them to 255.255.255.255.
Alternatively, you could redirect them to your own script and really start to mess with them.
You can do the same thing on unix, but that's not my thing.
|
|
|
|
