Yesterday, when I logged into my web hosting account to check my website stats (statistical information on the behavior of website users), I found an unusually high number of referrals from the domain “readrun.com”. When I visited this website I found it to be very doubtful. The site was called “Canadian Pharmacy” and was selling various drugs.
By now it was clear to me that this website did not really refer my site. Instead it has sent many fake referrals with fake referrer information, tricking my website to believe that a visitor has come from “readrun.com”. These fake referrals were logged by my website stats program which interpreted them as a genuine requests.
A genuine referral only takes place via a hyper link. Genuine referrals are important to increase the page rank of a website (ranking given to a website by a search engine).
Sending fake referrals is known as referral spamming. Referral spamming is done with two intentions in mind.
1. Increase traffic
Many webmasters will be interested in finding out who referred their website. Out of curiosity they visit the spammer’s website. This way the spammer is getting more traffic to the website. If the spammer’s website looks credible enough some might get tricked into buying products and services from that website.
2. Creating more back links
Referral stats for your website could be recorded in log files. Depending on how your web hosting account is configured these log files can be publicly accessible. When the log files are available on the Internet, search engines will index them. As a result the spammer is getting more back links to the spam website. Back links contribute to the page rank of a website.
To see how successful the spammer has been in achieving these two objectives, I did the following tests:
- I checked the Alexa rating for “readrun.com”. It had a ranking of 189,193. This ranking is very high given that the domain was only registered a month ago (see point 4).
- I searched Google for the keywords “readrun.com” and “awstats” (awstats is the name of my web statistics program). The first 10 pages of Google search results came up with awstats logs from various websites.
- Checked Google page rank for “readrun.com”. Google did not have any page rank for this site. Looks like Google is smart enough to detect this as a spam website.
- Checked whois entry for domain “readrun.com”. The domain name was register on February of 2008. The contact information on the domain name looked very bogus.
How to avoid referral spamming
- Keep your log files private. Do not make them publicly accessible. This way search engines will not find them. Therefore search engines can not crawl to the spammer’s website (since there are no back links).
- Blocking major well known referral spamming sites using the IP address.
- Have special code to check back whether the referrer link actually exists.
- Using special code to identify fake or automated referrals.
Have you been a victim of referral spamming? Do you have any tips on preventing it? Please feel free to share your thoughts and comments.