Semalt: How To Block Spam On IIS

Referrer spam has become a common and nasty threat due to a proliferation of new blogs in recent times. Just like comment and trackback spam, the referrer spam is designed to place links on an offending site with the aim of driving traffic and raising search engine traffic. Ordinarily, comment and trackback bots can be kept out using human verification methods such as kittenauth, captcha and spam lookup services including Askimet.

Unfortunately, referrer spam is a different kettle of fish altogether. This is because it does not seek to post links on a website directly. Instead, the bot relies on bloggers who love to post statistics on their sites about where their traffic is coming from commonly known as the referrer. These spambots hit your website with fake referrer which leads back to your site. Suddenly, blog owners start noticing live referrer statistics displayed on their sites with links back to strange websites. The bot does this repeatedly, and if nothing is done, the bots can take up huge amounts of bandwidth resources resulting in a denial of service (DOS).

Michael Brown, the Semalt expert, states that in best case scenario, bots will flood your logs with bogus data leaving you with no idea where your traffic is coming from. If you have been hit by these bots, here is how to block spam on iis:

ISAPI Rewrite

Webmasters who have been hit by the referrer bots are surprised to realize that they can keep the bots out by making changes in two lines at the top of ISAPI Rewrite httpd.ini file. Making these changes performs a case-insensitive check of the referrer of all incoming traffic against your list of known referrer bots. Once a match is discovered, no further processing is performed and a page not found (404) error code is sent.

#Block referral SPAM

#Add keywords between the () below and separate with |

RewriteCond Referer: .*(?:keywords|go|here).*

RewriteRule (.*) $1 [I,F].

To keep the bots out, fill in the brackets using keywords as indicated above from the referrer string and separate these with the pipe symbol. If bots are hitting you pointing to a site 1.marine.com and site2.marine.com, just enter the marine keyword. That will block any current and future attempts from sites with the word marine from hitting your site. Keep in mind that ISAPI Rewrite does not differentiate between a good referrer from a bad one. This means that any referrer with words matching what you have set will be blocked even if it is legitimate traffic.

Once you have set the filters in place, you will notice a change in your referral logs. If the bots have been hitting you really hard, there will be a significant reduction in system resource usage. Though ISAPI Rewrite to keep out referral bots may not be the most elegant solution to the problem, it is highly effective in keeping them out.

Bots are always evolving

Before you sit back and relax because you have managed to block spam on iis, keep in mind that bots are always evolving. Sooner or later they will outsmart your spam filters. To keep ahead of the bots, monitor your referral logs. If you notice any new referral spam sites coming up, add them to your list.