Fake away
I meant to respond to whoever sent me the referrals from http://referers/are/easy/to/fake/, but I see that Les said it better:
You can kick my house over, walk by, or help me lay bricks. In any case, the house will still get built as long as I still like building it.
My referral script (coming along: it currently works fine for the first referral only) is probably going to be fragile as hell, but then, so are comments with html allowed, and I’m not going to stop doing that, either. So far, my only checking is to grab a copy of the referring page (well, up to one MB of it: keep those links up toward the top, please) and check to be sure that the path portion of the post occurs somewhere in the page. If it amuses you to send a referral from a huge page that includes “/archives/001234.php” in an HTML comment, be my guest. If you get really annoying about it, then I’ll do something about stopping you.
The idea, to check the existance of the own url in the referrer page is a very good idea!
I’ve gotten that referrer as well. Also, one that says ”I’m not telling :P” and ”Blocked by Outpost” or something. Whatever.
I get a lot of referrers that look something like this:
XXXX:+++++++++++++++++++++++++++++++++++++
where the number of plus signs vary. Does anyone know what they are?
Yeah, I get a few of those, too. Like some uppity bastard is too good to admit he referred us.
I’m pretty sure it’s some uppity bastard who’s too good to admit who referred him: it’s the browser that sends the referral, not the page. Chances are it’s just another popup/ad-killer. Lots of them kill the referrals as well, for whatever reason. The one I remember that’s nice enough to admit what it does is AdSubtract: the referrer is something like ”Blocked by AdSubtract”. In fact, most of the cloaked referrals you see, probably the person doesn’t have any idea that they aren’t sending a referrer, they just installed something to block ads.
One of the filters that is available in The Proxomitron blocks referrers. When I’ve got it on, it’s interesting to see that some sites stop working properly. These sites use server directives to make sure that images and such only load if the referrer is their own server.
The idea behind it is to make sure that no one is wasting their bandwidth by calling the images from other Web sites, but it just seems like a bad practice to me. All they are doing is increasing the likelihood that a visitor to their site will have a bad experience.
In addition products that block or munge referrers, there are browsers out there that are just plain broken and send incorrect referrer headers.
But I digress.
XXXX:+++++++++++++++++++++++++++++++++++++ is not a fake referral attempt. It is an attempt to cause your server to go awry. Running a long string request messes with some servers (IIS, I believe)