Login to download the latest version of Mint and your favorite Pepper, purchase additional licenses, or post in the Forum. Don't have an account? Create one!
I’m starting to get hit with referrer spam (not the microsoft/live/phx issue from this summer, see this link http://en.wikipedia.org/wiki/Referer_spam). I understand the principle but my Mint installation is not public. You can’t get to it without a password.
is the solution as simple as putting index-no-crawl in my mint directory?
is the solution as simple as putting index-no-crawl in my mint directory?
What are you trying to solve? That wouldn’t prevent referrer spam, it prevents the spammers from benefiting from spamming you except as you noted, Mint is password protected so they see no benefit anyway. What kind of referrer spam are you getting?
I am getting dozens and dozens of searches for prescription drugs showing up in my referrer logs. it started out as just a few, but the number is going up every day. it increased so drastically that I was convinced someone had hacked into the site and created pages that had these search terms on them. of course that was not the case.
i know that referrer spam is an old problem but it was not a problem i had ever had until recently.
the terms are varied and not consistent and not all coming from the same IP address, writing a filter to keep up with it would be a full-time job. but it’s crowding out valid referrers.
anyone else having this problem?
when i google “mint” and “referrer spam” all i get are all these articles telling me how amazing mint is because it ELIMINATES referrer spam.
not if you look at my search logs it isn’t. =(
Just to clarify, you aren’t seeing actual referrer spam (when another unrelated site, other than a search engine, appears to link to your site but isn’t really) but search spam (when search results for spammy words appear to link to your site but don’t really). That doesn’t make it any less annoying, but clarity helps in diagnosing and solving the problem.
An example of the terms and their urls would be most helpful.
Thanks, Shaun. Sorry, search spam - when I asked for help in another forum they told me the problem was called referrer spam.
Here’s some examples. I have added anything with a consistent ip address to the exclude panel already:
Cleansing Marijuana with Cranberry juice: http://search.myway.com/search/GGmain.j … t=RR&cb=CI AND att.net/s/s.dll?spage=search/resultshom … ry%20Juice
Vicodin Dosage: http://search.comcast.net/?q=VICODIN%20 … &offset=10
tussionex ext charter.net/google/index.php?q=tussione … me&submit=
phentermine 37.5 http://sads.myspace.com/Modules/Search/ … 037.5&s=10 AND myembarq.com/google/index.php?start=10& … c=homepage
fast detox: http://search.comcast.net/?q=fast%20det … &offset=10
ketamine for sale: http://linkedwords.com/websearch/index. … for%20sale
free plavix: att.net/s/s.dll?num=10&spage=search%2Fr … =19&sm.y=8
cocaine videos: http://pesquisa.sapo.pt/search?base=Goo … s&limit=10
windex high: http://72.14.205.104/search?q=cache:rlf … cd=4&gl=ca
vicodin dosage: http://search.comcast.net/?q=VICODIN%20 … &offset=10
zyrtec weight gain: http://search.comcast.net/?cat=web&con= … &offset=20
lortabs online: http://search.comcast.net/?q=lortabs%20 … &con=betaa
phentermine online: http://search.comcast.net/?q=phentermin … &offset=20
ortho nova: http://72.14.205.104/search?q=cache:Nux … cd=2&gl=us
buy phentermine: att.net/s/s.dll?spage=search/resultshom … 0&start=20
and about a dozen or so AOL searches that I can’t see the search queries for. i don’t want to click on them all, but:
hydrocodone high blood pressure http://aolsearch.aol.com/aol/search?enc … r&ie=UTF-8
is one example.
Are these terms showing up in your Searches pane or just the Referrers pane?
Here’s the thing, if I take any of the terms listed above and search using Google, some url on your site is listed among the results—sometimes as the first result, other times I need to specific site:metsgrrl.com to find it among the results. So these are valid referrers. What’s not clear is how your site is being manipulated (and to what effect) to have this happen.
Has your site been recently compromised? Have you checked with your host?
There’s nothing hidden in what I can see of your source code using view source. Have you checked the files on your server? I wonder if someone has added code to the pages that only appears when the user agent is a search engine crawler?
i have checked with my host. there is no sign of compromise. i’ve been advised to stdart by looking at .htaccess and then mint.
i uninstalled mint and it has completely hosed my site. completely. I don’t understand how, but it has. i followed the instructions, deleted the files, removed the reference in .htaccess.
…and it wouldve helped to remember to remove the line from index.php, which I’ve now done.
shaun, if this gets figured out i’ll let you know. for now there does not appear to be a security breach.
it seems i’ve started to have the same problem. i realized in my referral logs in my cpanel that a lot of hits were coming from my mint dir. as if a spambot was installing pages all under the /mint/app/paths/install/.misstat/ folder. i google dears.net/mint and i got results pointing to these pages that dont seem to exist. my mint is private and not viewable by public either. it was getting so bad that i’ve getting hit with like 80 of these invisible pages at a time. i had to temporary delete my mint folder. any idea why this is could happening or maybe it has nothing to do with mint?
example :
/mint/app/paths/install/.misstat/casino325.html
Http Code: 404 Date: Oct 06 06:22:04 Http Version: HTTP/1.1 Size in Bytes: 8007
Referer: -
Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; CollapsarWEB qihoobot@qihoo.net)
/mint/app/paths/install/.misstat/casino326.html
Http Code: 404 Date: Oct 06 06:22:12 Http Version: HTTP/1.1 Size in Bytes: 8007
Referer: -
Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; CollapsarWEB qihoobot@qihoo.net)
/mint/app/paths/install/.misstat/casino327.html
Http Code: 404 Date: Oct 06 06:22:31 Http Version: HTTP/1.1 Size in Bytes: 7741
Referer: -
Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; CollapsarWEB qihoobot@qihoo.net)
A spambot cannot install files on your server. Were hits coming from files or requesting files in your Mint directory? In either case your logs clearly indicate that the files being requested did not exist (hence the 404). A look in your Mint directory on your server would also have confirmed this. You were most likely just experiencing pointless referrer spam.
I haven’t looked at myMint for a week or so, but I checked it 5 minutes ago and even though it’s not public, it’s been plastered with vile keywords. Not going to repeat them here but take every spam email subject line you’ve ever seen that includes hints at every type of fornication known to man and woman, bunch them up and paste in every area in the “Minterface”, above the real data, and you get an idea. I have no idea how they got it in there — hacked the database? As I said, my Mint is not public, it’s password protected.
Question is a) how do I get rid of it, short of napalming the db and reinstalling everything? and b) how the f*** did the f***ers get their crap in there?
Shaun — if you need it I can send a screengrab it’s probably more illuminating than my poor description, but I won’t post it here.
Help, thanks?
Never mind, I found the source. The bastards (pardon my French) used yahoo_map.xml to inject bile in every single on of my index files, including one named old-index, go figure. This includes the index.php file in the mint installation obviously, if anyone’s interested. So it’s not in the db as far as I can tell, but in every physical index file. Which is good, now I can sue my host for a gazillion bucks! j/k
You must be logged in to reply. Login above or create an account