Author Topic: Click throughs from unwanted sites  (Read 13665 times)

0 Members and 1 Guest are viewing this topic.

May 18, 2009, 04:31:49 pm
Read 13665 times

adminguy

  • Newbie

  • Offline
  • *

  • 4
I recently launched two websites and I am finding that on viewing the stats for the site I am getting adult/dating sites in the list of referring sites? What is going on, should I be concerned and how can I avoid this?
I have been placing these sites in an IP deny list but expect there will be others.

May 18, 2009, 05:41:38 pm
Reply #1

MysteryFCM

  • Administrator
  • Hero Member

  • Offline
  • *****

  • 1693
  • Personal Text
    Phishing Phanatic
    • I.T. Mate
Have you looked at any of the referers to see if they actually reference your site?
Regards

Steven Burn
I.T. Mate / hpHosts
it-mate.co.uk / hosts-file.net

May 18, 2009, 05:57:14 pm
Reply #2

adminguy

  • Newbie

  • Offline
  • *

  • 4
Looked at a couple and did not find any reference to my sites.

May 18, 2009, 06:19:58 pm
Reply #3

MysteryFCM

  • Administrator
  • Hero Member

  • Offline
  • *****

  • 1693
  • Personal Text
    Phishing Phanatic
    • I.T. Mate
In that case, chances are the referers are faked, and the "visitors" are bots (without seeing the logs, it's a little difficult to do anything more than speculate).
Regards

Steven Burn
I.T. Mate / hpHosts
it-mate.co.uk / hosts-file.net

May 18, 2009, 08:45:35 pm
Reply #4

adminguy

  • Newbie

  • Offline
  • *

  • 4
You may be right about the bots since they register as just hits without pages. Is there any cause for concern?

May 18, 2009, 08:51:54 pm
Reply #5

MysteryFCM

  • Administrator
  • Hero Member

  • Offline
  • *****

  • 1693
  • Personal Text
    Phishing Phanatic
    • I.T. Mate
At this point, I'd just monitor their activity. If you notice their behaviour beginning to lean toward SQL injection attempts etc, then you'll need to start recording their activity and ensure (I'd recommend doing this anyway) your code is not susceptable to injection or exploit.
Regards

Steven Burn
I.T. Mate / hpHosts
it-mate.co.uk / hosts-file.net

May 18, 2009, 09:04:59 pm
Reply #6

adminguy

  • Newbie

  • Offline
  • *

  • 4
Thanks Steven, I will keep an eye on this. Currently have no database applications running so I might be OK re Injection Attack.

If these are bots, why are they showing up as undesirable type sites? If I was going to camouflage a bot I would disguise it as something benign. What is the bot up to? Harvesting email addresses?

I have also checked all my site links and they all go to the correct URL.

May 18, 2009, 09:07:53 pm
Reply #7

MysteryFCM

  • Administrator
  • Hero Member

  • Offline
  • *****

  • 1693
  • Personal Text
    Phishing Phanatic
    • I.T. Mate
Likely scraping or harvesting.

Alas bots and their creators aren't known for their logic, so I've not got an answer as to their faking the referer.
Regards

Steven Burn
I.T. Mate / hpHosts
it-mate.co.uk / hosts-file.net