I haven’t had a chance to rename my comments script yet, and since I removed the .htaccess block on the script (due to many legitimate visitors being blocked) and I have not found a .htaccess script to keep referral spam out, spammers have had open access to both areas–though MT-Blacklist has done a great job of keeping out 99% of the comment spammers. Still, it’s not nearly enough.

The primary damage is to the access logs, which thanks to the spam are completely meaningless. There have been over 6000 hits on the comments script in two weeks, meaning 430 attempts are made to access the comments on any given day–and at most, I get 10 legitimate comments a day. My blog activity log shows the hundreds that are blocked every day. This bloats the number of counted visitors to the comments script, but probably not too much the number of total unique visitors, because they tend to use one IP address to spam with. When I had successfully blocked their access to the script, the number of spam that arrived were almost nil, but the daily visit numbers did not change much.

The referral spam, however, is another story. They must use IP spoofing a lot more. It used to be that one, maybe two or three referral spammers would show up in the top-25 logs, hitting my site maybe a dozen or two times a month. But now the top-25 list is nothing but spammers, the least of which has deposited 86 fake hits on my site. The worst by far is some place called “Burnhams” which by different referring URLs within their main site have hit me 351 times. The top 25 referrers have hit me a total of 2,691 times. 85 of the top 100 referrers are spammers, totaling about 4,000 hits. And the month is only half over.

I have got to get on top of this. It’s not just the destruction of my referral logs, it’s the principle of never giving a spammer a break.

If anyone out there knows of a way to purge access logs of identifiable spammers, I’d appreciate a tutorial…. this would, without a doubt, be a popular new piece of software. Something with a simple interface which would scan the logs and present a list of all referrers, with a check-box by each one; check the boxes next to spammers and click “delete and block,” and the script would edit out the hits made by each one and modify the .htaccess file to keep them out, then allow AwStats to recalculate the logs; maybe a central blacklist of referral spammers could be kept and updated. In other words, something like MT-Blacklist for referral spam. Maybe I’m asking for the impossible, maybe it would just be too much work to keep it up, for too little return.

But for me, it would be sweet.