I haven’t blogged much about webspam lately. Akismet kills most of it, so I’m not as annoyed.

But enter a new Wordpress installation. It took a few week for the first spam to arrive, and then I attracted a regular. Geez, that’s annoying. I hadn’t had time to do something about the spam yet, but it was starting to annoy me enough I took a closer look.

What I found was a lot of redirects to spammy sites from innocent third parties. Many of them from Bitrix installations, but judging from the URL’s, there are plenty of other susceptible redirect scripts. Here’s a sampling of code you could block in blog and forum software, and that would silently get rid of a lot of spam posts:.

external.php?url=http://
go.cgi?dest=http://
go.asp?url=http://
link.php?url=http://
links_ext.pl?http://
out.php?url=http://
rd?t=http://
redirect.cfm?trgturl=http://
redirect.php?goto=http://
redirect.php?url=http://

Another bad thing about these scripts, is that you could pick up a trojan by going to a site you thought was safe, if you didn’t notice that there was a redirect actually pointing somewhere else than the safe site the redirect script is sitting on.

This entry was posted on Monday, November 24th, 2008 at 1:06 pm and is filed under Redirects. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.