Recent Topics

1 Jan 03, 2005 16:22    

Stats should be removed or disable-able (through a configuration option). MANY b2evolution installations are assaulted by sites using fake referers just to boost their search engine rankings.

I've seen this mentioned a few times in the forums, and any of my friends using b2evolution that know what they're doing disable stats.

Thoughts? Comments?

2 Jan 03, 2005 16:31

This is not a bug. This is a feature request, and a nice one at that. The more that is controllable through the back office the better, even though it makes the back office get big and bulky.

I disagree that anyone who knows what they're doing disables that feature. I would say that anyone who knows what the spammers and the code and the they themselves are doing can leave it enabled without being 'assaulted' by spam bots.

3 Jan 03, 2005 17:28

EdB wrote:

anyone who knows what the spammers and the code and the they themselves are doing can leave it enabled without being 'assaulted' by spam bots.

I'd like to know more. How could one leave the stats page enabled without getting what I'll call "referer spam"?

4 Jan 03, 2005 18:07

I should have included this link in my reply, so I apologize for the (unintentional) tease.

http://b2evolution.net/man/2004/12/29/control_referer_spam_howto covers a simple change to your _main.php file that will eventually remove your stats page from the search engines. Searching for disp=stats is a common spammer method of finding your blog and tracking that they got listed. It will not block them from indexing the portion of the regular blog page that shows the top 5 by category, but the antispam table and a bit of diligence keeps that section clean.

The antispam table will stop the referer spam and comment spam from linking to undesirable sites.

5 Jan 03, 2005 18:15

Excellent. This is exactly what I needed. Thanks!

6 Jan 18, 2005 01:26

EdB,
We know that this is not a bug. Many webmasters do not know how to protect their sites against this. Even you are spammed by this: http://b2evolution.net/demo/blogs/index.php/a

I no not know witch webmaster wants his stat made available online. This "bug" can affect b2evolution.net users by getting their sites banned in search engines like Google and Yahoo. Linking to spammy sites can do this.

By disabling this script you will protect your users. Just supply the script with the modifications you suggested or made the links with java so they can not be followed by search engines.

Here are the latest referers from b2evolution.net/demo/blogs/index.php/a

online-poker.s5.com
texas-holdem.fly.to
kredite.fly.to
payday-loans.fly.to
private-krankenversicherung.fly.to
more...

Do you like linking to those sites?

7 Jan 18, 2005 02:27

I would go further and say that in the b2evolution distribution, and in ALL skins, public display of stats/referrers/etc. should be disabled by default. Anyone agree/disagree?

8 Jan 18, 2005 02:40

It is a feature that you can choose to use or not, much like every other feature in every blog app ever written. If you don't like it you take it out. If it's not there at all then you can't put it in. What about comment spammers? Should commenting be removed because it is spammable? Is commenting a bug?

I think a back office toggle for show stats or not would be great, but I also think a stronger initial version of the antispam table would be even better. Remember the antispam table addresses comment spam as well as referer spam.

By the way this is not my blog. I have 4 applications and two test sites. On one site I made the stats be a members-only function. On another the full stats are available (and if google banned me they did a bad job because they account for about 90% of my search referal traffic). On a third I display only the latest 100 search referals, and on the 4th I have no stats data at all. In fact I pulled log_hit() entirely out of it.

9 Jan 18, 2005 02:53

I agree with you, EdB. Improvements in the antispam functionality would help alleviate comment and referrer spam issues.

10 Jan 18, 2005 03:25

well, i don't show any referers besides the stats-pages, but i get every day hundreds of stupid referer-fakes.
it doesn't stop them just by disabeling them. they search for something with google and spam the first x entries.

11 Jan 18, 2005 21:38

EdB,

B2evolution is doing right now a big unservice to the Internet community. This spam is doing lots of wrong and unbalance the normal Link Popularity.
Other blogs understood this and fix the comment spam by using a link that do not pass PR: ?mt-gnerd-comments.cgi?__mode=red&id=1163?

Why don?t you do it also? There are lots of webmasters that do not have the knowledge to protect their blog.
Why is this script important? What normal webmaster would like to publish his stats?

Google will ban sites that link to spammy sites. Why don't you tell your users about this? Let them tell you what they think.

12 Jan 18, 2005 23:18

AffiliateLabs wrote:

... This spam is doing lots of wrong and unbalance the normal Link Popularity ...

Only if you choose to leave the feature intact and don't update your antispam tables.

AffiliateLabs wrote:

Other blogs understood this and fix the comment spam by using a link that do not pass PR: ?mt-gnerd-comments.cgi?__mode=red&id=1163?

As far as I know other blog apps do not have an antispam system that pools the resources of all the users.

AffiliateLabs wrote:

Why don?t you do it also?

I am not part of the dev team. As a user of this software I update my antispam table.

AffiliateLabs wrote:

There are lots of webmasters that do not have the knowledge to protect their blog.

It takes no knowledge of any kind to click a link and update your antispam table. Likewise for deleting/banning/reporting a spammer that hits you first.

AffiliateLabs wrote:

Why is this script important?

It's a feature. Why is translations to 20 languages important?

AffiliateLabs wrote:

What normal webmaster would like to publish his stats?

You are confusing webmasters with blog admins. A blog admin will choose to display stats or not based on the specific application. As I mentioned, I've chosen different models for different installations.

AffiliateLabs wrote:

Google will ban sites that link to spammy sites.

[url=http://www.google.com/search?hl=en&q=%22Go+back+to+skins.b2evolution.net%22&btnG=Google+Search]Apparently that's not the case.[/url]

AffiliateLabs wrote:

Why don't you tell your users about this? Let them tell you what they think.

Again you seem to think the skins site and this application are 'mine'.

IF google were to ban a 'spammy' site (which obviously isn't true) they would not ban any site I run because I update my antispam tables. I also add and remove other features as I see fit, and my users appreciate the stats info. How do I know that? I asked them and they said "oh that's cool".

This is not a bug and your blog is powered by blogger. The only thing you have to say on your blogger blog is that b2evolution has something you don't like and don't understand how to deal with. Maybe if you actually *used* the software you would see how simple it is to keep your stats clean. Whatever.

14 Jan 19, 2005 01:48

AffiliateLabs, having read your one entry on your site, I am tempted to to go edb's route and just dismiss you all together, since you dont appear to be running the software -- I wont simply because you *might* be using it elsewhere, as I am. Ive been critical of a few thing related to b2evolution, myself, however I have and continue to use the software.

That said, your logic is somewhat flawed.
From your site:

How to fight this spam?
Right now this one is working great on Google, MSN and Yahoo. The first thing webmasters can do is to remove the Recent Referers and the Top Referers form their blogs. No body cares about this and this looks totally useless.

removing the stats from public view does absolutely nothing to deter spamming. I have never had public stats and the people that used to mediavisor were hitting my site on average 10 times a day, with NO public stats

referer spam isnt just referer spam, anyway. you have oversimplified the problem. it is 2 things.
First, its primarily caused by sites that are attempting to insert comment spam, and dont or even do succeed. Thats what I was seeing alot of.
second, its plain old referer spam.

So you see, removing stats wont help anyone to deter comment spam, they will keep coming.
Second, your assumption suggests that spammers actually check to see if "site a" actually has public stats, they arent, and they wont. its ALL scripted.

No body cares about this and this looks totally useless.

Interesting but very ignorant, and arrogant as well.
I shouldnt need to point out that lots of people care about their stats, and not everyone finds them totally useless. I dare say you cannot speak for the 20 million or so that surf the web every day.

--------------------

Personally, i _recommend_ keeping stats private -- not because it deters tham, Ive proven to myself it doesnt, but because I dont want "them" to have that little grain of success. I also happen to think that sites that have referer spam listed on their sites look abnadoned and uncared for. Thats a personal preference though.

--

edb, b2evolutions user driven blacklist is fairly unique, however MT and wordpress both have plugins that accomplish the same thing. MT's plugin might even be standard in the install by now, Im not too sure.

--

One success I have had with the people that used to be mediavisor is to ban the user agent. I did this saturday, after deciding that that adding 4-5 new urls everyday to my growing htaccess was getting old. I have not seen a single line of spam in my apache logs since doing so.

16 Jan 19, 2005 18:27

http://forums.b2evolution.net/viewtopic.php?t=2822 and http://forums.b2evolution.net/viewtopic.php?t=2829 cover all the hackage you need. Note that none of this will stop them from doing the deed, and as kiesow pointed out they don't even care if stats are displayed or not. What it does is take away the primary benefit of their efforts - linkage counting in google (and apparently MSN and Yahoo). You will still want to keep your antispam up to date so that they can't get on in the first place.


Form is loading...