Note if you just click the link www.sirimo.co.uk you get the site, but if you open it in a new window you get the error.

Sirimo,

Tried the link (which opens by default in a new window), bookmarking your site, read the "new host" entry and linked to the photo that john had troubles with on the 14th ... it all looks good for me. (IE6)

Can't seem to duplicate the problem.

-stk

worked fine for me in a new window as well. I dunno.

What happens if you type the address in manually ? Or access the site from a bookmark ?

I've tried editing _main.php in /b2evocore from :

/**
 * Check for referer spam:
 *
 * (Inspired by Isaac's hack. Note: this is done differently in phoenix)
 */
if( empty($HTTP_REFERER) )
{	// There is no referer:
	if( $debug >= 2 ) echo '<!-- ash:no_ref -->';
}
else
{	// we have a referrer:
	if( strpos($HTTP_REFERER,$baseurl) === 0 )
	{	// We are referring from our own site:
		if( $debug >= 2 ) echo '<!-- ash:self_ref -->';
	}
	else
	{	// We're not referring from ourselves!
	 if( ! $DB->get_row( "SELECT aspm_ID, aspm_string
	  		 	FROM  $tableantispam
	       WHERE ".$DB->quote($HTTP_REFERER)." LIKE CONCAT('%',aspm_string,'%')
	       LIMIT 0, 1", OBJECT, 0, 'Advanced check for referer spam' ) )
		{	// Referer is not matched by antispam blacklist:
			if( $debug >= 2 ) echo '<!-- ash:ref_not_spam -->';
		}
		else
	  {	// THIS LOOKS LIKE REFERER SPAM!!
			require dirname(__FILE__).'/_referer_spam.page.php';	// error & exit
	  }
	}
}

To:

/**
 * Check for referer spam:
 *
 * (Inspired by Isaac's hack. Note: this is done differently in phoenix)
 */
if( empty($HTTP_REFERER) )
{	// There is no referer:
	if( $debug >= 2 ) echo '<!-- ash:no_ref -->';
}
else
{	// we have a referrer:
	if( strpos($HTTP_REFERER,$baseurl) === 0 )
	{	// We are referring from our own site:
		if( $debug >= 2 ) echo '<!-- ash:self_ref -->';
	}
	else
	{	// We're not referring from ourselves!
	 if( ! $DB->get_row( "SELECT aspm_ID, aspm_string
	  		 	FROM  $tableantispam
	       WHERE ".$DB->quote($HTTP_REFERER)." LIKE CONCAT('%',aspm_string,'%')
	       LIMIT 0, 1", OBJECT, 0, 'Advanced check for referer spam' ) )
		{	// Referer is not matched by antispam blacklist:
			if( $debug >= 2 ) echo '<!-- ash:ref_not_spam -->';
		}

	}
}

This solved the problem, but I guess will stop feeding the 403 page to the real spammers ?

I saved your file into "Favorites" and called it up from that. Also typed it in manually and also tried several internal links. All yielded your site without a glitch.

Guess I'm just not a spammer! ;)

Maybe your sitename is on the blacklist? (Or self referrals are not being identified as such?) Dunno.

Good luck.

Disabling the referral check for spammers would be one way of solving the problem! Don't know what we do, as the referral to "Phoenix" is doubtful any part of our current "Amsterdam" release. (Am waiting for stable Phoenix before we migrate up).

-stk

I removed the code above to stop the errors. I've had a number of people contact me regarding the errors, and I felt it was better to get the site back working for the visitors first.

The problem is still there if the code is put back.

Sirimo,

Sounds like you've identified WHERE the problem is, just not WHY. I agree. Do what's best for your visitors first.

Fighting SPAM is all good, but not when (1) you don't get much (any?) or (2) it gets in the way of the visitor's experience.

Based on the comment in the code you posted (that it's handled differently in the upcoming "phoenix" release), I'd say leave things as they are till the new release and *hope* that, when you upgrade, the issue (whatever it is) has been resolved.

In the meantime, hopefully you won't get much referral SPAM.

Cheers,

-stk

Sirimo wrote:

I removed the code above to stop the errors. I've had a number of people contact me regarding the errors, and I felt it was better to get the site back working for the visitors first.

The problem is still there if the code is put back.

Same problem here - I cannot post or edit posts without having all URLs labelled as invalid. Users and admins are getting the 403 referred by spammer error.

Ryan

http://realflorists.flowerchat.com

flowerchat,

flowerchat wrote:

I cannot post or edit posts without having all URLs labelled as invalid.

flowerchat wrote:

Sirimo wrote:

I removed the code above to stop the errors. I've had a number of people contact me regarding the errors, and I felt it was better to get the site back working for the visitors first.

The problem is still there if the code is put back.

Same problem here - I cannot post or edit posts without having all URLs labelled as invalid. Users and admins are getting the 403 referred by spammer error.

Ryan

http://realflorists.flowerchat.com

I blew out the entire antispam list, and that seemed to do it. I'll rebuild the list slowly and see what tag causes the problem.

flowerchat,

flowerchat wrote:

I cannot post or edit posts without having all URLs labelled as invalid.

First, are you sure that it's "all" URL's, or just some? I don't think that the system really says WHICH URLs are causing the problem, just that there IS a problem. Big difference.

Try this hack I made. For your post editing, IF you get an "invalid URL" warning from the HTML-checker, it'll tell you WHICH URL is causing the problem. That might help.

Here's the link ... [url=http://forums.b2evolution.net/viewtopic.php?t=5291]http://forums.b2evolution.net/viewtopic.php?t=5291[/url]

I'm still not certain about the spammer referral thing. It *might* be that your users are coming from a domain that has been included in the blacklist, so the system *thinks* they're spammers and denies them access. I'm not certain how you can track that, but if you could ... you could delete that one entry (or more) entries from the blacklist and the problem would go away.

Another thought ... you could test by flushing the anti-spam blacklist so that it doesn't contain ANYTHING ... then try to access the site and see if that makes a difference. If yes, then it's a blacklist entry issue. If no, then it's something else. EDIT - ACK ... my reading comprehension must suck, as I see you've already done this!

Another thought - my hack above will also identify URLs in your posts that are blacklisted, showing you exactly WHICH blacklisted word it's barfing on. Maybe you can use this in a backwards sense ... type in a website of one of the users that's getting the referral spam notice, into an entry, and see WHICH blacklisted word it corresponds to. -- *might* -- beat having to build the list from scratch?! :)

Don't forget to clear your cookies too, as I've often found that that helps the situation.

These are all just some IDEAS, as I've not had this problem before, so don't know the root cause.

Hope this helps.

-stk :D

Thanks - I'll try the hack this afternoon and see what that tells me.

Ryan