Read original blogpost which inspired this project: Semalt infecting computers to spam the web.
Self-updating PHP library which blocks hundreds of spammy domains from ruining your website statistics
| Bad domains | Last updated |
|---|---|
| 2433 | December 1st, 2016 |
Block referral spam with a single line of code. Originally started to stop the nasty Semalt botnet from visiting your site and ruining your stats (of course their domains are still included), the blocklist now contains hundreds of spammy domains. The library will try to self-update every week, so you don't have to worry about composer update's.
Looking for the blocklist only? No problem:
The blocklist is compiled from several sources. Currently:
| Source | Raw source file | Number of domains |
|---|---|---|
| sahava | https://raw.githubusercontent.com/sahava/spam-filter-tool/master/js/spamfilter.js | 417 |
| piwik | https://raw.githubusercontent.com/piwik/referrer-spam-blacklist/master/spammers.txt | 483 |
| stevie-ray | https://raw.githubusercontent.com/Stevie-Ray/apache-nginx-referral-spam-blacklist/master/generator/domains.txt | 1071 |
| ar-communications | https://raw.githubusercontent.com/ARCommunications/Block-Referral-Spam/master/blocker.php | 376 |
| flameeyes | https://raw.githubusercontent.com/Flameeyes/modsec-flameeyes/master/rules/flameeyes_bad_referrers.data | 936 |
| semalt-blocker | ../domains/additional | 1 |
| desbma | https://raw.githubusercontent.com/desbma/referer-spam-domains-blacklist/master/spammers.txt | 1700 |
We've added a tool to check whether your site blocks spammy bots. You can find it in the repository and online at: nabble.nl/semalt
This is the easiest method, but requires the use of Composer. Add semalt-blocker to your project by running the following in your terminal:
composer require nabble/semalt-blocker:~1Then in your project add (but you probably already have this):
require "vendor/autoload.php";Not using composer? No problem, copy the files domains/blocked and compact/semaltblocker.php to the same
directory in your project and add this line:
require "/path/to/semaltblocker.php";It's as easy as:
use Nabble\SemaltBlocker\Blocker;
Blocker::protect();
// ... your appMake sure you add it somewhere at the beginning of your code, it will save you!
In order for the self-update mechanism to work, make sure the domains/blocked file is writable by the webserver:
$ chmod a+w vendor/nabble/semalt-blocker/domains/blockedBlocker::protect(); // default, serve a 403 Forbidden response
Blocker::protect('http://semalt.com'); // return them their own botnet traffic
Blocker::protect('Hi, bot'); // displays a nice message when blockedAll calls to the protect function will trigger the auto-updater at a regular interval.
If you want to stay in control even more, use this:
$blocked = Blocker::blocked(); // returns true when a blocked referrer is detectedIf you want an explanation for why a referer is blocked, use:
echo Blocker::explain();The self-updater runs every 7 days by default. To force updating the domain list, use this:
use Nabble\SemaltBlocker\Updater;
Updater::update(true);Yes, please! Feel free to open issues or pull-requests.
MIT