Hello,
I would like to say first of all that I have the deepest respect for the
apache project. I love apache and we use it for all our web serving
purposes :) I am not writing this email to form a complaint but rather
to maybe inform, or create dialogue, if the case was such that the dev
team was not aware of a growing concern to some apache users (like me).
I believe the problem may just be with the http protocol, but perhaps if
the team can think of something for the inevitable future of web log
spam...
My customers are receiving an increasing number of false and deceptive
web logs entries. I understand that it is very easy to fake this type
of information. For example, on my linux box I can run a simple
scriptie like this:
#!/usr/bin/perl
open (URL_LIST, "url_list.txt") || die "can't open list: $!";
while ($url = <URL_LIST>) {
chomp($url);
system "curl -v -m 45
http://$url/http://www.my-weblog-spamming-company-4-u.biz -A
\"Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)\" -e
\"http://www.google.com/search?hl=en&lr=&ie=UTF-8&oe=UTF-8&q=enter+whate
ver+set+of+keywords+you+like+here+even+a+message+for+the+webmaster\" >>
url_list.log 2>&1";
}
close (URL_LIST) || die "couldn't close $url_list: $!";
Assuming of course I have another file called url_list.txt with one URL
per line. I can also replace the referrer as my URL, thus when the
Webmaster gets curious, they think "aha! Someone linked to my site!!
How fun!", but sadly for them, they were deceived by simple tricks...
This may not be the most elegant of scripts, I admit, but it illustrates
the ease of setting these up. I have noticed much dialogue in popular
web forums about this very subject growing. Here is a great example:
http://www.webhostingtalk.com/showthread.php?s=233652e3f556f3373a93ed829
048f28c&threadid=131187&perpage=15&highlight=hostitcheap&pagenumber=1
I imagine that pretty soon, as this catches on, web server logs and
statistic programs may be useless or worthless as so much of the
information may be filled with junk. I admit that webmasters are
probably not the most coveted audience for this sort of trick, but if it
can be done (given human nature), I bet it will eventually be abused.
Not sure if anything can be done on your end. I was thinking of
something like module similar to spam assassin, something that could
maybe verify the existence of the referrer or check for content and
such... But alas, I am not a programmer ;) Perhaps my suggestion is
foolish.
In either case, if you knew about this, then my apologies for the noise.
I sincerely hope this helps, and I apologize if this is the wrong place
to post such a thing :)
Again, my many thanks to the apache team for their continuing
contributions!
Regards,
Andres L. Figari
