Don't use this project
The list of spammy domains is stale and without any update since 2016
Read original blogpost which inspired this project: Semalt infecting computers to spam the web.
Bad domains | Last updated |
---|---|
2433 | December 1st, 2016 |
Block referral spam with a single line of code. Originally started to stop the nasty Semalt botnet from visiting your site and ruining your stats (of course their domains are still included), the blocklist now contains hundreds of spammy domains. The library will try to self-update every week, so you don't have to worry about composer update
's.
Looking for the blocklist only? No problem:
The blocklist is compiled from several sources. Currently:
Source | Raw source file | Number of domains |
---|---|---|
sahava | https://raw.githubusercontent.com/sahava/spam-filter-tool/master/js/spamfilter.js | 417 |
piwik | https://raw.githubusercontent.com/piwik/referrer-spam-blacklist/master/spammers.txt | 483 |
stevie-ray | https://raw.githubusercontent.com/Stevie-Ray/apache-nginx-referral-spam-blacklist/master/generator/domains.txt | 1071 |
ar-communications | https://raw.githubusercontent.com/ARCommunications/Block-Referral-Spam/master/blocker.php | 376 |
flameeyes | https://raw.githubusercontent.com/Flameeyes/modsec-flameeyes/master/rules/flameeyes_bad_referrers.data | 936 |
semalt-blocker | ../domains/additional | 1 |
desbma | https://raw.githubusercontent.com/desbma/referer-spam-domains-blacklist/master/spammers.txt | 1700 |
We've added a tool to check whether your site blocks spammy bots. You can find it in the repository and online at: nabble.nl/semalt
This is the easiest method, but requires the use of Composer. Add semalt-blocker to your project by running the following in your terminal:
composer require nabble/semalt-blocker:~1
Then in your project add (but you probably already have this):
require "vendor/autoload.php";
Not using composer? No problem, copy the files domains/blocked
and compact/semaltblocker.php
to the same
directory in your project and add this line:
require "/path/to/semaltblocker.php";
It's as easy as:
use Nabble\SemaltBlocker\Blocker;
Blocker::protect();
// ... your app
Make sure you add it somewhere at the beginning of your code, it will save you!
In order for the self-update mechanism to work, make sure the domains/blocked
file is writable by the webserver:
$ chmod a+w vendor/nabble/semalt-blocker/domains/blocked
Blocker::protect(); // default, serve a 403 Forbidden response
Blocker::protect('http://semalt.com'); // return them their own botnet traffic
Blocker::protect('Hi, bot'); // displays a nice message when blocked
All calls to the protect
function will trigger the auto-updater at a regular interval.
If you want to stay in control even more, use this:
$blocked = Blocker::blocked(); // returns true when a blocked referrer is detected
If you want an explanation for why a referer is blocked, use:
echo Blocker::explain();
The self-updater runs every 7 days by default. To force updating the domain list, use this:
use Nabble\SemaltBlocker\Updater;
Updater::update(true);
Yes, please! Feel free to open issues or pull-requests.
MIT