Info:
This is bad-behavior anti referer spam script that it convereted it to a Pixelpost addon. I will recognize machines from humans and rejects the spammer bots from reaching your site with a 412 error page. It will not prevent all of spammers from reaching your site but it works well!


To keep track of the orginal script checkout http://www.ioerror.us/software/bad-behavior/

Download Link:
http://www.pixelpost.org/v1/index.php?x=downloads&details=96

Readme.txt:
This is actually a very BETA version!

1- create bad-behavior folder inside includes directory and copy all the files
inside the bad-behavior directory of the package into that directory on your
site.

2- copy the addon to addon folder

3- use <BB_HEADER> in the header section of your template (between <head> and
</head>)

Extra cares:
This addon is not enough for many and to be more secure make modifications in index.php of 1.4.2 to show error page 404 to everyone who wants to reach page index.php?x=ref or index.php?x=referer
The modification (copy/paste from other related thread)

since almost all of the spammer come to my ref page I changed the index.php to point error when spam bot wants to see the refs and die.

at about line of 440 of index.php (version 1.4.2)
replace
// fix a popuplink
// refererlog
if($_GET['x'] == "referer") {
header("Location: index.php");
exit;
} // end refererlog

with

// fix a popuplink
// refererlog
if($_GET['x'] == "referer") {
header("HTTP/1.0 404 Not Found");

exit;
} // end refererlog

*sigh* I'll try to test it out on the pixelpsot demo, its the only access to spam I have but I am so pressed for time, I always say I will test and I havent had the chance to yet!

looks very promising though

I installed the add-on since yesterday. So far it has only detected one referer spam. How long it takes to match them? Because I'm seeing the url *.pulsar.net, but it hasn't identyfied as bad behavior. Or a manual add can be implemented?

I was using an .htaccess solution, and to give a full test to the plugin I have disabled the .htaccess file.

I'm using every solution possible but there are still Spams that penetrate!
I said it works but not all the times, not with the spams that act like humans.

I added pulsar.net to the banlist and when I go to admin, I clean the referrers and there they go...

I added pulsar.net to the banlist and when I go to admin, I clean the referrers and there they go...
but this won't prevent the SOP attacks from that site.
you need to .htaccess it!

yes, I know it just cleans the list

I have loaded Bad Behavior, but I removed the .htaccess file when I did that. If I still need .htaccess filtering then that's too bad...

Before loading Bad Behavior, I had a recommendation to try "Referrer Karma." If anyone is interested, here's a link:

http://unknowngenius.com/blog/wordpress/ref-karma/

Referrer Karma seems to be an effective program that won't bog a site down. It was designed specifically for referrer spam. I'm sure that it could be adapted as an add-on just like you did with Bad Behavior, because it's also very generic to PHP programs. It sometimes filters out genuine surfers coming from obscure search engines, so users should be prepared to manually make adjustments from time to time.

I don't know how to make it an "add-on" but I may give it a try -- one month of Bad Behavior compared with one month of Referrer Karma.

keep the .htaccess thing...
thnx for the link

Bad-Behavior is successfull on average of 20-30 % of the cases.