Semalt Blocker Save Abandoned
:no_entry: Self-updating PHP library which blocks referral spam from ruining your website statistics
Don't use this project
The list of spammy domains is stale and without any update since 2016
Read original blogpost which inspired this project: Semalt infecting computers to spam the web.
semalt-blocker
Self-updating PHP library which blocks hundreds of spammy domains from ruining your website statistics
| Bad domains | Last updated |
|---|---|
| 2433 | December 1st, 2016 |
Block referral spam with a single line of code. Originally started to stop the nasty Semalt botnet from visiting your site and ruining your stats (of course their domains are still included), the blocklist now contains hundreds of spammy domains. The library will try to self-update every week, so you don't have to worry about composer update's.
blocklist
Looking for the blocklist only? No problem:
sources
The blocklist is compiled from several sources. Currently:
| Source | Raw source file | Number of domains |
|---|---|---|
| sahava | https://raw.githubusercontent.com/sahava/spam-filter-tool/master/js/spamfilter.js | 417 |
| piwik | https://raw.githubusercontent.com/piwik/referrer-spam-blacklist/master/spammers.txt | 483 |
| stevie-ray | https://raw.githubusercontent.com/Stevie-Ray/apache-nginx-referral-spam-blacklist/master/generator/domains.txt | 1071 |
| ar-communications | https://raw.githubusercontent.com/ARCommunications/Block-Referral-Spam/master/blocker.php | 376 |
| flameeyes | https://raw.githubusercontent.com/Flameeyes/modsec-flameeyes/master/rules/flameeyes_bad_referrers.data | 936 |
| semalt-blocker | ../domains/additional | 1 |
| desbma | https://raw.githubusercontent.com/desbma/referer-spam-domains-blacklist/master/spammers.txt | 1700 |
debug console
We've added a tool to check whether your site blocks spammy bots. You can find it in the repository and online at: nabble.nl/semalt
composer setup
This is the easiest method, but requires the use of Composer. Add semalt-blocker to your project by running the following in your terminal:
composer require nabble/semalt-blocker:~1
Then in your project add (but you probably already have this):
require "vendor/autoload.php";
legacy setup
Not using composer? No problem, copy the files domains/blocked and compact/semaltblocker.php to the same
directory in your project and add this line:
require "/path/to/semaltblocker.php";
basic usage
It's as easy as:
use Nabble\SemaltBlocker\Blocker;
Blocker::protect();
// ... your app
Make sure you add it somewhere at the beginning of your code, it will save you!
self-update
In order for the self-update mechanism to work, make sure the domains/blocked file is writable by the webserver:
$ chmod a+w vendor/nabble/semalt-blocker/domains/blocked
options
Blocker::protect(); // default, serve a 403 Forbidden response
Blocker::protect('http://semalt.com'); // return them their own botnet traffic
Blocker::protect('Hi, bot'); // displays a nice message when blocked
All calls to the protect function will trigger the auto-updater at a regular interval.
If you want to stay in control even more, use this:
$blocked = Blocker::blocked(); // returns true when a blocked referrer is detected
If you want an explanation for why a referer is blocked, use:
echo Blocker::explain();
The self-updater runs every 7 days by default. To force updating the domain list, use this:
use Nabble\SemaltBlocker\Updater;
Updater::update(true);
contribute
Yes, please! Feel free to open issues or pull-requests.
licence
MIT
Open Source Agenda Badge
