Recently, I’ve been keeping a sharp eye on some of my side projects that I just started working on, some of them have little to no content, so getting repeated referrals from a website is not only bizarre but curiously suspicious. I logged in yesterday to Google Analytics to find that two of my websites (with completely unrelated content) have been visited by referral from “forum darodar” (I won’t post the actual link because I don’t want them to have a backlink from my site, and draw more traffic). The referral in Google Analytics looks like this:
So you’re probably wondering, what the heck is this forum, and why is it drawing traffic to my blog?
What is darodar./com?
The link, if you click on it, takes you to a Alibaba website with a referral link. This is a clever, but shady, way to bring traffic to a referral link. A person will sign up to be an affiliate for Alibaba, and then just spam all these new websites with a robot or spider so that it shows up to the webmaster. The webmaster, confused as to what exactly is going on, clicks or enters the URL to figure out what it is. Then a cookie is placed on his computer and gives the advertisers a commission if the webmaster actually manages to make a purchase on Alibaba, or the next advertiser of choice. Multiply this by ten of thousands of websites… and you get a rich black hat advertiser making money on the internet. In most cases it is against the terms of service for the advertiser. It’s also incredibly looked down upon.
Quick Note: “forum.Darodar” and “Ilovevitaly” are the same type of referral spam.
Infographic: How the Darodar Forum Affiliate Spam Works
Who is behind the Darodar Referral Spam Campaign?
The jury is still out on that one… although by the looks of it, the “darodar” domain name use to be a Russian based search engine of some sort based on old caches from Wayback Machine, but now it seems that the spammers are instead originating their spiders and robots from IP addresses routed through China.
How to block Darodar referral spam
EDIT: This method is reported to no longer be working. To stop receiving reports of these websites in your Google Analytics, please follow this trick instead. This is the only current working method as of Dec. 29th, 2014
Special shoutout to Dave over at Sudorank for this guide
First, find your .htaccess file in your FTP program or website directory. Paste the following code in the file:
SetEnvIfNoCase Referer darodar.com spambot=yes
Allow from all
Deny from env=spambot
Voila! No more spambots.