Skip Navigation

Blog » Strange Referrers

As most people who examine their log files every so often have also no doubt noticed, sometimes you find information in there that just doesn't make sense.

Take these two common referrer strings for example:

  • "XXXX:++++++++++++++++++++"
  • Field blocked by Outpost firewall (http://www.agnitum.com)"

The first - well, nobody appears to have yet been able to determine where that comes from. It certainly does a good job of hiding the authentic referrer though. My personal guess is that "XXXX" replaces "HTTP", and the +++ replaces the actual referral URL. It looks like a personal firewall product that simply hides the referrer.

The second is actually spam. Well, it is and it isn't. Anyone using the Outpost Personal Firewall from Agnitum can hide referrer URLs with the program. It unfortunately then replaces the referrer with what is essentially an advert. Unfortunately, blocking this referrer really isn't an option as it isn't the user at fault - it's the shortsighted company that produces the firewall.

What to do about these is the interesting question. Personally, I leave them alone. Both are easy to filter out of a referrer log, and as far as I know it is authentic users leaving these marks. Another option I've had suggested is to filter users with these referrers to a page explaining why they are being redirected, and what they can do to stop it happening again - explaining, of course, that it isn't their fault.

The only thing that we can do as users is to not use products that do this. Use ones that hide the referrer, by all means, if you want to. No problem there. Just don't use products that replace the referrer with rubbish data or an advert - all that does is make life harder unnecessarily for web developers.


comments powered by Disqus