The Barracuda WAF uses referer spam protection capabilities to protect from referer bombing. Whenever a spammer bot makes repeated website requests using a fake referer URL, the WAF creates a block-list to filter the incoming traffic and blocks “spam referrer” attacks. The block-list contain the fake URL entries with details such as the pattern name, pattern, and the version of the pattern against which the WAF provides protection.
When Referer Spam Detection is enabled, all the spam URLs listed in the View Spam URL List is prevented from entering into the application if present in the Referer header.
The BOT MITIGATION > Bot Spam Mitigation page allows you to edit a referer spam.
- Referer Spam Detection - When set to On, Referer Spam Detection is enabled. By default, the Referer Spam Detection field provides protection against the referer list specified in the View Spam URL List.
- Custom Referer Bots -Specifies the custom referer spam types to be used to detect the spam.
- Exception Patterns - Specifies the patterns to be allowed as exceptions to mitigate false positives even if this is a part of a referer spam.