We use cookies on our website to ensure we provide you with the best experience on our website. By using our website, you agree to the use of cookies for analytics and personalized content.This website uses cookies. More Information
It seems like your browser didn't download the required fonts. Please revise your security settings and try again.
Barracuda Web Application Firewall

Referer Spam Protection

  • Last updated on

Barracuda WAF uses the Referer Spam protection capability to protect from referer bombing. Whenever a spammer bot makes repeated website requests using a fake referer URL, WAF creates a blacklist to filter the incoming traffic and blocks “spam referrer” attacks. The blacklist contain the fake URL entries with details, such as, the pattern name, pattern and the version of the pattern against which WAF provides protection.

When the Referer Spam is enabled, all the spam URLs listed in the View Spam URL List is prevented from entering into the application if present in the Referer header.

The BOT MITIGATION > Bot Spam Mitigation page allows you to edit a Referer Spam.

  • Referer Spam Detection - When set to On, Referer Spam Detection is enabled. By default, the Referer Spam Detection field provides protection against the referer list specified in View Spam URL List.
  • Custom Referer Bots -Specifies the custom referer spam types to be used to detect the spam.
  • Exception Patterns - Specify the patterns to be allowed as exceptions to mitigate false positives even if this is a part of a referer spam.

The configuration should be the exact "Pattern Name" as seen on the BOT MITIGATION > View Spam URL List page, or as defined during the creation of a "New Group" under Referer Spam Types through the ADVANCED > Libraries page. You can also find the pattern name in a Web firewall log when a false positive occurs due to a potential exception pattern.


Last updated on