***NEW! After many tries of different codes, I decided to contact my web host for that site (www.curbal.com) and after a few tries they managed to block semalt. Unfortunately they did not disclosed how they did it.
The codes I tested are at the end of the post.
If you find the right Regex, please send me a line.
***
I started receiving traffic in my new site from a site called Semalt. Something was odd about them, and after their first visits to my site, I started receiving visits from a musica.descargar-musica-gratis.net, also odd as the site that was receiving the traffic is about Google Analytics for beginners and the referrer is about music downloads.
This type of sites are called referrer spam.
This technique involves making repeated web site requests using a fake referrer URL to the site the spammer wishes to advertise. Sites that publish their access logs, including referrer statistics, will then inadvertently link back to the spammer’s site. These links will be indexed by search engines as they crawl the access logs. (source:Wikipedia)
Never click on these links as they might lead to sites with virus or Trojans. Do instead a Google search on the link.
So, how do you do to get rid of the spammers?
The best way is to modify your .htaccess files and block them all together.
For that you will need to access your .htaccess file and copy a bit of code.
Log in your synology, and access FileStation and the directory where your wordpress files are stored and delete according to the previous step (I am using NetDrive to do this):
If you dont have a htaccess file, create one using note++:
Add the following lines (red text) to the beginning of your code. It should look something like this:
The code below blocked all semalt’s visits with the exception of : semalt.semalt.com
RewriteEngine On
RewriteBase /
RewriteRule ^index.php$ – [L]
# block spammers
RewriteCond %{HTTP_REFERER} (.)?(semalt|kambasoft|savetubevideo|seoanalyses).com$ [NC]
RewriteCond %{HTTP_REFERER} ^http://(([^.]+.)+)?semalt.com [NC]
RewriteRule ^(.*)$ – [F]
Htaccess code that did not work
First try:
# block spammers
RewriteCond %{HTTP_REFERER} (.)?(semalt|kambasoft|savetubevideo|seoanalyses).com$ [NC]
RewriteRule . – [F]
Second try:
# block spammers
RewriteCond %{HTTP_REFERER} (.)?(semalt|kambasoft|savetubevideo|seoanalyses).com$ [NC]
RewriteCond %{HTTP_REFERER} semalt.semalt.com [NC,OR]
RewriteRule . – [F]
3rd try:
# block spammers
RewriteCond %{HTTP_REFERER} (.)?(semalt|kambasoft|savetubevideo|seoanalyses).com$ [NC]
RewriteCond %{HTTP_REFERER} ^http://([^.]+.)*semalt.com [NC,OR]
RewriteRule . – [F]
4rth try:
RewriteCond %{HTTP_REFERER} (.)?(semalt|kambasoft|savetubevideo|seoanalyses).com$ [NC]
RewriteCond %{HTTP_REFERER} semalt.semalt.com [NC,OR]
RewriteRule .* – [F]
5rth try:
RewriteCond %{HTTP_REFERER} (.)?(semalt|kambasoft|savetubevideo|seoanalyses).com$ [NC]
RewriteCond %{HTTP_REFERER} ^http://(([^.]+.)+)?semalt.com [NC]
RewriteRule ^(.*)$ – [F]
Remove from Google Analytics (if you dont have access to htaccess)
Another really annoying consequence of Referrer spam is that it will inflate your traffic like bots and spiders do, so if you don’t have access to your htaccess file, you can at least remove them from Google Analytics.
I have a tutorial on how to do this on my new site.
Synoguide 
Dear Ruth,
To be under attack from spam is a real pain. But if you are prepared and have a solution that you just given me makes life on the internet a lot better. So THANK YOU !
I found the site Curbal.com and have ofcourse subscribed 🙂
brgrds
LikeLike
Thanks Magnus, always a pleasure to help my fellow bloggers.
LikeLike
Nice post Ruth,
I am dealing with the same crap with a bunch of my clients’s sites. I have just been blocking them by excluding the traffic in the admin section of my site. I just wrote a quick post on it on my site here http://www.bradtollefsen.com/referral-spam-semalt-kambasoft/
Let me know if you think that way works just the same.
Thanks
LikeLike
Hi Brad,
Thanks for your input!
I really recommend to block them from crawling/accessing your site if you have access to the .htaccess file. The reason for this is that when they crawl your site, if not properly set up, they will add links to their sites (not nice sites all the time) so when the bots go to crawl your site, they will see the referrals to their site and increase their popularity. Some of this links land in pages with virus or other unpleasant content which you and your site don’t want to be associated with (it can hurt your rankings).
By blocking them, we beat them at their game and hopefully stop them from doing this altogether.
My links on how to block them from Google Analytics are not working at the moment, so if you don’t mind, I will use yours instead until they are up and running again.
/Ruth
LikeLike
Hi Ruth,
I am not sure if this will help but I found this on Stack Overflow: RewriteCond %{HTTP_REFERER} ^http://([^.]+.)*semalt.com [NC]
http://stackoverflow.com/questions/25477342/blocking-semalt-referrers-with-htaccess-rules
LikeLike
Thanks Joanne,
I got tired of testing and asked my web host provider (this problem was not happen on this site, but on my http://www.curbal.com site) to block them from their end. After a couple a tries, they managed to do it and I am not receiving any visits from semalt anymore.
I looked at the Regex I tried and yours is on the list so for my site (multisite) it didn’t work, but thanks anyhow!
Ruth
LikeLike