Skip to content


Switch branches/tags

Name already in use

A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?
This branch is 701 commits ahead of matomo-org:master.

Latest commit


Git stats


Failed to load latest commit information.
Latest commit message
Commit time

Referer Spam Blacklist


This is a frequently updated list of referer spam domains.

This repository is a fork of Piwik's referrer spam blacklist, with the following main differences:

  • Domains are added more frequently to keep up with the spammers (Piwik's list requires a vote and a pull request per added domain, which slows down the update, and prevents automatic updating). Piwik's list changes are also merged back regularly in this repository.
  • Large lists of confirmed referer spam domains from other contributors or projects are also merged back
  • Dead domains are regularly removed from the list

As a result this list is more than 5 times larger (as of this writing) than Piwik's list, while having less dead domains.

List format

The list is stored in this repository in spammers.txt, with one host per line, and Unix line endings.

Parsing the file should be pretty easy using your favorite language.


Sub-string matching on domain names can be done with this list, so is enough to block all subdomain referers too, such as

However, there are cases where you'd only want to add a subdomain but not the root domain. For example, add but not, otherwise all * sites would be affected.

On the contrary, if you get spam with referer, you can safely assume that all subdomains are spam.


To make duplicate detection, and merges easier, the list is sorted with Unix's sort, with the command:

sort -uf -o spammers.txt spammers.txt

Usage with Fail2ban

This list can be used with Fail2ban.

A script is provided to automatically generate or update a filter (located in /etc/fail2ban/filter.d/apache-referer.local) that will watch server logs, and automatically ban IPs that send HTTP requests with a domain in the blacklist as referer. It has been tested with Apache, but should work with any webserver configured to log using the standard combined log format, provided you change log locations in the script.

It is recommended to run the script at least every week with cron, to keep the list up to date:

curl > /etc/cron.weekly/update-fail2ban-referer-filter
chmod +x /etc/cron.weekly/update-fail2ban-referer-filter

You also need to edit /etc/fail2ban/jail.local, to locate the Apache logs, and configure ban time, eg.:

enabled = true
maxretry = 1
# 90 days
bantime = 7776000
port = http,https
filter = apache-referer
logpath = /var/log/apache*/*access.log

Then, run the script a first time to generate the filter:


Usage with Google Analytics

See this repository for a tool to generate and update a Google Analytics filter from this list to remove referer spam.


Although the list is mostly updated by automated scripts, contributions to the list are welcome.

To add domain(s) either open an issue or submit a pull request. The latter is prefered for large additions. Either way, please explain how you have found the referer domain(s) (it is important to avoid false positives).

If you think a hostname was added but is not actually a spam domain, please open an issue.




Community-contributed list of referer spam domains







No packages published


  • Python 81.1%
  • Shell 18.9%