Skip to content
This repository has been archived by the owner. It is now read-only.
Go to file

Latest commit


Git stats


Failed to load latest commit information.
Latest commit message
Commit time

Don't use this project

The list of spammy domains is stale and without any update since 2016

Read original blogpost which inspired this project: Semalt infecting computers to spam the web.

Latest Stable Version Build Status Coverage Status Scrutinizer Code Quality StyleCI Status Dependency Status Packagist Downloads License


Self-updating PHP library which blocks hundreds of spammy domains from ruining your website statistics

Bad domains Last updated
2433 December 1st, 2016

Block referral spam with a single line of code. Originally started to stop the nasty Semalt botnet from visiting your site and ruining your stats (of course their domains are still included), the blocklist now contains hundreds of spammy domains. The library will try to self-update every week, so you don't have to worry about composer update's.


Looking for the blocklist only? No problem:


The blocklist is compiled from several sources. Currently:

Source Raw source file Number of domains
sahava 417
piwik 483
stevie-ray 1071
ar-communications 376
flameeyes 936
semalt-blocker ../domains/additional 1
desbma 1700

debug console

We've added a tool to check whether your site blocks spammy bots. You can find it in the repository and online at:

composer setup

This is the easiest method, but requires the use of Composer. Add semalt-blocker to your project by running the following in your terminal:

composer require nabble/semalt-blocker:~1

Then in your project add (but you probably already have this):

require "vendor/autoload.php";

legacy setup

Not using composer? No problem, copy the files domains/blocked and compact/semaltblocker.php to the same directory in your project and add this line:

require "/path/to/semaltblocker.php";

basic usage

It's as easy as:

use Nabble\SemaltBlocker\Blocker;


// ... your app

Make sure you add it somewhere at the beginning of your code, it will save you!


In order for the self-update mechanism to work, make sure the domains/blocked file is writable by the webserver:

$ chmod a+w vendor/nabble/semalt-blocker/domains/blocked


Blocker::protect(); // default, serve a 403 Forbidden response
Blocker::protect(''); // return them their own botnet traffic
Blocker::protect('Hi, bot'); // displays a nice message when blocked

All calls to the protect function will trigger the auto-updater at a regular interval.

If you want to stay in control even more, use this:

$blocked = Blocker::blocked(); // returns true when a blocked referrer is detected

If you want an explanation for why a referer is blocked, use:

echo Blocker::explain();

The self-updater runs every 7 days by default. To force updating the domain list, use this:

use Nabble\SemaltBlocker\Updater;



Yes, please! Feel free to open issues or pull-requests.




Self-updating PHP library which blocks referral spam from ruining your website statistics





No packages published
You can’t perform that action at this time.