I've faced this same problem with BitBin, and I've already blocked quite a few sites that have bombarded me with worthless traffic, either by using traffic exchanges or creating sites with tons of hidden iFrames that load BitBin pages to rack up hits.
Here's the list I'm currently using for BitBin, which runs on nginx. Some of them don't have the top-level domain (eg. .com), as I've noticed especially blogspot sites may end with .fi, .com, etc. depending on your location.
default 0;
"~hitleap.com" 1;
"~traffic-exchange" 1;
"~freebitcoin-traffic.com" 1;
"~fuseurl.com/2424" 1;
"~ajoyaap.webs.com" 1;
"~meerkatpublishing.com" 1;
"~estrenoszz.blogspot" 1;
"~musik4kh.blogspot" 1;
"~blankrefer.com" 1;
"~linkcollider.com" 1;
"~twistrix.com" 1;
"~surf4web.com" 1;
"~kronox123.over-blog" 1;
"~glenpoetra.blogspot" 1;
"~guipsautosurf" 1;
"~websurf.ru" 1;
"~freelancesurf.net" 1;
"~krunox123.over-blog" 1;
"~forimpressions.over-blog" 1;
"~nols-o-surf.fr" 1;
"~visiohits.eu" 1;
"~auto-visiteurs.biz.st" 1;
"~otohits.net" 1;
"~augmente-ton-trafic.fr" 1;
"~moneybitcoinautopilot.weebly" 1;
"~ngepetkungepetdapatduit.blogspot" 1;
"~hitleap204.weebly" 1;
"~mmobit.net" 1;
"~heavenlysurf.com" 1;
"~ieptc.com" 1;
"~newptcsites.co" 1;
"~justgoodtraffic.com" 1;
"~redmansurf.com" 1;
"~monster-surf.com" 1;
"~highcountrytraffic.com" 1;
"~autosurfenligne" 1;
"~ad7.biz" 1;
"~adcumulo.com" 1;
"~feelingsurf.fr" 1;
"~boodaghi.ir" 1;
"~zubeedownlines.com" 1;
"~surfingoldschool.com" 1;
"~10khits.com" 1;
"~bloggerbitcoins.blogspot" 1;
As to how you can use it, just save it somewhere (eg.
/etc/nginx/bots.map). Then, in your nginx configuration file (nginx.conf or your site-specific file in conf.d), add the following block:
map $http_referer $bad_referer {
include /etc/nginx/bots.map;
}
and then in your server block, add the following:
if ($bad_referer) {
return 444;
}
If everything went correctly, nginx should now automatically drop any request that came from those URLs, as long as the site's URL appears in the Referer field.
As for how you can find out where these illegitimate visits are coming from, you could use either Google Analytics or go through your web server's logs manually.
