These instructions are for Dean Allen’s Refer.

First off, are you still running a public referrer log without any robots exclusion? Stop right there, and add a file named robots.txt to the root of your public html directory with this:

User-Agent: *

Disallow: /refer

… using the pertinent URL of your Refer directory. Alternatively, you can open up /refer/index.php and add <meta name="robots" content="noindex,nofollow" /> to the <head> section.

After doing that, rel="nofollow" is pretty much redundant, since search engines will be completely ignoring your Refer installation, but, that all righteousness may be fulfilled, we’re going to add it anyway:

1. Open up /refer/display.php.
2. Scroll down to function rHref (around line 283).
3. It’s that return statement we want to modify. Replace this:

   return tag($content,'a','href="'.$where.$param.'"');

   …with this:

   return tag($content,'a',' rel="nofollow" href="'.$where.$param.'"');

   …removing any line breaks that this narrow column may have inserted.

4. Save and you’re done.

The spam is not going to stop, though; spammers will keep trying to hit your weblog and referrer logs. They don’t care about the loss of results from just one site. Like email spammers, they want to hit as many targets as they can, strafing the internet wildly and indiscriminately, on the off chance that at least some of those hits will return the desired 0.01% result. Robots exclusion and rel="nofollow" cut down their chances with the search engines, but it’s still up to you to keep them off your own back. See my “Referrer Spam Attack” entry for links to tips on doing just that.