Several of my sites were getting their referer logs spammed by porn sites. A little snooping through the logs revealed that all the spam, 50-400 hits a day, was coming from a single machine:

 tom1.xcite.net (216.169.111.198)

Others have also noticed spam from this IP.

I thought about writing a letter to xcite.net, but after calling them (no one answered) and googling them, I decided it would be pointless. My solution was to use Apache’s Mod_Rewrite to redirect requests from that IP address. Instead of just denying access, I decided to forward their requests back to xcite’s servers. Here are the two lines I added to my root htaccess file:

RewriteCond %{REMOTE_ADDR} ^216\.169\.111\.198$ 
RewriteRule /*$ http://www.xcite.net [R] 

That should end the problem without screwing anything else up. Not a perfect solution, but better than turning off the referer pages.

Update: According to my raw server logs, the spamming machine tried to hit my site again today at 3:20 and 10:30. Apparently everything worked and 122 accesses were redirected back to xcite.net.

Update 2: Apparently Charles at Little Green Footballs was also getting hit with a similar attack.