Jump to content

Referer spoofing

Edit links
From Wikipedia, the free encyclopedia
This is an old revision of this page, as edited by AxelBoldt (talk | contribs) at 00:34, 12 February 2006. The present address (URL) is a permanent link to this revision, which may differ significantly from the current revision.
(diff) ← Previous revision | Latest revision (diff) | Newer revision → (diff)

In computer security, Referer spoofing is the sending of incorrect Referer information along with an HTTP request on the internet, with the aim of gaining unauthorized access to a web site.

Many pornographic paysites utilize referer information to secure their materials: only browsers arriving from a small set of approved (login-) pages are given access; this facilitates the sharing of materials among a group of cooperating paysites. If attackers acquire knowledge of these approved referers (which is often trivial because many sites follow a common template), they can then gain free access to the materials.

Several software tools exist to facilitate this process. The FireFox plugin refspoof allows to use a custom referer URL for any site one visits, and provides a mechanism to manage a bookmark list of such referer/site pairs. QuickSpoof provides similar functionality for the Internet Explorer browser. SuperMegaSpoof supports both browsers and allows users to exchange and rate referer spoofs.

See also

  • Referer spam, providing fake referer information in order to popularize a spammer's website.
Retrieved from "https://en.wikipedia.org/w/index.php?title=Referer_spoofing&oldid=39272589"