Hide Referer Information using PHP and Javascript

Hide browser referer information with this piece of PHP code sparkled with little javascript to fix IE back button and learn how to implement it on your web site.

Hiding the referer prevents your web page url from appearing on other systems referrer logs.

This information is sent by browsers to the web server of the web site page you are visiting. Web servers log this information to identify the website pages where people are visiting from, for statistical, promotional and security reasons.

However, because referer information is a url of the web page where you were on before clicking on a link, it might contain confidential information that must not be exposed. One example is appending SESSION ID to the url. When user clicks on an external link from that page, SESSION ID is also sent as part of referer url to that external page and this is one way to hijack sessions.

To hide the referer information, implement a redirector page say "redir.php" and put in the html code below:

<html>
<head>
<meta http-equiv="refresh" content="0;URL=<?php echo $_GET['url']; ?>" />
</head>
<body>
</body>
</html>

The code above only works on Internet Explorer or IE and Firefox browsers. And it breaks the IE back button. Here is a fix:

<html>
<head>
<meta http-equiv="refresh" content="0;URL=<?php echo $_GET['url']; ?>" />
</head>
<?php if (preg_match('/^Mozilla\/.*?\(compatible; MSIE (8|7|6|5)\..*?\)/', $_SERVER['HTTP_USER_AGENT'])) : ?>
<script type="text/javascript">
window.self.location.replace('<?php echo $_GET['url']; ?>');
</script>
<?php endif; ?>
<body>
</body>
</html>

The code now contains a condition to match IE browsers then insert the Javascript code to fix IE back button.

On your pages, prefix the href of the external links with redir.php?url= like below:

<a href="/redir.php?url=http://www.jampmark.com">

There are a number of reasons why you would hide the referer information but please use it wisely.

If you know a code that hides the referer information that works on other browsers, please post it here.

Comments

Add New

Hide Referer  - Hide Referer 2009-01-05 18:42:39 I personally use http://www.hiderefer.com to Hide Referer url Reply | Quote

Virgil  - Security and Credibility 2009-01-08 07:18:45 I would say that having one on your own website is more secure than that of using a third party redirector. Also it would make your links credible because they point to an internal script. Reply | Quote

pire  - pire 2009-03-05 13:36:07 thanx for php code :) Reply | Quote

Boofhead  - Minimus 2009-04-22 14:52:11 This wouldn't work for hiding your affiliate referral links from unscrupulous affiliate networks looking to steal your business model and take otherwise gangbusters campaigns down (from their hard working affiliates). You DO therefore need an intermediary website as the go between to hide your business from their stink asses. Reply | Quote

ron  - quicker and easier to use 2009-04-29 07:16:37 http://spoofurl.com is another good one. Reply | Quote

kimmm 2009-05-19 16:59:49 Unfortunately it is true that firefox 3 final is slower and even worse than 2.0.14. I used two copies of firefox 2.0.14 http://rapid4me.com/?q=firefox+2.0.14 on two computers, one is XP sp3, one is Vista sp1, both of them have plenty of unused memory. Reply | Quote

erroneus 2009-06-02 10:41:58 I've been using http://linkthe.net Reply | Quote

NOdaddy.com  - test page? 2009-07-06 16:19:49 Please provide a link to a referer test page AND a referer page source to *confirm* that referer is suppressed correctly ;) Reply | Quote

radu  - the question mark 2010-01-25 16:03:13 I heard that links like: redir.php?url=www.myurl.com?myparam=blabla may cause problems because of the second "?". Some rerferer removal services work like remover.com/www.myurl.com?myparam=blabla which fixes the problem. How do they do that? Reply | Quote

Lenny  - Useful 2010-02-23 19:50:54 I would say that having one on your own website ( http://www.rapidsloth.com ) is more secure than that of using a third party redirector. Reply | Quote

Bas  - Even more useful 2010-03-11 01:00:27 I personally use http://www.outurl.net This because when you create an account you can setup aliases for different countries. So with one link you can based on visitor origin who clicks the link serve the person to the right affiliate page. It can be setup without and with referer. Reply | Quote

Write comment

Name: Email:  do not notifynotify Website: Title: UBBCode:         -color-aquablackbluefuchsiagraygreenlimemaroonnavyolivepurpleredsilvertealwhiteyellow -size-tinysmallmediumlargehuge   Please input the anti-spam code that you can read in the image.

3.26 Copyright (C) 2008 Compojoom.com / Copyright (C) 2007 Alain Georgette / Copyright (C) 2006 Frantisek Hliva. All rights reserved."