One of Fresh Aspect's clients suddenly started to experience high traffic levels, not quite a denial of service attack, but in similar territory. The curious thing was that all the traffic had yourtrafficserver.com as the referrer. A quick addition to the .htaccess file soon stopped it in its tracks....

Visiting the yourtrafficserver.com site yields the unhelpful response "Error: visitor isn't coming from expired domain". At a guess this domain is being used to provide the marching orders for other machines that were actually generating the traffic (it was coming from multiple IP addresses).

The common element was that all the traffic had "yourtrafficserver.com" as the referrer. A quick Google search found that a few others had also noticed unusual traffic being referred by this domain.

The addition of the following lines to the site's .htaccess file stopped the 'attack' dead in its tracks:

RewriteEngine On
RewriteCond %{HTTP_REFERER} yourtrafficserver\.com [NC]
RewriteRule .* - [F]