There should be nothing wrong with displaying our referrers though; the actions of malicious users -- crackers, spammers, etc. -- ideally should not
affect what we can and cannot do with our websites (or what our users can and cannot do while on them).
Displaying the referrer list publicly gives a nod to those sites which are sending traffic your way. The automatic link back to them is a great way to thank them! Further, a referrer list is a great for allowing users to find other content which they might enjoy because it is likely that sites which are sending traffic to your site are in some way related.
Using Bad Behavior, I have been able to have my stats public on my blog for quite some time and have had no worries regarding referrer spam.
For those who really want to be sure, check out Referrer Karma
. Like Bad Behavior (which can be used at the same time as Referrer Karma), RK screens all incoming traffic and those which are giving a referrer are checked. If the site listed as the referrer doesn't have a link to your site (which would be expected), the user is stopped and the attempt is logged for your review.
I used to use it, but if I remember I had issues with some people accessing the board and the admin panel didn't function properly. Things may have changed.
Bad Behavior, however, gets my full endorsement. I just wish someone would develop a phpBB MOD to take advantage of Bad Behavior's database logging and other features that aren't available in the generic interface I mentioned in an above post.