The Problem
Yesterday I started noticing that one of my websites (not this site) was getting hit with a spike of traffic about once every two weeks for a few days at a time. I determined that the traffic was coming from Portland Oregon. I also determined that the traffic was from a machine on Peak Web Hosting’s network.
One of the problems with this traffic is that it is throwing off my web stats. The traffic had a 100% bounce rate so it makes it look like my visitors are not engaged. Not only that, but the most likely reason they are hitting my website is for a nefarious reason. They could be looking for security holes to hack the site and insert links or malware into my content.
This bounce traffic lead me to notice another issue. I was also getting referrer traffic from forex-ninjas but there are no links to my website from their website. After I did a little digging, I found that this is what is called referrer spam.
This further throws off web statistics since these visitors also have a 100% bounce rate. Most likely the referrer spam is there to try and get me to go to the spammers website and buy their product or click their ads. Either way I don’t want that garbage in my stats.
The Fix
First, to get rid of the bigger problem of the Peak Web Hosting bounce traffic. The solution for this came from a Google Groups posting. For WordPress sites download and install the wp-ban plugin. Once this is set up, go to the settings page for wp-ban and enter 204.11.219.* in the banned IPs section. This is the block of IPs that the hit-and-run traffic is coming from. Now instead of getting your website, they will get a page telling them that they are banned.
Alternately, you can use htaccess to ban an IP range by adding these lines into your htaccess file:
order allow,deny deny from 204.11.219 allow from all
To get rid of the referrer spam form forex-ninjas, I added a couple of filters in my Google Analytics account. Before you add these filters in you may want to create a duplicate profile that does not include any filters in case there are problems and you need to see the raw information that Google is providing.
To add the two filters do the following…
Click the gear in the upper right hand corner of your Google Analytics account:
Click on the Filter tab. As you can see I have 3 filters showing:
Next you will want to create an Include filter for your domain name. This is to so that if someone grabs your GA code and puts it on their website, only your domain stats will show up in your analytics profile.
- Add a Filter Name. (Include My Domain Only)
- Choose Custom filter type.
- Check Include.
- Choose Hostname for the Filter Field.
- For the Filter Pattern, enter your domain name. You have to escape special characters (periods, slashes etc.) because this is a regex field. By ‘escape’ I mean add a \ in front of special characters. So what goes into the field should look like this: yourdomainname\.com
- Set Case Sensitive to No.
- Click Save.
Now you need to add the two Exclude filters.
- Add a new filter
- Fill in the Filter Name. (Spam Referrers I)
- The Filter Type will be Custom Filter
- Choose Exclude
- In the Filter Field you want Campaign Source
- Put the following in the Filter Pattern:
golbnet|forexmarket|ForexTradingStrategies|acessa\.me|is\.gd\/UnlimitedWebHosting|is\.gd\/ForexTrading|tinyurl\.com\/ForexTradingSystems|tinyurl\.com\/MakeMoneyWithYourWebsite|br4\.in\/ForexMarket|toma\.ai\/6pf
- Set Case Sensitive to No.
- Click Save.
For the second Exclude Filter you will do everything the same as the first except in the Filter Pattern you will add this instead:
bct\.im\/ForexMarket|ibexalerts\.com\/craigslist\-email\.aspx|clubXstream\.net|slowfoodottawagatineau\.org|forex\-ninjas\.com|rock\.to
The two Filter Patters above are for common referrer spam sources. You can find the list I used on Business Hut‘s website. There are two Filter Patters instead of one is because the Filter Pattern field only accepts 255 characters so I had to split it up and add two separate filters. The | character in two filter patterns is an OR operator and does not need to be escaped.
Also, the filters are NOT retroactive. So if you already have referrer spam in your analytics, it will still show up. All new referrer spam will not show up though.
If anyone has a better way to stop the spam feel free to leave a comment below!
{ 0 comments }
