I use Google Analytics to track my website visitors. I recently noticed that my Google Analytics were showing spikes in recent visits. Typically lately I’ve been getting 50-100 user visits a day, but the stats were showing nearly 200 on some days.
My first thought was “Great! My traffic is going up!”
But then I dug into the figures a bit more, and discovered something more sinister…
Where did my visitors come from?
Most of my visitors come through organic search, then direct, then referral, then social. This can be found in the Channels section of Google Analytics.
Looking at the data for the last 10 days, referrals had gone up 61% compared to the previous 10 days. Increased referrals should be a good thing, as having links from other websites pointing to yours is a sign that your site has good content and people want to link to you.
So who was linking to me?
The Referrals tab gave me the answer. I recognised a number of the sites, but some were unknown quantities.
Who the heck were 4webmasters.org. sanjosestartups.com and free-social-buttons.com?
I Googled those sites and found the ugly truth. These are examples of referrer spammers.
What is referrer spam?
Referrer spam (aka referral spam) are fake requests for your site by scripts which spoof the HTTP referrer – a piece of data passed by the browser when it goes from one website to another.
Nefarious types will set the HTTP referrer to a spammy website which they want to promote. If you are curious and click on their links, they will get traffic. My advice is: don’t! You will get hit with marketing information at best, and at worst, could get a malware infection.
Some sites also publish their referrer logs and therein lies another benefit to the spammer – when the data is published, the spammers get a ranking boost to their sites, as it looks to search engines as if their links are legitimate.
Why is referrer spam bad?
It’s bad because:
- It skews Google Analytics data so the number of visits is inflated, and it makes it harder to see how many genuine visitors you have.
- Often these visits have a bounce rate of 0% or 100% and a session duration of 0:00:00. These factors are known to search engines, and may pull down your website’s ranking in search.
- Visiting these referrer sites inadvertently could harm your computer with viruses and malware.
Where can you find an up to date list of referrer spammers?
Here is a referrer spam blacklist, maintained by Piwik on GitHub.
How do you tell if you have referral spam?
There are 2 main types:
Crawler referrer spam – crawl your website like a regular search bot, but not with the intention of indexing them, which makes them bad.
Ghost referrer spam – these access Google Analytics’s UA codes directly, and can affect your Direct traffic.
To see if your website is affected:
- Compare the blacklist mentioned above against your Google Analytics data and look for the known spammers.
- Sort your referrals by bounce rate or time spent on site. Be suspicious of 0 and 100% numbers.
- Look for the hostnames of referrer sites. If they are (not set) are don’t match your site’s domain name, they are likely to be spam. (Click Secondary dimension > Behaviour > Hostname).
- Check for spikes in your direct traffic too and check the hostnames there. If unset or fake, these could be examples of ghost spam.
What is Google doing about the problem?
We are still waiting for a definitive solution.
Last year Google introduced a bot and spider filtering check box in Google Analytics. You can read about how it works here:
Understanding Bot and Spider Filtering from Google Analytics
The caveat is that you should keep an unfiltered view before checking this box, so that you have a default data set to compare against. Read more about views and filters. It’s also not clear if this method blocks the spam effectively.
How can you combat referrer spam?
Various solutions have been proposed by webmasters. The main ones are:
- Block the spam sites in your website’s .htaccess file. This method blocks referral spam before it reaches your site. This is if you are using Linux hosting. Not recommended if you are uncomfortable editing this key system file. If you use WordPress, you could try the WP Ban plugin instead. Note that this method will not work for ghost referral spam.
- Filter out the spam referrers in Google Analytics. This method removes spam from your future analytics data after the visits have been registered. You may need to do more work to clean up your historical data.
I have done a bit of work on the .htaccess blocking, but haven’t yet dived into filters. See the links below for detailed guidance.
Where are some good sources of further information on referrer spam and its removal?
I have found the following articles helpful:
Guide to Removing Referrer Spam in Google Analytics – Gives information on what spam removal methods are most and least effective. It recommends using hostname filters.
Geek guide to removing referrer spam in Google Analytics – Explains all about bots and which ones are good or bad.
The Ultimate Guide to Stopping Google Analytics Spam, Bots and Other Junk Traffic – Really comprehensive guide on what referrrer spam is and methods of dealing with it.
Removing Referral Spam from Google Analytics – Outlines the types of referral spam and options for removing it.
Google Analytics, .htaccess, and Spam Bot Referrals – Shows how to remove spam by the .htaccess and Google Analytics methods.
Some of these sites offer to set up Google Analytics filtering for you.
If you found this post helpful, please share it.
Have you been hit with referral spam? What method did you use to remove it? Let me know in the comments.
Sarah Arrow says
thanks Claire, I’ve notice a rise in this recently but didn’t know how to deal with it effectively. I’ll attempt the htaccess file editing and block them before they hit – fingers crossed!
Claire Brotherton says
.htaccess changes took care of some of it. I think I need filters to do the rest. I’m a bit wary of implementing those at the moment in case I mess something up in my stats!
Carlo says
Thanks for this article Claire. I started to notice this when I created a new GA property and it reported that it was receiving traffic before I even installed the code onto the site! I wondered whether I’d done something wrong but it must have been the ghost referrer type.
I tend to think it’s not worth attempting to block the domains, because the spammers will just create new ones and it will be impossible to keep up.
Claire Brotherton says
Thanks for the comment, Carlo.
Yes, I fear you may be right about new domains popping up. Looks like it’s going to be a long-running battle, like the fight against other forms of spam.
Mike Gardner says
This is a n awesome post Claire, fill of top notch info and advice, most bloggers I know are unaware of referral spam and what to do about it
Claire Brotherton says
Thanks Mike – I’m still learning myself! The links I posted go into far more detail than I could. 🙂
Ed Akehurst says
Wow! Fantastic post. This type of info is super important for bloggers (and other web masters).
Thanks for such a clear write up on it, especially the resources.and the list on GitHub.
The more we do online, the more important ti is to track everything, especially visitor data.
Claire Brotherton says
Thanks Ed!
I just wish the spammers could drive traffic to their sites by producing great content, instead of these underhand tactics. I guess they’re lazy and would rather follow the dark side, though. 😉
Dia Bassett says
Great tips. I’ll be on the look out for this kind of spam. Thank you.
Claire Brotherton says
Thanks for commenting, Dia.
Jacqui Malpass says
Great post. I am sick and tired of ‘people’ doing rubbish things like this. All I want is to run my business without having to be a webmaster as well.
I shall go and check my stats out and see what I can do based on your advice.
Claire Brotherton says
Thanks Jacqui. Yes, another website thing to be vigilant about!!
Wendy Tomlinson says
This is great information. I had 2 spikes on two separate blogs (both on same day) this month and yes initially I was excited by the increase, but when I couldn’t see where they were coming from on my normal stats page I got a little suspicious. I’m going to follow your information here to check further. Thanks.
Claire Brotherton says
Thanks Wendy. I still haven’t filtered my own traffic. Some of the info is contradictory! I wish it was straightforward.
saniya says
thank you for sharing this information
Andy Globe says
Thank you for providing such helpful information, keep up the good work.