Many of us have seen spikes in traffic report from Google Analytics. These spikes bring joy to our minds and when we drill down the traffic we get disappointed because it is from a spam referral. In this article I will be explaining you how to combat spam referral.
Spam Referrals causes incorrect traffic analysis we all know, but major impact they leave over your web bandwidth. If your web site is running on VPS or Shared server, your bandwidth is important and needs to be preserved for real traffic. If your maximum bandwidth is eaten by spam referrals your real users may get “Busy Server” Response.
To Combat referral spams, you can implement following solutions,
- Modify htaccess file block spam referrals.
- Filter Traffic statistics from Google Analytics
Filtering traffic from Google Analytics is very easy and you can do it from the admin tab in your Analytics account. I personally don’t recommend filtering this because filters will just remove it from your traffic report but these referrals will continue to consume resources behind the scenes.
I found block them via htaccess is most effective way. Follow below steps to block them through Htaccess –
1) Go to Analytics account and note down referral domains that you think are spam.
2) In your htaccess file, use %{HTTP_REFERER} to get the referrer and verify if these referrers contains words which are same as from referral bots you got from step 1 –
RewriteCond %{HTTP_REFERER} (priceg) [NC,OR]
3) if you have more than one spam create a list of RewiteCond –
RewriteCond %{HTTP_REFERER} (priceg) [NC,OR]
RewriteCond %{HTTP_REFERER} (darodar) [NC,OR]
RewriteCond %{HTTP_REFERER} (hulfingtonpost) [NC,OR]
RewriteCond %{HTTP_REFERER} (simple-share-buttons) [NC]
here we have asked Apache to look for referrers containing words from this list.
4) Now that we have caught the spam referral, lets throw it out and show them forbidden message.
RewriteRule .* – [F]
This code will block the page and spam bot will receive Error 403 like this
Here is how the whole code looks –
# Handle Spam bots
RewriteCond %{HTTP_REFERER} (priceg) [NC,OR]
RewriteCond %{HTTP_REFERER} (darodar) [NC,OR]
RewriteCond %{HTTP_REFERER} (hulfingtonpost) [NC,OR]
RewriteCond %{HTTP_REFERER} (simple-share-buttons) [NC]
RewriteRule .* – [F]
We have seen almost 4% savings in bandwidth each month after implementing it. Below is the final code you need to put in .htaccess with list of domains I know and should be blocked, let me know if you have seen domains other than these –
# Handle Spam bots
RewriteCond %{HTTP_REFERER} (priceg) [NC,OR]
RewriteCond %{HTTP_REFERER} (darodar) [NC,OR]
RewriteCond %{HTTP_REFERER} (hulfingtonpost) [NC,OR]
RewriteCond %{HTTP_REFERER} (ilovevitaly) [NC,OR]
RewriteCond %{HTTP_REFERER} (buy-cheap-online) [NC,OR]
RewriteCond %{HTTP_REFERER} (free-share-buttons) [NC,OR]
RewriteCond %{HTTP_REFERER} (4webmasters) [NC,OR]
RewriteCond %{HTTP_REFERER} (theguardlan) [NC,OR]
RewriteCond %{HTTP_REFERER} (semalt) [NC,OR]
RewriteCond %{HTTP_REFERER} (buttons-for-website) [NC,OR]
RewriteCond %{HTTP_REFERER} (see-your-website-here) [NC,OR]
RewriteCond %{HTTP_REFERER} (googlsucks) [NC,OR]
RewriteCond %{HTTP_REFERER} (guardlink) [NC,OR]
RewriteCond %{HTTP_REFERER} (Get-Free-Traffic-Now) [NC,OR]
RewriteCond %{HTTP_REFERER} (event-tracking) [NC,OR]
RewriteCond %{HTTP_REFERER} (free-share-buttons) [NC,OR]
RewriteCond %{HTTP_REFERER} (simple-share-buttons) [NC]
RewriteRule .* – [F]
Hope this article was helpful. Please feel free to leave your comment below.
**** if you want to publicize or market your product globally for free, register it on FipZip. FipZip is a free product marketing tool. For More information see this video
Products Feed 
Thank you I am a newbies to all this and code etc.. but nicely explained I think I can do this plus will of course do back up of my original httaccess file first!
***********Please could you give how to exactly also like above do typical code for several ip’s to block as sometimes these spam bots only have those etc***********
LikeLike
This is the beauty of contains clause (under parentheses ) you can block alphabetical url or any other referral url.
Write it like below –
# Handle Spam bots
RewriteCond %{HTTP_REFERER} (priceg) [NC,OR]
RewriteCond %{HTTP_REFERER} (darodar) [NC,OR]
RewriteCond %{HTTP_REFERER} (hulfingtonpost) [NC,OR]
#for ip address – use your ip address
RewriteCond %{HTTP_REFERER} (126.56.67.78) [NC]
RewriteRule .* – [F]
So any referring url which has above ip address in it will be blocked.
Because you are new to htaccess I must tell you that do not miss to put OR after NC it is a or condition.
LikeLiked by 1 person
many thanks indeed very helpful to me and no doubt others. yes these spam bot visits are getting daily especially from Russia, Ukraine China, Brazil and Uganda so, sooo frigging annoying!
Hopeful this well help plus I will do the filter thing over in Google analytics .
*** on my Httaccess existing file there is info code in there right now i.e. Begin and end wp etc and some stuff also JUST BEFORE that (see mine below) so in order to paste in the codes you suggest where about’s shall I insert and do mine ?
would you mind telling me here is what is there now:
## EXPIRES CACHING ##
ExpiresActive On
ExpiresByType image/jpg “access 1 year”
ExpiresByType image/jpeg “access 1 year”
ExpiresByType image/gif “access 1 year”
ExpiresByType image/png “access 1 year”
ExpiresByType text/css “access 1 month”
ExpiresByType application/pdf “access 1 month”
ExpiresByType text/x-javascript “access 1 month”
ExpiresByType application/x-shockwave-flash “access 1 month”
ExpiresByType image/x-icon “access 1 year”
ExpiresDefault “access 2 days”
## EXPIRES CACHING ##
# BEGIN WordPress
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ – [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
# END WordPress
LikeLike
You can just put it above line – “#End wordPress” and it should work… and yes put filter in GA as well because some of spam is in GA without coming to actual site.
LikeLike
@Jenny – You would actually place the code below # End WordPress as anything between the start and end WordPress comments are subject to be overwritten by WordPress
LikeLike