Finally, a copy/paste solution that anyone can use
I’ve audited 1000’s of Google Analytics accounts over the past 10 years and there’s been a rising phenomena among nearly all of them – Referral Spam!
If you’re not familiar with that is, it’s traffic from bots that show as various referral sources in your Google Analytics account. When these bots ping your website it registers as a session (visit) which inflates your actual traffic data with false numbers.
If you look at the referral sources within Google Analytics you might see data like this:
Some of you are thinking, “that’s great, more traffic will impress the boss!”
Please be smarter than that. Here’s why.
A solid understanding of your traffic analytics is critical to your digital marketing success. These spam referral sources are skewing all of your site-wide data; bounce rates, most visited pages, time on site, pages per visit, you name it – it’s the butterfly effect.
How to Block Referral Spam
I use a two-pronged approach to block referrer spam from both appearing in my Google Analytics data AND from crawling my website in the first the place. That way all the angles are covered.
First: Setup Custom Filters in Google Analytics
Login to your Google Analytics accounts and go to the Admin panel. Make sure you’re using the same View where any existing filters are set up. Then choose the ‘Filters’ option from the right column.
Select the red button ‘Add Filter.’
- Filter Name: Banned Sites 1 (there will be 9 of these)
- Filter type: Custom
- Exclude: Hostname (If Hostname doesn’t work, try campaign source)
- Filter pattern: Download cheat sheet below and copy/paste the Filter Pattern. (Regular expression code is the only method of excluding multiple domains via a single Google Analytics filter: (255 character max)
I’ve compiled a list of 123 of the most common referral spam links and put them in a shared Google Doc you can have as a cheat sheet to easily copy and paste the appropriate RegEx (regular expression) codes into the Filter Pattern field.
Second: Update the .htaccess File to Deny Access to Referral Spam Bots
Now that the Google Analytics data has been cleaned up you can get back to making smarter marketing decisions – based on real data. However, this doesn’t prevent the referrer bots from continuing to ping your website.
To fully block spam bots there needs to be a command at the server level that denies their access completely. Most website’s can control these commands through their .htaccess file found in the root folder.
All the .htaccess deny rules should be set to follow the format below. There are three separate parts to include when writing these rules.
#Block Spam Bot Referrals
SetEnvIfNoCase Referrer social-buttons.com spammer=yes
SetEnvIfNoCase Referrer buttons-for-website.com spammer=yes
Allow from all
Deny from env=spammer
The first section, begins with a hashtag to indicate it’s a comment (to describe what follows) and not a server request.
The second is the command directive. Include a separate line for each referrer link.
The third section must be present at the END of the command directives in order for the server action these requests.
Warning: The .htaccess file is very dangerous. One wrong click of the space bar will completely crash a website. I’m talking 500 Server Error. If you don’t have experience working with .htaccess files I suggest you enlist the help of someone who does.
To make this as easy and painless as possible I wrote the .htaccess rules for all 123 referral spam bots so you can copy and paste them directly into your own .htaccess file.