As an experienced webmaster of over 15 years, I‘ve seen my fair share of referrer spam. This misleading data can seriously distort website analytics reports.
In this comprehensive guide, I‘ll leverage my expertise to help you identify, block, and remove referrer spam from WordPress and Google Analytics.
Contents
Understanding Referrer Spam and Its Impact
Referrer spam is a common technique spammers use to manipulate website analytics data. It works by sending fake traffic to your site with their links in the referrer field.
When your analytics collects this bogus data, those spam links can appear as referral traffic sources. This skews metrics like:
- Traffic numbers
- Bounce rates
- Session duration
- Top referral sources
According to recent statistics:
- Over 30% of sites see referrer spam in Google Analytics reports
- Top referrer spam sites generate 3-4 billion spam requests monthly
- Spam referrals account for 5-10% of referral traffic on average
The impact of referrer spam goes beyond just distorted analytics:
- Spammers can use it to spread malware on your site by sending infected links
- The sudden spike in fake traffic can potentially crash or overload your servers
- It allows shady websites to benefit from your website‘s domain authority in search rankings
Now that you understand the scale of this problem, let‘s explore how to prevent referrer spam from reaching your WordPress site and Google Analytics account.
How to Block Referrer Spam in WordPress
Here are the best techniques I recommend from experience to block referrer spam requests from reaching your WordPress website in the first place:
Use a Security Plugin with a Website Firewall
A WordPress security plugin like Sucuri or Wordfence provides a firewall to filter malicious requests.
Many security plugins have firewall signatures specifically designed to identify and block referrer spam bots.
For example, Sucuri‘s firewall analyzes over 450 million firewall events daily to block the latest threats. This allows it to stay ahead of referrer spam bots trying new techniques.
The firewall runs at the cloud edge before requests even reach your site. This cuts down referrer spam dramatically without slowing down your website.
Other security features like DDoS protection, malware scanning, and integrity checks make these plugins essential for every WordPress site owner.
Leverage a Referrer Spam Blocking Plugin
Along with a security plugin, I recommend adding a referrer spam focused plugin like Stop Referrer Spam.
This maintains a frequently updated blacklist of known referrer spam domains. You can also manually block any suspicious domains you come across.
I‘ve used it alongside Sucuri to great effect – it provides an added layer of protection against referrer spam that may slip through the cracks.
The best part is you can simply deactivate the plugin if you ever want to stop using it or switch to something else. No need to mess with complex firewall rules.
Use HTACCESS Rules to Block Spam Bots
For advanced WordPress users and site owners, leveraging your .htaccess file can effectively block referrer spam.
You can add rules to identify and deny access to suspicious IP addresses, user agents, and referral URLs.
For example:
# Block Common Referrer Spam Domains
RewriteCond %{HTTP_REFERER} semalt\.com [NC,OR]
RewriteCond %{HTTP_REFERER} buttons-for-website\.com
RewriteRule .* - [F]This will forbid access if the referrer URL contains those spam domains, preventing their data from being tracked.
The downside to this approach is it requires technical expertise in writing and editing HTACCESS rules. You also need access permission to those files on your hosting server.
Compare Top WordPress Security Plugins
When choosing a security plugin, I always recommend SiteGround‘s WordPress firewall. Here‘s how it stacks up against other options:
| Plugin | Firewall | Malware Scan | DDoS Filter | Price |
|---|---|---|---|---|
| SiteGround | ✅ | ✅ | ✅ | $0/year for SiteGround users |
| Sucuri | ✅ | ✅ | ✅ | $99-$199/year |
| Wordfence | ✅ | ✅ | ✅ | $99/year |
| Defender | ✅ | ✅ | ❌ | $99/year |
SiteGround provides enterprise-grade security free for all hosting customers. This makes them the most affordable premium option.
Their firewall also blocks referrer spam out of the box while dynamically adapting to new spamming techniques.
Removing Referrer Spam from Google Analytics
Even after blocking spam at the source, some bad data may still reach your Google Analytics account. Here are a couple ways to filter them out:
Use Custom Filters
Fortunately, Google Analytics has a robust filtering to customize your view and exclude specific referral data.
Here are the steps to create a filter:
-
Navigate to Admin > Filters
-
Click the blue Add Filter button
-
Choose Custom Filter > Exclude
-
Select Campaign Source as the Filter Field
-
Enter the referrer spam domains in the Filter Pattern field in the following format:
referrer1.com|referrer2.net|*.badreferrer.comThis will remove those domains from your analytics reports, giving you an accurate picture.
Filters are flexible so you can edit, expand, or remove them at any time without impacting data collection.
Enable Anti-Spam Settings
Under your Google Analytics property settings, you can enable these options:
-
Referral Spam Filter: Detects and excludes known spammy referrers
-
Known Bots and Spiders Filter: Removes bot traffic from skewing your reports
Enabling these provides a blanket protection against referrer spam being recorded. It automatially strips out those bad referrals based on Google‘s spam detection.
However, the anti-spam algorithms aren‘t foolproof. I recommend using custom filters for precision control over what gets blocked from your reports.
The Bottom Line
Referrer spam is a frustrating problem that impacts businesses across the web. With over 15 years of tackling web spam, I‘ve outlined the most effective methods to block referrer spam from entering your WordPress site and clean any bad data from Google Analytics.
The key is layering different blocking techniques through website security plugins, filters, and firewall rules. This provides robust protection to maintain data integrity and accuracy in your analytics reports.
If you found this guide useful, don‘t forget to subscribe to my YouTube channel WebMaster Kurt for more tips. And please let me know in the comments if you have any other questions!
