Referrer SPAM Explained And How To Block with .htaccess rules

Article Updated: 2018 Sep 07

IMPORTANT: For advanced SPAM protection check FREE open-source script ZB Block ( read in-depth article + video )

IF you are a dedicated web developer and you care about your website statistics and analytics data, you are already using Google Analytics, Piwik Analytics, Open Web Analytics or other website visitors data collection and analysis platforms.

Anti-SPAM Logo

Anti-SPAM Logo

WHAT IS THIS REFERRAL SPAM PHENOMENA? WHAT IS THEIR AGENDA?

Simply put, they are advertising directly to YOU, my fellow webmaster! They are desperately trying to gain traffic to their junk websites via referral URLs and this is the most effective and relatively cheap way to do it. And here is why – take this screenshot from Google Analytics, for example:

Google Analytics - Referrer URL Spam

Google Analytics Dashboard – Referrer URL Spam

As you can see, they are ranked at the top position of the referrer URL table inside Google Analytics dashboard and that was their ultimate goal – to make you wonder who they are and visit their website! Increasing their visibility, buzz-word and alike are added bonuses to their dirty campaign.

Also, from the above data, we can notice another distinct characteristics of referral spam bots behavior:

1) 100.00 % Bounce Rate – they usually visit your index page and immediately leave. This is highly unlikely scenario from human-like browsing (real visitors) where they either come to an index page and than go somewhere else, or use search engine to find particular page directly.

2) Excessive use of sub-domains (site01.example.com, site02.example.com, site03.example.com etc.). This is done in order to mask their obvious spamming activity and abuse service, and to increase their visibility rate. Additionally, this may require a bit more intelligent spam filtering, and it is another reason why they do it. Sub-domains do not cost anything, after all.

Same example from the Piwik Analytics platform – again, notice their high position in the Referrer Websites widget table:

Piwik Analytics - Referrer URL Spam

Piwik Analytics – Referrer URL Spam

ANALYZING TRAFFIC SOURCES FROM REFERRER SPAM URLs

Creating a simple view filter in PIWIK Visitors > Visitors Log > Add new segment section, we can display only those spam referrals and analyse the IP range and countries they are coming from:

Piwik Analytics - How To Create View Filter For Referrer SPAM - ADD NEW SEGMENT Example

Piwik Analytics – How To Create View Filter For Referrer SPAM – ADD NEW SEGMENT Example

As we can clearly see, at least in case of our website, the country from where this referral spam mostly originate is Brazil, however, there is no strict rule that you can simply apply to it – the IP range and countries are dynamic and changing on a daily basis:

Piwik Analytics - Referrer URL Spam - Filtering Results + Country Analysis

Piwik Analytics – Referrer URL Spam – Filtering Results + Country Analysis

Another possibility is that usual malware (viruses, trojans, spyware etc.) can be easily modified to simulate referral traffic from machines all across the globe, infecting as many victims as possible and doing all the spam work without any knowledge of the owners.

It seems that someone has invested a great deal of effort into this business to affect as much websites as possible. Is there a simple cure to this and how can you get rid of it ever showing up in your analytics platform dashboards?

HOW TO BLOCK REFERRER URL SPAM WITH APACHE .HTACCESS RULES

If you are on Apache server here are the .htaccess rules that we use to stop spam from ever showing up in our logs (put this code at the very top of your .htaccess file). You should be aware that they are changing their referring links from time to time, so the rules will need to be updated periodically.

# Referrer SPAM
<IfModule mod_rewrite.c>
# seo & spam
RewriteCond %{HTTP_REFERER} ^http(s)?://([^.]+\.)*keywords-monitoring-success\.com [NC]
RewriteRule (.*) http://www.keywords-monitoring-success.com [R=301,L]
RewriteCond %{HTTP_REFERER} ^http(s)?://([^.]+\.)*keywords-monitoring-your-success\.com [NC]
RewriteRule (.*) http://www.keywords-monitoring-your-success.com [R=301,L]
RewriteCond %{HTTP_REFERER} ^http(s)?://([^.]+\.)*free-video-tool\.com [NC]
RewriteRule (.*) http://www.free-video-tool.com [R=301,L]
RewriteCond %{HTTP_REFERER} ^http(s)?://([^.]+\.)*fix-website-errors.com\.com [NC]
RewriteRule (.*) http://www.fix-website-errors.com.com [R=301,L]
# best-seo-solution
RewriteCond %{HTTP_REFERER} ^http(s)?://([^.]+\.)*best-seo-solution\.com [NC]
RewriteRule (.*) http://www.best-seo-solution.com [R=301,L]
# best-seo-offer
RewriteCond %{HTTP_REFERER} ^http(s)?://([^.]+\.)*best-seo-offer\.com [NC]
RewriteRule (.*) http://www.best-seo-offer.com [R=301,L]
# buttons-for-website
RewriteCond %{HTTP_REFERER} ^http(s)?://([^.]+\.)*buttons-for-website\.com [NC]
RewriteRule (.*) http://www.buttons-for-website.com [R=301,L]
# simple-share-buttons
RewriteCond %{HTTP_REFERER} ^http(s)?://([^.]+\.)*simple-share-buttons\.com [NC]
RewriteRule (.*) http://www.simple-share-buttons.com [R=301,L]
# buttons-for-your-website
RewriteCond %{HTTP_REFERER} ^http(s)?://([^.]+\.)*buttons-for-your-website\.com [NC]
RewriteRule (.*) http://www.buttons-for-your-website.com [R=301,L]
# get-free-traffic-now
RewriteCond %{HTTP_REFERER} ^http(s)?://([^.]+\.)*get-free-traffic-now\.com [NC]
RewriteRule (.*) http://www.get-free-traffic-now.com [R=301,L]
# sharebutton
RewriteCond %{HTTP_REFERER} ^http(s)?://([^.]+\.)*sharebutton\.net [NC]
RewriteRule (.*) http://sharebutton.net [R=301,L]
# buy-cheap-online
RewriteCond %{HTTP_REFERER} ^http(s)?://([^.]+\.)*buy-cheap-online\.info [NC]
RewriteRule (.*) http://www.buy-cheap-online.info [R=301,L]
# free-share-button
RewriteCond %{HTTP_REFERER} ^http(s)?://([^.]+\.)*free-share-button\.com [NC]
RewriteRule (.*) http://www.free-share-button.com [R=301,L]
# free-share-buttons
RewriteCond %{HTTP_REFERER} ^http(s)?://([^.]+\.)*free-share-buttons\.com [NC]
RewriteRule (.*) http://www.free-share-buttons.com [R=301,L]
# 100dollars-seo.com
RewriteCond %{HTTP_REFERER} ^http(s)?://([^.]+\.)*100dollars-seo\.com [NC]
RewriteRule (.*) http://www.100dollars-seo.com [R=301,L]
# video--production.com
RewriteCond %{HTTP_REFERER} ^http(s)?://([^.]+\.)*video--production\.com [NC]
RewriteRule (.*) http://www.video--production.com [R=301,L]
# videos-for-your-business.com
RewriteCond %{HTTP_REFERER} ^http(s)?://([^.]+\.)*videos-for-your-business\.com [NC]
RewriteRule (.*) http://www.videos-for-your-business.com [R=301,L]
# success-seo
RewriteCond %{HTTP_REFERER} ^http(s)?://([^.]+\.)*success-seo\.com [NC]
RewriteRule (.*) http://www.success-seo.com [R=301,L]
# floating-share-buttons
RewriteCond %{HTTP_REFERER} ^http(s)?://([^.]+\.)*floating-share-buttons\.com [NC]
RewriteRule (.*) http://www.floating-share-buttons.com [R=301,L]
# get-free-social-traffic
RewriteCond %{HTTP_REFERER} ^http(s)?://([^.]+\.)*get-free-social-traffic\.com [NC]
RewriteRule (.*) http://www.get-free-social-traffic.com [R=301,L]
# free-floating-buttons
RewriteCond %{HTTP_REFERER} ^http(s)?://([^.]+\.)*free-floating-buttons\.com [NC]
RewriteRule (.*) http://www.free-floating-buttons.com [R=301,L]
# event-tracking
RewriteCond %{HTTP_REFERER} ^http(s)?://([^.]+\.)*event-tracking\.com [NC]
RewriteRule (.*) http://www.event-tracking.com [R=301,L]
# chinese-amezon
RewriteCond %{HTTP_REFERER} ^http(s)?://([^.]+\.)*chinese-amezon\.com [NC]
RewriteRule (.*) http://www.chinese-amezon.com [R=301,L]
# rankings-analytics.com
RewriteCond %{HTTP_REFERER} ^http(s)?://([^.]+\.)*rankings-analytics\.com [NC]
RewriteRule (.*) http://www.rankings-analytics.com [R=301,L]
# 1-99seo.com
RewriteCond %{HTTP_REFERER} ^http(s)?://([^.]+\.)*1-99seo\.com [NC]
RewriteRule (.*) http://www.1-99seo.com [R=301,L]
# auto seo service (all variants)
RewriteCond %{HTTP_REFERER} ^http(s)?://([^.]+\.)*autoseoservice\.org[NC]
RewriteRule (.*) http://www.autoseoservice.org [R=301,L]
RewriteCond %{HTTP_REFERER} ^http(s)?://([^.]+\.)*autoseo-service\.org [NC]
RewriteRule (.*) http://www.autoseo-service.org [R=301,L]
RewriteCond %{HTTP_REFERER} ^http(s)?://([^.]+\.)*auto-seo-service\.org [NC]
RewriteRule (.*) http://www.auto-seo-service.org [R=301,L]
</IfModule>

Newer versions of Piwik / Matomo do filter those spammers keeping your mind at peace up to a certain level, however, they also need to release new version of the software and you need to continuously follow the upgrades in order to keep up with new rules. And you probably have some better things to do than constantly updating analytics software.

Another benefit of htaccess approach is that it will also filter referrer spam inside your Google Analytics dashboard, or any other analytics tool for that matter.

Over time you should add additional lines that follow above structure once you notice new URLs in your analytics dashboard.

GOOGLE ANALYTICS DASHBOARD – HOW TO CREATE A VIEW REFERRAL SPAM FILTER

IF following is true:

1) you do not want to use .htaccess rule for various reasons — for example: Rewrite Rules can interfere with other rules on many occasions, creating conflicts and non-proper website functioning or simply because you use another server (like nginx)

2) you do not use Piwik, but only Google Analytics platform

You can still filter out referrer spam by creating a View Filter in Administration > View > Filters – take a look at the following example:

Google Analytics - View Settings - Referral SPAM Filter

Google Analytics – View Settings – Referral SPAM Filter

Copy/Paste below regular expression code for Google Analytics Filter to filter out all known spam websites (this expression will be updated from time to time, so make sure you come back and check) :

IMPORTANT NOTES:
– keep it as a single line without breaks
– due to Google’s maximum 255 characters input form limitation for filter expressions, you need to split them into multiple separate filters

.*(buttons\-for\-website|buttons\-for\-your\-website|buttons\-for\-website|simple\-share\-buttons|best\-seo\-solution|best\-seo\-offer|get\-free\-traffic\-now|free\-share\-buttons|100dollars\-seo)\.com.*
.*(video\-\-production|videos\-for\-your\-business|success\-seo|floating\-share\-buttons|get\-free\-social\-traffic|free\-floating\-buttons|event\-tracking|chinese\-amezon|rankings\-analytics|1\-99seo)\.com.*
.*(auto\-seo\-service|autoseo-service|autoseoservice)\.org.*

However, the Google Analytics filtered view has some limitations you should be aware of:

  • Filters require up to 24 hours before they are applied to your data
  • Filters are effective from the moment you define them, they are not retro-actively applied
  • Filters are destructive, if you use them for your main/default view, data will be permanently lost

This means that you will still see those links in your Referral Table for some time (default 30 days reporting interval)

GOOGLE ANALYTICS – REFERRAL EXCLUSION LIST

Another convenient way to exclude referral traffic from set of domains that you can manually define in Administration > Property > Referral Exclusion List following these screenshots:

Google Analytics - Referral Exclusion List 1

Google Analytics – Referral Exclusion List 1

Define main domain of the website you wish to exclude:

Google Analytics - Referral Exclusion List 2

Google Analytics – Referral Exclusion List 2

And finally save – the list should appear as following:

Google Analytics - Referral Exclusion List 3

Google Analytics – Referral Exclusion List 3

GOOGLE ANALYTICS – BOT FILTERING – EXCLUDE HITS FROM BOTS AND SPIDERS

And final tool that may help you combat Referrer SPAM within Google Analytics platform is to activate Bot Filtering, which will try to exclude hits from known bots and spiders from your View. However, same applies as for Custom Filters above, the setting will take time to be applied and become effective.

Administration > View > All Web Site Data > View Settings > Bot Filtering

Google Analytics - Bot Filtering - Exclude Hits From Bots and Spiders

Google Analytics – Bot Filtering – Exclude Hits From Bots and Spiders

 

tags: stop analytics referrer spam, block ga spam, stop piwik referrer spam

 

Comments


  1. comments

    7 Comments

    Add Your Comment
  2. 1. Larry

    Thanks for this info, however I already have some lines in my htaccess. They look like this:
    # BEGIN WordPress

    RewriteEngine On
    RewriteBase /
    RewriteRule .* – [E=noabort:1]
    RewriteRule ^index\.php$ – [L]
    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteRule . /index.php [L]

    # END WordPress

    Where do I put yours. Leave mine alone and add it to the bottom before # END WordPress? Or put it above this like you said, right at the top above the #Begin WordPress? Thanks.

  3. 2. TehnoBlog (In reply to Larry)

    Hi, simply place the code above the WordPress one and it should work fine, for example:

    line 01 ... # Referrer SPAM code here
    line 10 ... # BEGIN WordPress
    line 20 ... # END WordPress

    Empty lines will not harm .htaccess file in any way, they are ignored and commentary lines begin with # hash-tag symbol.

  4. 3. TehnoBlog

    In-depth article + video tutorial of excellent SPAM protection tool for WordPress and other CMS systems:
    http://tehnoblog.org/wordpress-security-pro-tips-zb-block-installation-tutorial/

  5. 4. Stacy

    This was VERY helpful. I used the Google Analytics code and it seemed to work. Thank you!

  6. 5. TehnoBlog

    @ Stacy
    Thanks :)

  7. 6. Julia

    Thanks for sharing your experience; however, just wondering… With some sites transitioning to “https:” have you had to go back and add a line for each one to block the https protocol or have you had any trouble with this?

    JE

  8. 7. TehnoBlog (In reply to Julia)

    Hi Julia, thanks for commenting. You can simply modify rewrite rules to check both http and https conditions.
    Replace ^http with ^http(s)? or ^https?
    Regards

Post A Comment

I have read and consent to Privacy Policy and Terms and Conditions