How To Deal With Google Analytics Spam Data

How To Deal With Google Analytics Spam Data

There are 2 primary kinds of spam data you’ve probably seen show up in your Google Analytics reports. In some cases you may not have even realized it was spam:

1. Spam sites in your referral reports

It looks like this:

Google Analytics Spam Referral Data
These are just a few of the hundreds of spam URLs you might see show up – (actually, lots of sites with the .xyz extension), free-social-buttons,, are some other common ones, but there are soooo many! Those kinds of sites look pretty dodgy from the outset and might ring some alarm bells.

Sadly over time, this type of spam has evolved to hijacking legitimate websites to make it look like you’re getting traffic from some real sites like, (although if you check closely in your report you’ll see the k has been replaced with a Russian character) and more.

Google Analytics Ghost Referral Spam

In these cases it’s harder to tell when it’s spam, unless you click the link and see that you end up on a junk site.

As you can see, this type of spam generates significant numbers, enough to really pollute your Analytics data, as well as get you all excited (over nothing, it turns out) about how much traffic you’re getting. Sadly, these are just nuisance spammers trying to get you to click their links and  inflate their own rankings.

2. Spam in the browser language report

It looks like this:

Google Analytics Browser Language Spam

The spam here is fairly consistently referencing Vitaly, (the hacker who is doing all this) and “Vote for Trump”.

There are 2 primary ways in which this spam is inflicted upon your site:
1. Spam from actual visits to your sites from evil spam bots
2. “Ghost” spam which hijacks your Analytics tracking code without an actual site visit

There are  2 approaches to tackling these problems:
1. Stop it at the source by using server-side measures like htaccess rules
2. Filter it out of your Analytics reports. So the spam still hits your site, but you don’t let it pollute your traffic reports.

The caveat is that approach #1, of stopping it at the server-level, is only effective against problem #1 – spam from actual visits.

“Ghost” spam cannot be prevented in the same way because there isn’t an actual visit to your site. In that case, your only recourse is to clean up your Analytics data.

How to Block Spambot Visits

The approach here is most often to add rules to the htaccess file that block the spam bots and deny them access to your site. The good thing about this approach is that these visits will be blocked before Analytics can track them, so it never makes its way into your reports. It’s easy to implement, the only challenge can be keeping up with the list of spam domains that need to be blocked.

And again, I have to emphasize it only stops one kind of spam, it does not prevent “ghost”spam.

You can do it manually or with a plugin. If you want to use a plugin, here are a few I’ve found which seem to be regularly maintained:

Analytics Spam Blocker
Adds rules to the htaccess file

Block Referer Spam
Adds rules to the htaccess file
Also gives you the option to easily add more domains to block.

GM Block Bots
I’ve seen this plugin frequently recommended, but it doesn’t use the htaccess file. For that reason, if you have any caching on your site, I don’t think this plugin will work 100% effectively.

If you want to manually add rules to your htaccess file, you can use a format like the below.

# HTTP Referrer Blocking
RewriteEngine on
RewriteCond %{HTTP_REFERER} ^http://([^.]+\.)*floating-share-buttons\.com [NC]
RewriteCond %{HTTP_REFERER} ^http://([^.]+\.)*traffic2cash\.xyz [NC]
RewriteCond %{HTTP_REFERER} ^http://([^.]+\.)*adf\.ly [NC]
RewriteCond %{HTTP_REFERER} ^http://([^.]+\.)*get-free-social-traffic\.com [NC]
RewriteCond %{HTTP_REFERER} ^http://([^.]+\.)*snip\.to [NC]
RewriteCond %{HTTP_REFERER} ^http://([^.]+\.)*share-buttons\.xyz [NC]
RewriteCond %{HTTP_REFERER} ^http://([^.]+\.)*claim64718844.copyrightclaims\.org [NC]
RewriteCond %{HTTP_REFERER} ^http://([^.]+\.)*get-your-social-buttons\.info [NC]
RewriteCond %{HTTP_REFERER} ^http://([^.]+\.)*\.com [NC]
RewriteRule ^.* - [F,L]
# END HTTP Referrer Blocking


You can choose to add only the sites you’ve been seeing in your reports, although you’ll probably find new ones always cropping up, or utilize one of the available lists, such as this one maintained by Piwik.

How To Clean Up Your Analytics Reports

Even if you implement the above steps to block spam referrals, you still have to deal with the data pollution they’ve already caused, and of course, any  “ghost” spam you may be getting.

The only way to deal with “ghost” spam is at the Analytics level, by doing one or both of:

  • Setting up filters that will prevent polluted data entering your report
  • Setting up advanced segments that you can apply to view your data without the spammy stuff

I was going to detail the steps myself, but honestly, use this guide instead, it’s comprehensive and amazing:

It looks a little overwhelming at first, but each step is detailed very well, making it easy to follow and implement. If you do nothing else because the filters scare you off, at least follow the steps to apply the advanced segments.

Now you can enjoy spam-free data! Try not to get too disheartened about all the “traffic” you seem to have lost ;)

Weekly WordPress Tips To Your Inbox

  • This field is for validation purposes and should be left unchanged.

Leave a Reply

Your email address will not be published. Required fields are marked *