Fake visits not only can cause distortion of statistics but is also a source of problems with the site’s reference profile, user experience, and even security. Why are fake visitors (bots) dangerous, and how to deal with them? Let’s take a look at the question further in this post.
Referral Traffic
Perhaps the most common problem faced by site owners is traffic generated by bots, who may attack your platform for various purposes:
- to set links to the site being promoted;
- to spread viruses;
- to expand the bot's network (when clicking on a link to the domain from which traffic comes, the user's computer may be automatically infected for further spread of spam);
- to steal user data (for the subsequent distribution of spam or advertising);
- to substitute content in order to spread someone else's advertising or transfer the user to another site.
Moreover, it often happens that the owner may not know about serious problems with the site. So, if the site is infected with a virus that replaces the content, new visitors will not know that they are being cheated. As a platform owner, you need to make sure that this situation never happens. For this purpose, you can use cleantalk email checker; email verification for existence will help you sort out all the data.
If you see strange traffic sources in your Google Analytics reports, you should figure out where they come from. The difficulty is that some bots can imitate the behavior of real users. But there is good news: they can still be identified and blocked. Consider what actions are worth taking:
- Identify bots - To separate the natural traffic from viral or stranded, you should compare GA data by source of visits - domains, geolocation, browsers, IP, etc. If the traffic from any source is clearly different from the average, you should pay attention to it.
- Check suspicion - Webmasters prepare lists of domains from which spam is sent; these can be used to verify detected sources. Obviously, suspicious resources are usually domains containing the words “site” and/or “button” in the title.
Note! Clicking on links to suspicious domains can be dangerous, and self-checking of suspicious resources can only be performed on a computer protected by an antivirus!
- Blocking traffic sources - There are several ways to prevent bots from accessing the site:
- domain lock;
- blocking the IP address or address pool (this and previous actions are performed in the .htaccess file);
- using the Google feature “Exclude hits from unknown bots and spiders.”
In order to prevent bots from visiting data, reports of spammer domains can be included in Google Analytics filters.
4. Prevent new attacks - It must be remembered that blocking does not solve the problems with website security. Therefore, to prevent new attacks, we advise you to install a firewall and use all the protective features of the CMS.
It is important to note another problem: there are bots that can steal the site ID from the Google Analytics code. To protect your platform against such actions, it is recommended to use Google Tag Manager. If the theft has already happened, you will probably need to change web hosting.
