Search Engines And Referrer Spam

by Dave Curtis on January 31, 2016

Wow! Look How Many Visitors My Site Has! (Umm, Nope)

Google Analytics Report View 1

Google Analytics Report View 1

Referrer Spam is what you get when your business’ website is bombarded with visits from spambots. According to Tech Target:
“A spambot is a program designed to collect, or harvest, e-mail addresses from the Internet in order to build mailing lists for sending unsolicited e-mail, also known as spam. A spambot can gather e-mail addresses from Web sites, newsgroups, special-interest group (SIG) postings, and chat-room conversations.”

The second type of Spam Bot acts like a crawler/site-indexer similarly to what Google and Bing do. The only difference is that Google and Bing inform the site that they are search engines and the results don’t go into your analytics. Spam Bots referrer spam is traffic from bots that impersonate a referral link (a link on someone else’ site going back to your site) by sending out requests with a fabricated ‘Referrer” header. This fake backlink traffic is designed to make their site appear in your own analytics so that you’ll click on the link and visit their website.

There are two things you can do to minimize the kinds of damage spambots do. The first is to immediately upon creating your WordPress website install a plug in called Email Address Encoder, a lightweight plugin By Till Krüss (View details and download page) to protect email addresses from email-harvesting robots by encoding them into decimal and hexadecimal entities.

That will prevent the spam bots from grabbing your email addresses. Don’t wait until you’ve already put email addresses on your site though or they’ll already have been grabbed – these bots work fast.

Where your site visitors are really coming from

Where your site visitors are really coming from

Now for one OTHER kind of Referrer Bot – these claim to be search engines of sorts which crawl and index your entire site on a regular basis, and I used to have to manually remove them from my Google Analytics by modifying the server’s .htaccess file by writing code similar to this, which I borrowed from Dale Rodgers in the UK How to Block Semalt Referrer Spam article:


.htaccess code:

# Block Semalt related referrer spam
RewriteEngine On
Options +FollowSymLinks
RewriteCond %{HTTP_REFERER} ^([^.]+.)*?kambasoft.com [NC, OR]
RewriteCond %{HTTP_REFERER} ^([^.]+.)*?savetubevideo.com [NC, OR]
RewriteCond %{HTTP_REFERER} ^([^.]+.)*?semalt.com [NC, OR]
RewriteCond %{HTTP_REFERER} ^([^.]+.)*?embedle.com [NC, OR]
RewriteCond %{HTTP_REFERER} ^([^.]+.)*?extener.com [NC, OR]
RewriteCond %{HTTP_REFERER} ^([^.]+.)*?fbfreegifts.com [NC, OR]
RewriteCond %{HTTP_REFERER} ^([^.]+.)*?feedouble.com [NC, OR]
RewriteCond %{HTTP_REFERER} ^([^.]+.)*?musicprojectfoundation.com [NC, OR]
RewriteCond %{HTTP_REFERER} ^([^.]+.)*?myprintscreen.com [NC, OR]
RewriteCond %{HTTP_REFERER} ^([^.]+.)*?openfrost.com [NC, OR]
RewriteCond %{HTTP_REFERER} ^([^.]+.)*?openmediasoft.com [NC, OR]
RewriteCond %{HTTP_REFERER} ^([^.]+.)*?softomix.com [NC, OR]
RewriteCond %{HTTP_REFERER} ^([^.]+.)*?srecorder.com [NC, OR]
RewriteCond %{HTTP_REFERER} ^([^.]+.)*?videofrost.com [NC, OR]
RewriteCond %{HTTP_REFERER} ^([^.]+.)*?joinandplay.me [NC, OR]
RewriteCond %{HTTP_REFERER} ^([^.]+.)*?backgroundpictures.net [NC, OR]
RewriteCond %{HTTP_REFERER} ^([^.]+.)*?feedouble.net [NC, OR]
RewriteCond %{HTTP_REFERER} ^([^.]+.)*?softomix.net [NC, OR]
RewriteCond %{HTTP_REFERER} ^([^.]+.)*?videofrost.net [NC, OR]
RewriteCond %{HTTP_REFERER} ^([^.]+.)*?joingames.org [NC, OR]
RewriteCond %{HTTP_REFERER} ^([^.]+.)*?soundfrost.org [NC, OR]
RewriteCond %{HTTP_REFERER} ^([^.]+.)*?vapmedia.org [NC, OR]
RewriteCond %{HTTP_REFERER} ^([^.]+.)*?youtubedownload.org [NC, OR]
RewriteCond %{HTTP_REFERER} ^([^.]+.)*?zazagames.org [NC, OR]
RewriteCond %{HTTP_REFERER} ^([^.]+.)*?softomix.ru [NC, OR]
RewriteCond %{HTTP_REFERER} ^([^.]+.)*?srecorder.com [NC]
RewriteRule .* - [F]

The list goes on and on and changes on a daily basis and for one person to manually update it is insane. There’s just no way. By the time you catch on to one and add it your results have been skewed already, plus a new one has come along to play with your analytics results.

Here’s a Choice of Two Other Plugins to use:

Either GM Block Bots or one that I have been using called Block Referer Spam (spelled wrong), which allows you to add in your own blocked sites.

A third type of Spam Bot is the “Ghost Referrer Bot”

These can’t be blocked by any plugin because they target Google’s analytics code directly and never hit your site – they just show up in the analytics itself. Bummer…

Here’s a nice infographic by Wiyre on how “ghost referral bot” spam generates revenue for the spammer.
There is a way to get rid of this too though, and below is a video by GreenMellen Media on how to make that happen:

It’s pretty easy to see that if your webmaster / “SEO” is handing you reports full of “WOW!” looking traffic but you’re getting all sorts of visits from Russia and China etc, that your numbers and perceptions will be confused. The above video will show SEOs how to carefully configure analytics directly to remove any ghost spam from showing up in the results.

Previous post:

Next post: