Update 06/08/2015:
After much testing and research I can conclude that although ht access,IP blocking etc is a method to prevent some referral spam, it is not an absoluteย solution.
Most referral spam comes from manipulating your Google analytics ID to simulate a website referral. In most cases, there is no hit or referral from the actual referral site but a clever bit of code simply telling your analytics GA ID that itย hasย received a referral. โ no one is actuallyย referred to your site, your analytics code is just manipulated to think so.
This in essence means that blocking out this traffic from your server, wonโt work in all cases as there is no real hit in the first place.
The best way to prevent this spam clogging up your analytics is to add a filter to your analytics account for each spammy referral site and then forget about it.
Iโm sure it wonโt be long before Google gets round to a solution for this, however Iโve seen an article where someone posted the same โGoogle will sort it soonโ 10 months ago.
My advice also is to make sure you analytics tracking code is up to date as a fix is mostly likely to come in the form of a tracking code update/patch.
Recently weโve seen a spike in referral traffic for many of the Google Analytics accounts that we manage. Our initial thoughts were of excitement:
Lots of additional traffic from newly-formed inbound links! Woo!
But really, this was not the case.ย As we dug deeper into the Analytics data, we noticed very bad statistics from this new referral data: small amount ofย time spent on site, high bounce rate, etc.ย On further inspection weย also noticed that the sources of the traffic wereย from places like Russia or Eastern Europe.
By checking theย actual referral locations, we found stats that looked a bit like this:
| Source | Sessions | % New Sessions | New Users | Bounce Rate | Pages / Session | Avg. Session Duration | Goal Conversion Rate | Goal Completions | Goal Value |
| site5.floating-share-buttons.com | 72 | 100.00% | 72 | 100.00% | 1 | 00:00:00 | 0.00% | 0 | $0.00 |
| site2.floating-share-buttons.com | 70 | 100.00% | 70 | 100.00% | 1 | 00:00:00 | 0.00% | 0 | $0.00 |
| site1.floating-share-buttons.com | 43 | 100.00% | 43 | 0.00% | 2 | 00:00:44 | 0.00% | 0 | $0.00 |
| site3.floating-share-buttons.com | 36 | 100.00% | 36 | 0.00% | 2 | 00:00:48 | 0.00% | 0 | $0.00 |
| www.event-tracking.com | 27 | 100.00% | 27 | 0.00% | 0 | 00:00:00 | 0.00% | 0 | $0.00 |
| www4.free-social-buttons.com | 19 | 100.00% | 19 | 89.47% | 1.11 | 00:00:47 | 0.00% | 0 | $0.00 |
| 100dollars-seo.com | 18 | 100.00% | 18 | 100.00% | 1 | 00:00:00 | 0.00% | 0 | $0.00 |
| www3.free-social-buttons.com | 14 | 100.00% | 14 | 100.00% | 1 | 00:00:00 | 0.00% | 0 | $0.00 |
| www1.free-social-buttons.com | 13 | 100.00% | 13 | 100.00% | 1 | 00:00:00 | 0.00% | 0 | $0.00 |
This is referral spam data.
What is Analytics Referral Traffic Spam?
Basically Analytics Referral Traffic Spam comes from bots that crawl thousands of sites sending out http requests to the websites with fake referral data.ย By sending fake data they then avoid being detected as bots.ย Itโs usually associated with black hat SEO tactics, or spammers/hackers in general.
A referrer is a name that is passed along when a browser goes from one page to another page (through an HTTP header), and is usuallyย used to indicate where the user is coming from.ย Now, this referrer can be changed for anything, and some people will set it to be aย page they want to promote. Then they willย makeย repeated requests (probably with an automated script) with the intention of showing in the reports andย logs of this WebSite, this is calledย Referrer Spam. โย Matt Cutts
Why Do They Do It?
There is some evidence to suggest that increasing traffic to your website, and therefore referrals, can help improve your SEO rankings.ย However, in reality, search engines like Google are far too clever for this, and this fake spam data will only hurt your potential SEO rankings.
This tacticย can alsoย be used maliciously, to attack a website. Well, we say โattackโ, but itโs more like โannoyโ.ย They can do this byย pushing spammy data, that could result in a slap from Google as a penalty, although this is very unlikely.ย The other obvious malicious intent would be the intent toย screw up your Google Analytics data, which, to be fair, is annoying, but can be overcome relatively simply.
I suppose there is also strain on the server as well, like a type of DDOS attack. However youโd need a lot of referrals to take down a half decent server.
The third and most obvious reason for doing this is the same reason people spam emails all day: to advertise their service/product.ย They are spamming these referrals out all day, and as a result, many people will visit these referral sites to see where the referrals are coming from, which results in free traffic for them,ย albeitย traffic from (most likely annoyed) Google Analytics checkers.
The website/services are targeted atย people who will be checking Google Analytics.ย Things like:
- SEO malt โ a SEO checking tool
- Social sharing buttons
- Free Traffic โ I mean, really, come on!
- SEO Services
- Make Money online
Youย get the picture.
Why Block It?
Well, if being really annoyed by these spammers is not enough, then you should block it because:
- It corrupts your Google Analytics data. Diving through that spam data to get to legit traffic is not going to be too easy.
- Server load and security. At high levels it can slow and put a strain on your server. Itโs likely if youโre targeted by this spam data, other more harmful bots looking for website vulnerabilities may follow.
How to Block It
Iโll list the two easiest ways.
1. Htaccess
Use Apacheโs htaccess to block them from accessing your website, assuming youโre on an Apache server.ย This, weย feel, is the best way, as it stops the bots from accessing your website altogether.
Youโll want to add something like the following to your htaccess file in your root directory:
## SITE REFERRER BANNING
RewriteCond %{HTTP_REFERER} semalt.com [NC]
RewriteCond %{HTTP_REFERER} buttons-for-website.com [NC]
RewriteCond %{HTTP_REFERER} seoanalyses.com [NC]
RewriteCond %{HTTP_REFERER} floating-share-buttons.com [NC]
RewriteCond %{HTTP_REFERER} site1.floating-share-buttons.com [NC]
RewriteCond %{HTTP_REFERER} site2.floating-share-buttons.com [NC]
RewriteCond %{HTTP_REFERER} site3.floating-share-buttons.com [NC]
RewriteCond %{HTTP_REFERER} site4.floating-share-buttons.com [NC]
RewriteCond %{HTTP_REFERER} site5.floating-share-buttons.com [NC]
RewriteCond %{HTTP_REFERER} event-tracking.com [NC]
RewriteCond %{HTTP_REFERER} success-seo.com [NC]
RewriteCond %{HTTP_REFERER} Get-Free-Traffic-Now.com [NC]
RewriteCond %{HTTP_REFERER} free-social-buttons.com [NC]
RewriteCond %{HTTP_REFERER} videos-for-your-business.com [NC]
RewriteCond %{HTTP_REFERER} free-social-buttons.com [NC]
RewriteRule .* - [F]
2. Analytics filters
You can use Google Analytics toย filter out the traffic. This is also helpful as it applies to past historical data.
Youโll want to use a regular expression such as:
.*(semalt(media)?|buttons-for-website).com.*
as a filter in your Google Analytics property.
I would recommend selecting the โBot Filteringโ check box that is found in โView Settingsโ within the โAdminโ tab. Itโs likely that Google in the future may decide to block these refers out altogether.
Conclusion
Following the above suggestionsย should help you block out these annoying spammers.
However, if Creative Brand Design handles your website, hosting or SEO, you can rest assured thatย this has already been actioned by us, for you.