Referrer spam is a black hat marketing technique that spoofs user agents and tricks webmasters into visiting a malicious web host. Referrer spam shows up in your traffic reports such as Google Analytics, and some webmasters are concerned that the spam affects SEO and search engine rank. This article describes referrer spam and how you can deal with it.

Before going any further, note that Referrer spam in itself is USUALLY no cause for panic. However, it is a nuisance, and depending on the size of your site it could be having a very meaningful effect on your data.

Referrer Spam – What Is It?

Referrer spam takes advantage of traffic reporting tools by placing a referral record into your website traffic reports. A referral in the Internet marketing world is a website that sends you traffic. You can verify when a site sends you traffic by reviewing certain reports such as Google Analytics. Most people open the site sending them traffic, and it’s this behavior that referral spammers count on.

How Referrer Spam Works

Let’s say you have a website called “YourSite.com”. A blogger somewhere has a site named “SomeBlog.com” and places a link to your site on one of his blog posts. As people click on this link, the traffic is considered referrals and when you open Google Analytics, your reports would show that “SomeBlog.com” sent you some visitors. Most likely, you want to know who put a link on their site, so you open the “SomeBlog.com” website to review it. It’s this type of human behavior that referrer spammers take advantage of.

Let’s take the same example, but let’s trade “SomeBlog.com” for “GreedySpamAffiliateSite.com”. Now, when you open the spam site, it redirects you to an eCommerce shop with the spammer’s affiliate ID. It’s this type of black hat marketing that tricks you into visiting a website. The affiliate spammer then places a cookie on your machine so any subsequent purchases from you on the target eCommerce website give the spammer income.

Referral spam doesn’t just work for black hat affiliates. Some spammers use this method to advertise their site. For instance, a spammer might want to attract attention to a webmaster in an effort to sell him traffic. The spammer sends referrals to your new site with a user agent such as “Free-Online-Traffic.com”. New website owners are usually desperate for marketing and traffic ideas, so they take a look at the spammer’s site, which usually offers false claims and promises. Free and paid traffic services are notorious for referrer spam. Some porn sites use the same black hat methods.

Incidentally, buying traffic does not help in ranking and only serves to artificially inflate traffic numbers.

How Do You Deal with Referral Spammers?

Referrer spammers are generally harmless. Although it’s still considered a black hat marketing technique, referrer spam will not harm your search engine rank. The only way a referrer spammer can harm your rank is if the traffic is too much for your server to deal with. In this case, your server crashes and no longer responds to search engines, which is a problem for rank.

In most instances, referral spammers are mostly a nuisance. You can, however, deal with them in a number of ways:

1. Filter Them Out Of Google Analytics Reports

The first and most time-efficient method of dealing with referrer spammers is filtering them out of your reports. Google Analytics offers filters, which remove specific records from your reports so that they don’t affect your statistics. Filter out each referrer that sends too much bot traffic to your site, and you don’t need to bother with the issue anymore. The referrer still sends bot traffic, but it’s no longer reported as a traffic source.

RELATED READING: How to Use Google Analytics with Your SEO Campaigns

You can create a filter for your sites in Google Analytics by navigating to the Admin tab and then clicking on All Filters. Click on the Add Filter button and then create a Custom Exclude for Campaign Source. Enter the domains you want to exclude using Regex. The format should be like this:

Of course you can modify and extend that Regex as appropriate. To include a new referral spam domain, just add a vertical line (“|”) and then the name of the domain. Escape dots by adding a backslash (“\”) before them. It is better not to add the whole domain, but just the unique part of it, but this would vary between domains.

2. Block Them Via .htaccess Or Via Code

The next method is to block access through your code or your .htaccess file if you use Linux hosting. The .htaccess file lets you block bot traffic either by IP address or by domain name or by user agent, which is the property used to see a referral. For example, you can copy and paste the following code into your .htaccess file:

NOTE: The .htaccess file is a very powerful file that dictates how your server behaves. If you upload an .htaccess file with one character out of place, you will likely take down the whole site. Before you make any changes to the file, I would suggest making a backup. If you don’t feel comfortable making these edits, see the WordPress plug-in option below.

Block Them Via .htaccess [CONT’D]

You should block an IP or range of IPs sparingly, because IP addresses are dynamic and aren’t permanently assigned to the same host. Once the referrer spammer removes the site (and most spammers delete a site eventually), the IP is put back into the general pool. The IP could then be assigned to a legitimate source that could browse your site. If you block by IP, this legitimate source won’t be able to display your website.

3. WordPress? Use A Plugin

If you use WordPress and you don’t want to (or don’t have access to) edit your .htaccess file or don’t feel comfortable doing so, you can use the WP-Ban plugin. It will display a custom ban message when the banned IP, IP address range, host name, or referrer url tries to visit your blog. You can also exclude certain IPs from being banned. There will be statistics recorded on how many times they attempt to visit your blog. It allows wildcard matching too.

4. Firewall Blocking

This method involves blocking the IP at the firewall level. This, like the .htaccess method, is not the preferred method. Just like the .htaccess method, you might block an IP permanently and limit the ability of possible future legitimate traffic (until you change your firewall settings at least). A firewall acts as a filter between your web server and the internet and can protect your website from bad bots.

5. Use A Service: Referrer Spam Blocker

Although I haven’t tried this service, I hear it’s pretty good and offers a no-code solution to removing referrer spam from your analytics. I plan to check it out some time. It’s free too!

Conclusion

Some webmasters are concerned that referral spammers affect ranking. When a site sends you traffic, Google’s ranking algorithm is unaware of the referral. Yes, it’s viewable in Google Analytics, but as confirmed by a Google engineer in the embedded video below, Google does not use Analytics as a ranking factor or as part of its data mining for search.

Referrer spam is just a nuisance, but you can easily handle it by applying one of the five methods mentioned above. For most people, filtering the traffic through reporting is sufficient enough in eliminating the nuisance. That is my recommended approach.