Table of Contents

  1. Exclude a single referrer
  2. To Exclude multiple referrers
  3. Block Analytics Spam in .htaccess
  4. Block IPs in Cloudflare CDN

Fix: enter-url-1.xyz Analytics Spam

Posted on September 21st, 2018 by Mighil

Fix 99-reasons-for-seo.com Analytics Spam

This blog post is a master guide to block Google Analytics referrer spam. I’ve added various methods to block the referral spam and I’ll update the content accordingly.

You’re here because of the new referral traffic from enter-url-1.xyz, goodname1.xyz, 500-good-starts.xyz, 2-easy.xyz, secret-promotion.com, get-here-web.com, yesgood-now.com, yes-do-now.com, advert-seo.com, advertising-seo.com, ads-seoservices.com, seo-services-ads.com, ads-services-seo.com, ads-seo-manager.com, ai-seo-service.com, fast-seo-links.com, autoseotips.com, wakeupseoconsultant.com, 1-best-seo.com, 9-reasons-for-seo.com, 16-reasons-for-seo.com, local-seo-for-multiple-locations.com, seo-b2b.com, affordable-link-building.com, free-seo-consultation.com, get-seo-help.com, your-seo-promotion.com or its variants are spamming your Google Analytics data. Here’s how to block that single referral domain and related multiple referrers.

Method 1: block referral spam using Google Analytics
Method 2: disable spam in .htaccess (for Apache servers)
Method 3: disable spam in NGINX
Method 4: disable spam using Cloudflare

UPDATES:
10/05/2019: Added enter-url-1.xyz fix.
06/05/2019: Added check-pro1.xyz fix.
24/04/2019: Added goodname1.xyz fix.
18/04/2019: Added 500-good-starts.xyz fix.
04/04/2019: Added 2-easy.xyz fix.
03/30/2019: Added secret-promotion.com fix.
03/19/2019: Added get-here-web.com fix.
03/12/2019: Added yesgood-now.com fix.
03/11/2019: Added yes-do-now.com fix.
03/07/2019: Added one-a-plus.xyz fix.
02/26/2019: Added advert-seo.com fix.
02/25/2019: Added advertising-seo.com fix.
02/19/2019: Added big-seo-deal.com fix.
02/18/2019: Added ads-seoservices.com fix.
02/15/2019: Added seo-services-ads.com fix.
02/13/2019: Added ads-services-seo.com fix.
02/11/2019: Added ads-seo-manager.com fix.
02/08/2019: Added ai-seo-service.com fix.
01/31/2019: Added fast-seo-links.com fix.
01/23/2019: Added autoseotips.com fix.
01/18/2019: Added wakeupseoconsultant.com fix.
01/15/2019: Added bestecommerceseo.com fix.
12/19/1018: Added 1-best-seo.com fix and NGINX method to block the Analytics spam.
12/06/2018: Added 16-reasons-for-seo.com fix.
12/05/2018: Added 15-reasons-for-seo.com fix.
12/04/2018: Added  99-reasons-for-seo.com fix.
12/03/2018: Added  100-reasons-for-seo.com fix.
11/29/2018: Added local-seo-for-multiple-locations.com fix.
11/14/2018: Added seo-b2b.com fix.
11/07/2018: Added affordable-link-building.com fix.
11/01/2018: Added free-seo-consultation.com fix.
10/27/2018: Added get-seo-help.com fix.
10/13/2018: Added the solution to fix seo-services-with-results.com Analytics spam
10/10/2018: Added the solution to fix better-seo-promotion.com spam.
09/27/2018 11:57 PM: Blimey! It seems like they’re targeting me for writing this blog post.
09/27/2018 11:16 PM: Added the Cloudflare method to block servers that spam your website.
09/25/2018: This guide has the solution to fix your-seo-promotion-service.com-spam, my-seo-promotion-service.com, and other domains that spam Google Analytics. Just change the domain name/URL accordingly. I’ve added a new .htaccess method also (future-proof).

Exclude a single referrer

How to Block your-seo-promotion.com Analytics Spam (September 2018)

  1. Sign in to Google Analytics.
  2. Click Admin, and navigate to the view in which you want to create the filter.
  3. In the VIEW column, click Filters.
  4. Click + New Filter. (If you can’t see this button, you do not have the necessary permission.)
  5. Select Create new Filter.
  6. Enter a name for the filter. Let’s name it enter-url-1.xyz.
  7. Set the Filter Type to Custom.
  8. Click the Select filter type drop-down menu and select Exclude.
  9. Now Set the Filter field to Campaign Source.
  10. Enter the Filter Pattern. In this case, add enter-url-1.xyz (the-spam-domain-name.tld) and click Save.

To Exclude multiple referrers

You can use the regular expression in the Filter Pattern field to exclude several referring sources.

i.e., If you want to add multiple URLs, make a filter pattern separated by a | (pipeline).

Example:

otherspammysite\.com|*enter-url-1\.xyz

Visit this link to learn more about setting filters on different levels. You may also set the Language Settings Filter and Campaign Referral Path Filter as well.

Block Analytics Spam in .htaccess

Applying filters is more like a band-aid solution. The spam sites are still sending traffic to your website, and GA doesn’t show it. Want to block the referral sites before they get to your site? There are two methods to block referral spam using .htaccess.

1. The Easy Method

You have to be careful when editing .htaccess files, as a small mistake can make your website stop working or throw a server error loop. So have a backup! Copy and paste the old content of .htaccess file somewhere safe before proceeding.

Usually, the .htaccess file goes to the root of your website (/public_html for example, the same location of wp-config.php). If there is none, you can create a new file. But watch out not to create something like “.htaccess.txt” if you do it with notepad (which usually appends .txt to all files).

The location may vary according to where you installed WordPress inside the host. Edit the .htaccess file and add the following line:

# BLOCK ANALYTICS SPAM
RewriteEngine on
RewriteCond %{HTTP_REFERER} enter-url-1\.xyz [NC, OR]
RewriteCond %{HTTP_REFERER} wakeupseoconsultant\.com [NC, OR]
RewriteCond %{HTTP_REFERER} example-spam-website\.com [NC]
RewriteRule .* - [F]

(Copy and paste the code in the bottom of your .htaccess.)

Note: Check whether a RewriteEngine On line is already inside your .htaccess file. Then you don’t need to copy that particular line from the code I shared. RewriteEngine only needs to occur once in the file, preferably at the top.

2. Find Spam Site’s Server IP Address & Block it

There are chances the spammer may spin up more domain names for this unholy practice. Solution? Deny their server to access your website. Proceed at your own risk.

https://verfasor.com/generatepress-review/

Use a DNS lookup tool like mxtoolbox.com to check spam domain’s (enter-url-1.xyz in your case) IP address:

Find your-seo-promotion.com's Server IP Address

As you can see, 217.23.10.44 turns out to the unique IP of the domain.

However, you’ve to make sure the spammer is not using any CDN to hide their IP address. Look at Facebook.com for example:

Facebook CDN

Facebook, Inc. CDN uses specific IP ranges for delivering Facebook.com. Here’s a list of IP Ranges that Cloudflare use. Make sure that you identify the unique IP of spammer and not IP ranges of a CDN service.

Upon identifying the spam sever, edit the .htaccess file and add the following line:

# block spam referrer
Deny from 217.23.10.44

Make sure that you enter the correct IP address. Doing so will block all the spammy domains pointed to this server IP address.

Block Analytics Spam Using in NGINX

Open your nginx.conf file located in /etc/nginx/nginx.conf

Proceed at your own risk. Contact your host to confirm the location of nginx.conf file. Make sure you have root access to the host. Always have a backup! Copy and paste the old content of nginx.conf file somewhere safe before proceeding.

Add the following lines inside the http block:

# Referer spam

map $http_referer $spam_referer {
default 0;
include /etc/nginx/spam_referer.map;
}

Nginx’s map (ref) module lets you create variables in Nginx’s configuration file whose values are conditional — that is, they depend on other variables’ values. The map command can only be used inside of the http block.

Create An Analytics Spammer List

Create a new file in the NGINX root directory (‘/etc/nginx’) and name it ‘spam_referer.map’ to save a list of spam referrers:

"~*enter-url-1.xyz" 1;
"~*wakeupseoconsultant.com" 1;
"~*free-social-buttons.com" 1;
"~*15-reasons-for-seo.com" 1;
"~*99-reasons-for-seo.com" 1;
"~*another-example-spam-website.com" 1;

The “~*” means case-insensitive matching.

Now open /etc/nginx/sites_available/default and add the following lines to the server block:

# Referrer exclusions

if ($spam_referer) {
return 444;
}

444 Explained: Connection Closed Without Response is a non-standard status code used to instruct nginx to close the connection without sending a response to the client, most commonly used to deny malicious or malformed requests. This status code is not seen by the client, it only appears in nginx log files.

Verify & Restart Nginx Service

Run this command to verify the config:

nginx t

Restart nginx if the test is successful:

sudo service nginx restart

Block IPs in Cloudflare CDN

Cloudflare user? The Firewall tab on Cloudflare provides you with an interface that you can use to block or whitelist IP addresses or entire networks. Based on the results from mxtoolbox.com, you can block spammer’s IP using Cloudflare. Here’s how to do it:

  1. Log in to Cloudflare.
  2. Go to the Firewall app.
  3. Add an entry to the Access Rules and select the action.
As seen on support.cloudflare.com.

Good luck!

Help someone else by sharing this article. Thank you.

Need a hand?

Need help optimizing your website analytics, speed and search performance? Connect with me now.

Written by MighilMighil is an indie musician and tinkerer with diverse work experience in technology and writing. He has had the privilege of serving in various capacities, encompassing generalist and specialist roles. He is currently based in Chengdu.

Newsletter

Opt-in to receive long-form essays in your inbox. Unsubscribe anytime. Follow me on 𝕏 if you like.

Powered by DigitalOcean, BunnyCDN, WordPress.