Table of Contents

  1. Exclude a single referrer
  2. To Exclude multiple referrers
  3. Block Analytics Spam in .htaccess
  4. Block IPs in Cloudflare CDN

Fix: Analytics Spam

This blog post is a master guide to block Google Analytics referrer spam. I’ve added various methods to block the referral spam and I’ll update the content accordingly.

You’re here because of the new referral traffic from,,,,,,,,,,,,,,,,,,,,,,,,,, or its variants are¬†spamming your Google Analytics data. Here’s how to block that¬†single referral domain and related multiple referrers.

Method 1: block referral spam using Google Analytics
Method 2: disable spam in .htaccess (for Apache servers)
Method 3: disable spam in NGINX
Method 4: disable spam using Cloudflare

10/05/2019: Added fix.
06/05/2019: Added fix.
24/04/2019: Added fix.
18/04/2019: Added fix.
04/04/2019: Added fix.
03/30/2019: Added fix.
03/19/2019: Added fix.
03/12/2019: Added fix.
03/11/2019: Added fix.
03/07/2019: Added fix.
02/26/2019: Added fix.
02/25/2019: Added fix.
02/19/2019: Added fix.
02/18/2019: Added fix.
02/15/2019: Added fix.
02/13/2019: Added fix.
02/11/2019: Added fix.
02/08/2019: Added fix.
01/31/2019: Added fix.
01/23/2019: Added fix.
01/18/2019: Added fix.
01/15/2019: Added fix.
12/19/1018: Added fix and NGINX method to block the Analytics spam.
12/06/2018: Added fix.
12/05/2018: Added fix.
12/04/2018: Added fix.
12/03/2018: Added fix.
11/29/2018: Added fix.
11/14/2018: Added fix.
11/07/2018: Added fix.
11/01/2018: Added fix.
10/27/2018: Added fix.
10/13/2018: Added the solution to fix Analytics spam
10/10/2018: Added the solution to fix spam.
09/27/2018 11:57 PM: Blimey! It seems like they’re targeting me¬†for writing this blog post.
09/27/2018 11:16 PM: Added the Cloudflare method to block servers that spam your website.
09/25/2018: This guide has the solution to fix¬†,¬†, and other domains that spam Google Analytics. Just change the domain name/URL accordingly. I’ve added a new .htaccess method also (future-proof).

Exclude a single referrer

How to Block Analytics Spam (September 2018)

  1. Sign in to Google Analytics.
  2. Click Admin, and navigate to the view in which you want to create the filter.
  3. In the VIEW column, click Filters.
  4. Click¬†+ New Filter. (If you can’t see this button, you do not have the necessary¬†permission.)
  5. Select Create new Filter.
  6. Enter a name for the filter. Let’s name it
  7. Set the Filter Type to Custom.
  8. Click the Select filter type drop-down menu and select Exclude.
  9. Now Set the Filter field to Campaign Source.
  10. Enter the Filter Pattern. In this case, add (the-spam-domain-name.tld) and click Save.

To Exclude multiple referrers

You can use the regular expression in the Filter Pattern field to exclude several referring sources.

i.e., If you want to add multiple URLs, make a filter pattern separated by a | (pipeline).



Visit this link to learn more about setting filters on different levels. You may also set the Language Settings Filter and Campaign Referral Path Filter as well.

Block Analytics Spam in .htaccess

Applying filters is more like a band-aid solution. The spam sites are still sending traffic to your website, and GA doesn’t show it.¬†Want to block the referral sites before they get to your site? There are two methods to block referral spam using .htaccess.

1. The Easy Method

You have to be careful when editing .htaccess files, as a small mistake can make your website stop working or throw a server error loop. So have a backup! Copy and paste the old content of .htaccess file somewhere safe before proceeding.

Usually, the .htaccess file goes to the root of your website (/public_html for example, the same location of¬†wp-config.php). If there is none, you can create a new file. But watch out not to create something like “.htaccess.txt” if you do it with notepad (which usually appends .txt to all files).

The location may vary according to where you installed WordPress inside the host. Edit the .htaccess file and add the following line:

RewriteEngine on
RewriteCond %{HTTP_REFERER} enter-url-1\.xyz [NC, OR]
RewriteCond %{HTTP_REFERER} wakeupseoconsultant\.com [NC, OR]
RewriteCond %{HTTP_REFERER} example-spam-website\.com [NC]
RewriteRule .* - [F]

(Copy and paste the code in the bottom of your .htaccess.)

Note: Check whether a RewriteEngine On line is already inside your .htaccess file. Then you don’t need to copy that particular line from the code I shared. RewriteEngine only needs to occur once in the file, preferably at the top.

2.¬†Find Spam Site’s Server IP Address & Block it

There are chances the spammer may spin up more domain names for this unholy practice. Solution? Deny their server to access your website. Proceed at your own risk.

Use a DNS lookup tool like to check spam domain’s (¬†in your case) IP address:

Find's Server IP Address

As you can see, turns out to the unique IP of the domain.

However, you’ve to¬†make sure the spammer is not using any CDN to hide their IP address. Look at for example:

Facebook CDN

Facebook, Inc. CDN uses specific IP ranges for delivering Here’s a list of¬†IP Ranges that Cloudflare use. Make sure that you identify the unique IP of spammer and not IP ranges of a CDN service.

Upon identifying the spam sever, edit the .htaccess file and add the following line:

# block spam referrer
Deny from

Make sure that you enter the correct IP address. Doing so will block all the spammy domains pointed to this server IP address.

Block Analytics Spam Using in NGINX

Open your nginx.conf file located in /etc/nginx/nginx.conf

Proceed at your own risk. Contact your host to confirm the location of nginx.conf file. Make sure you have root access to the host. Always have a backup! Copy and paste the old content of nginx.conf file somewhere safe before proceeding.

Add the following lines inside the http block:

# Referer spam

map $http_referer $spam_referer {
default 0;
include /etc/nginx/;

Nginx’s map¬†(ref) module¬†lets you create variables in Nginx’s configuration file whose values are conditional ‚ÄĒ that is, they depend on other variables’ values.¬†The map command can only be used inside of the http block.

Create An Analytics Spammer List

Create a new file in the NGINX root directory (‚Äė/etc/nginx‚Äô) and name it ‚Äė‚Äô to save a list of spam referrers:

"~*" 1;
"~*" 1;
"~*" 1;
"~*" 1;
"~*" 1;
"~*" 1;

The “~*” means case-insensitive matching.

Now open /etc/nginx/sites_available/default and add the following lines to the server block:

# Referrer exclusions

if ($spam_referer) {
return 444;

444 Explained: Connection Closed Without Response is a non-standard status code used to instruct nginx to close the connection without sending a response to the client, most commonly used to deny malicious or malformed requests. This status code is not seen by the client, it only appears in nginx log files.

Verify & Restart Nginx Service

Run this command to verify the config:

nginx t

Restart nginx if the test is successful:

sudo service nginx restart

Block IPs in Cloudflare CDN

Cloudflare user?¬†The¬†Firewall¬†tab on Cloudflare provides you with an interface that you can use to block or whitelist IP addresses or entire networks. Based on the results from¬†, you can block spammer’s IP using Cloudflare. Here’s how to do it:

  1. Log in to Cloudflare.
  2. Go to the Firewall app.
  3. Add an entry to the Access Rules and select the action.
As seen on

Good luck!

Help someone else by sharing this article. Thank you.

Need a hand?

Need help optimizing your website analytics, speed and search performance? Connect with me now.

Written by Mighil ‚ÄĒ Mighil is an indie musician and tinkerer with diverse work experience in technology and writing. He has had the privilege of serving in various capacities, encompassing generalist and specialist roles. He is currently based in Chengdu.


Opt-in to receive long-form essays in your inbox. Unsubscribe anytime. Follow me on ūĚēŹ if you like.

Powered by DigitalOcean, BunnyCDN, WordPress.