How to Block WordPress Referrer Spam in Google Analytics

How to Block WordPress Referrer Spam in Google Analytics

Are you looking for ways to block WordPress referrer spam in Google Analytics?

This spam can fill your website data with visits from strange-looking places that bounce right off, making your analytics look all wrong.

Today, we’ll guide you through 3 easy ways to safeguard your website’s data, ensuring your Google Analytics reflects your site’s actual performance.

What’s WordPress Referrer Spam?

WordPress referrer spam is like a party crasher at your website’s gathering. Imagine inviting only a select group of friends (real visitors) to your party (website).

MonsterInsights is the best WordPress Analytics plugin. Get it for free!

Now, imagine if someone keeps sending fake RSVPs (spam visits) from people who have no intention of coming. These fake guests never show up, or if they do, they peek in and leave instantly.

That’s referrer spam for you.

This spam tricks your website into thinking it’s getting more visitors from other websites. These aren’t real people interested in your site but just spammy web bots.

They can make it look like many people are linking to and visiting your site, but they leave immediately, messing up your data.

When trying to block WordPress referrer spam in Google Analytics, you say, ‘No more fake RSVPs!’

Identifying referral spam in your Google Analytics reports is quite simple.

First, you’ll need to find your referral traffic in Google Analytics.

Open your Google Analytics account and navigate to Reports » Acquisition » Traffic Acquisition:

Traffic Acquisition Report in GA4

Scroll down to the Referral row, where you see the overall statistics. Search for ‘referral’ and click the ‘+‘ sign:

Filter referral traffic GA4

Navigate to Traffic source » Session scoped » Cross-channel » Session source.

Now you get a table broken down by how many referrals you got from each referring site:

Referral sources report GA4

You can initially suspect strange and unusual domain names. If the average engagement time per session is also 0 seconds for these links, they could be spammy.

Why Should You Worry About Referrer Spam?

Referrer spam is junk for your website. Here’s why you should care about blocking WordPress referrer spam in Google Analytics:

  • It’s a trick for fake popularity: Some spammy websites send fake visits to other websites. They hope website owners will click on these fake visits, which boosts their traffic and helps their SEO.
  • Puts your website at risk: Clicking on these spammy links might put your website at risk. They could have harmful code that makes it easier for hackers to get in.
  • Messes up your numbers: Having lots of spam in your data makes it difficult to see how your website is truly doing.
  • Wrong first impression: If you’re showing your website’s stats to someone important (like investors), spam can make your website look bad, unprofessional, and messy.

As you can see, referrer spam is bad news since it’s potentially harming your site, and you’re unintentionally helping out spammy websites. Therefore, blocking this spam is necessary to keep your website healthy and secure.

How to Block WordPress Referrer Spam in Google Analytics

Now that you know what referrer spam is and why blocking it is necessary, let’s get into the essential part of our guide.

These are three easy methods to block out referrer spam that we’ll cover below:

Method 1: Use a Strong Security Tool

Referrer spam is just one problem your website can run into. Many other types of trouble can mess with your site.

Some other dangers your WordPress site might face include hackers trying to break in, viruses that can make your site sick, and those sneaky bots pretending to be visitors.

To keep your website safe, you can use a tool like Sucuri.

Sucuri - Best WordPress Security Plugin

Sucuri is the best security plugin for WordPress websites. It’s a powerful security and firewall software that protects your site against malware, Trojans (malicious pieces of code or software disguised as legitimate), and referrer spam.

Sucuri Website Firewall blocks the most well-known spammy referrals by default.

And whenever it detects new referral spammers, it adds them to your block list so they cannot attack your site.

Get started with Sucuri today. 

Method 2: Use a Plugin

The second method is installing a WordPress plugin that blocks referral spam.

If you look in the WordPress plugin repository, you’ll find plenty of security plugins. However, we’ve chosen the Block Referer Spam plugin for this tutorial.


First, you must install and activate the plugin on your WordPress site. After it’s activated, you’ll see a Referer Spam menu added to your dashboard.

When you hover your mouse pointer over it, you’ll see two submenus: Referer Spam and All Blocked Sites.

If you click on All Blocked Sites, you’ll see the list of sites that are already blocked by the plugin:


You’ll need to click on the Referer Spam submenu to configure the plugin’s settings and add custom sites to block.

There, you can select Auto Update or Block Mode. Also, you can force a manual update of the referrer spam list.

Block Referer Spam

If you see referrer spam links in your Google Analytics report that aren’t listed in the updated list, you’ll need to add them to the custom block list.

To add custom block links, copy and paste them in the text area next to Custom Blocks. Don’t forget to click Save Changes.


Now, the plugin will block those referrer spam links.

Method 3: List Unwanted Referrals in Google Analytics

Even after applying the two methods suggested above, you may still see referrer spam in your Analytics reports sometimes.

This is because some websites aren’t visiting your site at all. Hence, Sucuri or other plugins cannot block them.

This referral spam is called ghost spam. They send requests directly to GA (Google Analytics) using your GA Tracking code.

This code connects your WordPress site with your Google Analytics account, so it’s often added to the site’s header section.

Because of this, anyone can find the code and generate referrer spam using it.

You’ll need to set up filters in Google Analytics to block those websites.

To block WordPress referrer spam in Google Analytics, start by logging into your GA4 property.

Look for the Admin option in the bottom left corner and click on it (make sure you have the necessary permissions first):

Next, find Data collection and modification and select Data streams:

GA4 Data Streams admin screen

Once there, open the stream details by clicking the arrow next to your active data stream:

Select GA4 data streams

Scroll down in this new window until you find Configure tag settings and click on it.

Then, on the tag details page, under Settings, there might be a List unwanted referrals option. You may need to click ‘show more’ to see it:

List unwanted referrals GA4

Here, you’ll input the top level of the domain you wish to exclude.

For instance, for ‘,’ enter ‘’

Choose Referral domain contains under the match type to ensure any subdomains are also blocked:

List unwanted referrals conditions GA4

Click Add conditions each time you enter a domain you want to list.

Finally, don’t forget to hit Save at the top right to apply your changes.

You can check your Google Analytics reports after 24 hours to see the changes.

This process is a straightforward way to keep your website’s data clean from spammy bots, ensuring you get a clear view of your site’s genuine traffic and engagement.

How to Track WordPress Website Traffic

Navigating Google Analytics can be daunting, especially when embedding code into WordPress.

However, there’s good news for all WordPress website owners.

MonsterInsights is the ultimate solution for integrating Google Analytics with your WordPress site effortlessly. Known as the best WordPress plugin for Google Analytics, MonsterInsights simplifies the entire process.

monsterinsights wordpress plugin

Forget about hiring developers or becoming an analytics guru; MonsterInsights allows you to install Google Analytics, activate advanced tracking features, and access the most relevant reports directly from your WordPress dashboard without touching a single line of code:

Whether exploring the free Lite version or diving into the more feature-rich licensed version, MonsterInsights is your gateway to understanding your website’s traffic sources, page views, and engagement metrics.

With MonsterInsights, you’ll unlock insights into where your traffic originates with reports like the Overview Report, Referrals Report, Search Console Report, and much more.

overview report monsterinsights

MonsterInsights offers a user-friendly relief to Google Analytics, making it accessible for anyone to track and improve their WordPress website’s performance.

To learn more about MonsterInsights and leveraging Google Analytics to its full potential, check out our article on How to Track Website Traffic Using Google Analytics.

Get started with MonsterInsights today!

We hope this article taught you how to block WordPress referrer spam in Google Analytics. You may also want to check out:

Don’t forget to follow us on X, Facebook, and YouTube for more helpful Google Analytics and WordPress tips.

Want to Try MonsterInsights for Free?

Enter the URL of Your WordPress website to install MonsterInsights Lite.


  1. why do you add
    in the filter pattern?
    What do you mean by example? Is it www. ?

    1. Hi Jan,
      “Example” in this case is showing you an example of how you’d block a hostname that has a subdomain on it. So in the example, we’re blocking traffic from and

Add a Comment

We're glad you have chosen to leave a comment. Please keep in mind that all comments are moderated according to our privacy policy, and all links are nofollow. Do NOT use keywords in the name field. Let's have a personal and meaningful conversation.

This form is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.