block WordPress referrer spam in Google Analytics

How to Block WordPress Referrer Spam in Google Analytics

Are you receiving a lot of referral traffic from sites with unusual domains? If the bounce rate for those hits is 100% and the session duration is 00.00.00, it’s most likely referrer spam. Referrer spam can distort your analytics reports and harm your site.

In this article, we’ll show you how to block WordPress referrer spam in Google Analytics.

Not Using Google Analytics Yet?

If you’re wondering what this article is about, or what Google Analytics is, we recommend you take a moment to check out why Google Analytics is important for your business growth.

To put it in brief here: Google Analytics is the most popular website analytics tool available on the market. It allows you to track your website’s traffic and provides you with detailed reports on how users interact with your site. You can view where your site visitors are coming from, what pages they open on your site, what they click, and everything else you could ever want to know right from the Analytics reports.

MonsterInsights is the best WordPress Analytics plugin. Get it for free!

And, once you know all that information, you can make informed marketing decisions to grow your site.

In WordPress, it’s easy to set up and use Google Analytics with the MonsterInsights plugin.


MonsterInsights is the best, most user-friendly Google Analytics plugin for WordPress. It’s easy to use and comes packed with powerful features to allow you to track all your important analytics data. Using the plugin, you can easily track advanced metrics like eCommerce data, ads, forms, etc. And, you can see all the reports right in your WordPress dashboard.

It takes zero effort to set up Google Analytics in WordPress when using this plugin. For detailed instructions, here’s our complete guide on how to set up Google Analytics in WordPress. If you want to learn more, you can explore other useful articles on our blog.

Now, let’s see what referrer spam actually is, and how to block WordPress referrer spam in Google Analytics.

What’s Referrer Spam?

Referrer spam is a way to pass fake website hits to your Google Analytics. You’ll receive referrer spam in your Analytics reports when a spammer website sends out multiple requests to your site with fake URLs. Then, Google Analytics tracks the fake hits as valid referral traffic and prepares reports.

Due to the referrer spam attack, there can be a massive increase in your regular website traffic. But those visits aren’t from humans; they’re from bots sent out by a spammer. Sometimes the bots bypass your site and hit the Google Analytics servers directly. Such hits also appear as referral traffic in your Analytics reports. That kind of spam is called ghost referral spam.

Identifying referral spam in your Google Analytics reports is quite simple though. First, you’ll need to find your referral traffic in Google Analytics. Open your Google Analytics account and navigate to Acquisition » All Traffic » Referrals to see your referrers.


You can initially suspect the strange and unusual domain names. Then, you can check the bounce rate. If the bounce rate is 100% and average session duration 00.00.00, these links are likely spammy links.

Now, let’s see how referrer spam can harm your website.

Why You Need to Worry About Referrer Spam

One common purpose of referral spam is search engine optimization. The spammer website sends out the fake referrer URL to thousands of websites and, when they appear in the analytics reports, some site owners click the links. Then, it increases the clicks on those links and can impact the spammer website’s SEO positively.

But it can have a negative effect on your site. Sometimes those links contain malicious scripts which can make your site vulnerable to hacking.

Some SEO experts argue that it doesn’t harm your site directly unless you click the links, but it can harm your business growth for sure. Lots of referrer spam can massively distort your analytics reports and curb your ability to accurately analyze your site’s performance.

Similarly, if you need to show your site statistics to investors or business partners, these spam links can create a bad impression and spoil the deal.

So, let’s check out how to block WordPress referrer spam in Google Analytics using 3 methods / steps.

1. Using a Strong Security Tool/ Software

Referrer spam is just one kind of spam that can affect your site; your site can be hit by a wide variety of spam and security attacks. So you should be always prepared and plug up those security holes.

To avoid the various different types of security threats to your WordPress site, you can use a security tool like Sucuri.


Sucuri is a powerful security and firewall software for WordPress sites. It protects your site against malware and Trojans as well as referrer spam.

Sucuri Website Firewall blocks the most well-known spammy referrals by default. And, whenever it detects new referral spammers, it adds them to your block list so they cannot attack your site.

2. Blocking Referrer Spam in WordPress Using a Plugin

The second method is to install a WordPress plugin that blocks referral spam. If you look in the WordPress plugin repository, you’ll find plenty of security plugins. However, we’ve chosen the Block Referer Spam plugin for this tutorial.


First, you’ll need to install and activate the plugin on your WordPress site. After it’s activated, you’ll see a Referer Spam menu added to your dashboard menu.

When you hover your mouse pointer over it, you’ll see 2 submenus: Referer Spam and All Blocked Sites. If you click on All Blocked Sites, you’ll see the list of sites that are already blocked by the plugin.


To configure the plugin’s settings and add custom sites to block, you’ll need to click on the Referer Spam submenu.

There, you can select Auto Update or Block Mode. Also, you can force a manual update of the referrer spam list.


If you see referrer spam links in your Google Analytics report that aren’t listed in the updated list, then you’ll need to add them to the custom block list. All you need to do to add custom block links is copy the links and paste them in the text area next to Custom Blocks. Don’t forget to click Save Changes.


Now, the plugin will block those referrer spam links.

3. Set Up Google Analytics Filtering to Block Ghost Referrals

Even after applying the 2 methods we suggested above, you may still see referrer spam in your Analytics reports sometimes. This is because these websites aren’t visiting your site at all. Hence, Sucuri or other plugins cannot block them.

This referral spam is called ghost spam. They send out requests directly to Google Analytics using your UA Tracking code. This code is used to connect your WordPress site with your Google Analytics account, so it’s often added to the site’s header section. Because of this, anyone can find out the code and generate referrer spam using it.

In order to block those websites, you’ll need to set up filters in Google Analytics.

First, log into your Google Analytics account and then choose the right website property by clicking the drop-down option at the top of your Analytics home page.


Next, a popup window will appear where you can choose your website view. By default, you’ll see All Website Data view.


It’s your site’s original unfiltered view. However, you can create more views for your website property. If you want to know more, here’s our ultimate guide on Google Analytics levels of access (account, property, and view) and user permissions.

After you’ve selected your appropriate property and original view, go to Audience » Technology » Network.

Then, select Hostname as the primary dimension and expand the result to Monthly.


There, you’ll see a list of hostnames with many spam hostnames. Now, note down the valid hostnames for your website to create a filter. For example, and, are the valid hostnames for our website.

Next, you’ll need to create a filter that includes only the valid hostnames for your site. To do so, click on Admin at the end of the left-hand side’s Analytics panel.


After that, you’ll need to create a new view for adding filters. You should never add filters to your original view i.e. All Website Data because filters are permanent rules set for your altering your Analytics data.

Sometimes, you can make mistakes while setting filter rules which alter your website data permanently and give you wrong reports.

That’s why it’s important to have your default view unfiltered which you can always look at. Hence, create a new view for adding filters.

To create a new view, you’ll need to click Create View button.


On the next screen, you’ll see a field to name your new view. Give it a name and click Create View.


After that, your new Google Analytics view will be created. Once it’s created, you can see it in the drop-down in View Column. Now, you can add filters to this new view.

First, check if your new view is selected. Then, go to Filters.


You’ll see the filter screen with an Add Filter button. Click the button to get started. Now, you’ll have to enter your filter information here.

First, add your filter name (for example, Valid Hostname Filter). Then, select Custom as your filter type and click Include. Below that, make sure that Filter Field is Hostname.


Now, you’ll see Filter Pattern box where you have to enter your valid hostnames using Regex string.

The format is simple, you’ll need to add a ^ sign before each hostname and a $ sign after it. Use | sign to separate hostnames.

Also add a backslash \ before dot sign . to escape dot . being interpreted as a special character.

So, your list of valid hostnames in the Filter Pattern will look like:


After that, click the Save button. Then, you can check your Google Analytics reports after 24 hours to see the changes.

We hope this article helped to learn how to block WordPress referrer spam in Google Analytics. You may also want to check out our complete guide on creating advanced segments in Google Analytics.

And don’t forget to follow us on Twitter and Facebook for more helpful Google Analytics tips.

Want to Try MonsterInsights for Free?

Enter the URL of Your WordPress website to install MonsterInsights Lite.


  1. why do you add
    in the filter pattern?
    What do you mean by example? Is it www. ?

    1. Hi Jan,
      “Example” in this case is showing you an example of how you’d block a hostname that has a subdomain on it. So in the example, we’re blocking traffic from and

Add a Comment

We're glad you have chosen to leave a comment. Please keep in mind that all comments are moderated according to our privacy policy, and all links are nofollow. Do NOT use keywords in the name field. Let's have a personal and meaningful conversation.

This form is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.