Imagine you have a tool that helps you understand who visits your website and what they do there. That’s what Google Analytics does. But sometimes, all sorts of bots or spammy websites send fake visits to your site, messing up your data. This is called referral spam. Referral spam may include links to promote products and services or are simply intended to mess-up your analytics data.
Considering their behaviour, referral spam can make it hard for you to know who your real visitors are and what they’re doing on your site. In this guide, we’ll show you how to deal with this annoying issue so you can trust your analytics and make better decisions for your website.
How to properly block unwanted referral spam
Here’s an example of referral spam. It can be easily identified under the Traffic acquisition report, using Session source / medium filter and looking at Average engagement time per session metric, which is 0s:
A lot of tutorials, out there, suggest using the List unwanted referrals feature which can be found under Configure tag settings on Data Streams settings. This is wrong! Using this feature will only indicate to Google Analytics that the referrer should not be displayed as a traffic source. This means that fake events like pageviews and sessions will still be included on your reports with the referral stripped out, as direct / (none) traffic.
Also, most spam referrals in Google Analytics are not actual visits to your website, but rather attempts to manipulate your analytics data by sending fake data directly to Google’s servers. This spam traffic often doesn’t even touch your server, so server-side solutions like firewalls, htaccess files, or Cloudflare service won’t have any effect on them.
In contrast to Universal Analytics, which had the All Filters feature for applying complex rules to prevent spam and maintain clean metrics, with Google Analytics 4 the only way to filter out spam referral is to use the Internal Traffic feature.
To permanently filter out referral spam from Google Analytics 4 we will use the IP address of the referral and the Internal Traffic feature.
How to find the IP address of a referral spam domain
- Open Command Prompt on Windows or Terminal on Mac/Linux.
- Type the command
ping website.comand press Enter (replace website.com with the actual website domain). - The IP address will be displayed in the output, typically next to Reply from or bytes.
How to block unwanted referral spam by IP
Using the Internal Traffic feature in Google Analytics 4 to remove spam involves a few straightforward steps:
- log in to your Google Analytics account and select the GA4 property from the top left corner.
- click on the Admin option located at the bottom left corner of the page. If the sidebar is folded you’ll see a gear icon instead of Admin, as above.
- under the Property Settings, select Data Streams and then click on your web data stream.
- within the web data stream settings, select Configure tag settings and locate the Define Internal Traffic option. It might be found under the Show More section, depending on your setup.
- within Define Internal Traffic settings, click on Create button at the top right corner of the page.
- name your new rule, for example Spam Referral.
- here you can specify the IP addresses or IP address ranges associated with the spam referral. This tells Google Analytics to exclude visits for these IP addresses from your reports.
- once you’ve entered the relevant IP addresses or IP ranges, save your settings by clicking on Create button at top right of the screen.
The above example will block the following domains:
- hiwpro.xyz
- news.grets.store
- rida.tokyo
- kar.razas.site
- static.seders.website
- game.fertuk.site
- trast.mantero.online
- ofer.bartikus.site
- garold.dertus.site
- hiwpro.xyz
- blogsmith.online
- crm.xiaoman.cn
- jackonline.store
To avoid accidentally blocking genuine traffic, you should use the IP address equals and IP address is in range (CIDR notation). While the first option is self explanatory, CIDR (Classless Inter-Domain Routing) specifies the network prefix length. On the screenshot above, the value of 77.222.40.224/24 (notice /24) will block all IPs from 77.222.40.0 to 77.222.40.255 and the value of 38.180.120.84/32 (notice /32) will block a single IP, in this case 38.180.120.84.
Depending on the list of spam IPs identified you can block a single IP (using IP address equals option) or a range of IPs (using the other options). By restricting a wide range of IPs you can endup in blocking genuine user traffic, so please be caution when using CIDR notation, starts with, ends with, and regular expression options.
By following these steps, you can effectively utilize the Internal Traffic feature of Google Analytics 4 to remove spam and ensure that your data accurately reflects genuine visitor activity on your website.