Skip to content
Sitemason - Build on Us

Referral Spam and Protection From It

Referral spam (also referer [sic] spam, log spam, or referrer bombing) is an attempt to insert a spammer's web address into a site's analytics report.

Normally, when clicking a link in a web browser, the browser includes a header, named HTTP_REFERER, that contains the URL of the page that had the link. A site's analytics will usually include a referrer report that shows those referrer URLs. Often the URLs will be from the site linking to itself, but there will also be URLs from Google or other search engines which shows how people found the site.

Just like most of the information reported by a web browser, there is nothing to ensure the HTTP_REFERER is correct. Spammers take advantage of this by having bots make repeated requests to a web site and set the referrer to their own web site. That way, their web site URL will show up as a referrer in the site's analytics report even though the only traffic was from their bots.

Beyond the referrer spam

Worse still, the bot, acting like a web browser, may call the site's Google Analytics link (or other analytics services) and report a page view, but give credit to the spammer's site instead of the actual site. This causes the analytics service to list the spammer's site as another source of analytics. With that technique, the spammer has gone from only showing up in the referrer report to showing up on a main page of the analytics.

Protection from referrer spam

There are a variety of steps you can take to prevent referrer spam in your analytics reports. Some services, like Google, allow you to filter traffic that shows on the report. That keeps the referrer report clean, but doesn't stop a spammer from looking like an analytics source.

Better still is to block all the spammer's traffic at the web server so it stays out of the analytics report, doesn't add unnecessary traffic to the site, and can't find the link it needs to do a direct call to your site's analytics service.

The good news is, we take care of this for you. Sitemason just added its 28th referrer spammer to its block list. We can't remove what Google or other services have already recorded, but shouldn't register as a referrer or analytics source from here on out.

Excerpt of blocked referrer spam from one Sitemason web server


If you do see new unknown referrers in your analytics reports, please let us know. We will happily block them for you.

Tim Moses headshot thumbnail

Tim Moses is the co-founder and CEO of Sitemason and the lead developer of the Sitemason development platform. Read more about Tim Moses.

Contact Tim:

Recent Forum Posts

Warning: file_get_contents( failed to open stream: HTTP request failed! HTTP/1.1 404 Not Found in /mnt/files/s/ on line 11 Warning: usort() expects parameter 1 to be array, null given in /mnt/files/s/ on line 14 Warning: Invalid argument supplied for foreach() in /mnt/files/s/ on line 17
Warning: include(inc/disqus.php): failed to open stream: No such file or directory in /mnt/files/s/ on line 113 Warning: include(): Failed opening 'inc/disqus.php' for inclusion (include_path='.:/web/shared/php:/mnt/files/s/') in /mnt/files/s/ on line 113