Upon logging in to the Google Analytics summary page for this blog the other day, I noticed a surprising jump in traffic. While, of course, being happy to see this increase, I decided to dig a little further and check in to the actual source of this new traffic. As was not surprising, it wasn’t the case that somehow this site had become dramatically more popular over night, but instead that I had encountered a new type of spam known commonly as Ghost Spam or Ghost Referrers. Ghost Spam consists of hits to your GA account that originate not from hits to your actual site pages, but instead from faked traffic emanating from entirely different hosts. The short term fix I have applied to this was to apply a filter to the data collected by GA. The process is fairly simple. First I looked at a report of the hosts responsible for recent referrals to the site. After determining this sites valid hosts from this list, I created an “include” filter specifying these valid host and thus rejecting referrals emanating from others. In looking in to this, I also made sure to check the new “known bots and spiders” button in GA’s settings. While doing this should defend the site against another common attack, crawlers, using the same filter functionality allows you to protect your site against web crawler attacks. These illegitimate hits mimic payload day to appear as if they originate from good sources. The solution to this would seem to be the application of an exclude filter listing specific Campaign Sources to exclude.
Checking again the following day, it appears that my problem has been solved, at least for now. However, I am still rather irritated by the whole situation. It seems that for every person on the internet working to build things and add content and value, there is another working to tear what they have done down. I am usually the last person to suggest regulation as a solution to anything, however, sometimes I wish that those who spend their time in this way were subject to some sort of penalty. Since Obama has not managed to give the Internet away yet, maybe the US could push policing of such activity upon the countries producing the majority of this nonsense. For example, if you exceed a certain threshold of spam production, your country’s internet gets shut down for a week. I believe a policy like this would be very effective towards the goal of motivating other governments to solve the problems emanating from within their borders. While this comment is likely to be irritating to quite a few people, so is spam.