Hackers, Spammers, and Spam Bots


I’ve been seeing a lot of spammer and hacker traffic lately.  Thanks to plugins such as Wordfence, I can even see where the traffic is coming from.  Now, I realize that they are most likely using fake IP address, but it still allows me to see that I am getting a lot unwanted traffic from places like China and Russia.  The Wordfence plugin even alerts me every time there is a successful and failed login to my site.  It even shows me that they are trying to login with usernames such as, ‘admin’, ‘user’, etc.  So, how am I protecting myself here?  Well, first of all I use the above mentioned plugin called ‘Wordfence‘.  I also use ‘Limit Login Attempts’ to lock usernames out from trying to gain access with Brute force attacks.  In some of my sites, I use a Google Recaptcha plugin on the login page as well as contact us forms, which checks to see if the user is a bot.  In other sites, I use the Clef plugin which requires the user logging in to use their phone and a password on their Clef app installed on the phone.

Other things you can do:

  1. Set up two factor authentication – this generally requires using a normal username and password, but then getting a random code sent to your iphone via email or text message, which then needs to be entered.
  2. Hide your WordPress site or rename/move your login page.
  3. There are several other good plugins to use, but these are just a few that I like.  I do also like the Sucuri Security plugin.

Spam Bots/Referral Spam

What a pain these guys are.  For the most part, these spammers aren’t even a threat, but they really mess with your analytics. These get recorded as sessions/site visits even though they are not real humans visiting the site.

There are three kinds of bots:

  1. Ghost referrals – these visits are called Ghost because they never access your site, so although they show up as a session/page visit in your analytics, they really never even enter your site.  All they really do is hit your Google Analytics account.  They have scripts that randomly generate GA id numbers and when they find a match they shoot fake data to the GA servers.  Because they are not true visits to your site, they can not be blocked via the .htaccess file.  The only way to stop ghost spam in Google Analytics is with filters.
  2. Fake referrals/bad crawlers – These are actual bots that are crawling your site with some sort of purpose.  Ie.  they are generally looking for things.  It could be a way to hack into your site, it could be looking for an open comment field so that they can paste in links for Nike Air Jordan’s, fake Rolex Watches, Viagra…  These crawlers actually visit your site.  They usually ignore rules specified in your robots.txt file.  That being said, they can be blocked via the .htaccess file.
  3. Good bots – We want these to crawl the sites.  These are Yahoo, bing, Google, etc.  These bots generally obey the rules put into your robots.txt file.

If you are seeing skewed results in your Google Analytics such as the following, give me a call.  I can help.

Screenshot 2015-06-17 09.56.13 Screenshot 2015-06-17 09.51.48