Ways to block bad bots and prevent fake traffic in WordPress


Website monitoring and maintenance are more important for blog, eCommerce, and lead generation websites. And one of the things that need to be monitored is the traffic quality of your website.

The quality of traffic can be measured by the source of traffic, country, IP, landing page visits, average session time, bounce rate, and device category. Anything unusual creates doubts.

When you go through the website data in Google Analytics anything unusual creates doubts.

And the reality of high traffic or unusual increase in traffic to certain landing pages or from a specific country is actually bad bots.

Fake website traffic spikes from bots, software, and referral spam visitors consume bandwidth, overload the server resource and increase inputs to the server.

When the server is unable to process too many requests in a second or minute span then this slows down the website and page loading speed for new visitors.

Until traffic doesn’t get reduced new users will not be able to visit and access the website. This is not a good user experience and does not make a good 1st impression on new visitors. Fake traffic also misleads your google analytics data reports, database, and hosting services.

So, you not only have to hide fake traffic in Google Analytics but actually, you have to prevent or stop them from visiting your website. Hiding fake traffic in Google Analytics is not a solution. It just helps you to create good traffic and SEO report.

But actually, to save and protect your website, assets, and sources you have to stop or need to block the fake traffic. Blocking bad bots opens doors for new and quality traffic, and increment in revenue.

So, in this post, I am sharing some of the best ways that I have used and I hope this will help you too.

Note: It’s always a good practice to take a backup whenever you try to customize and make changes to your website.

Ways to prevent fake traffic, bad bots or referral spam on WordPress:

1st Step: Identify the fake referral spam traffic and bots in Google Analytics

See these two matrices in Google Analytics Traffic Source. Average Session Time and Bounce Rate. If the average session is 00:00:00 and the bounce rate is 100% in a specific traffic source for more than 10 new users then you need to check the authenticity of this referral and also the user experience on that particular page.

Now you can filter it by device, country, browser, etc. And if something is doubtful then you have to prevent it. Else, it will make your website data analytics incorrect and you will not be able to understand the performance of your website correctly.

2nd Step: Prevent the referral spam traffic and random high spikes on specific pages/posts:

  • If you’re using Cloudflare CDN then in security >> WAF create the firewall rules for specific pages, posts, countries, IP, and referral URLs when visiting your website.
  • Through firewall action, you can block, and add a captcha before visitors or traffic try to access a specific page or when a visitor is from a specific URL.

With captcha and firewall rules you can prevent the referral of spam traffic sources, country, IP, URLs etc.

This will improve the domain authority as well as prevent the bot from slowing down the server.

Please visit Cloudflare docs for more details: Create, edit, and delete rules

Block Bad Bots on WordPress with Security Plugins:

wordfence security plugin wordpress

1st Step: Install and activate the WordPress Security plugin in which you will get a firewall option. Wordfence Security plugin is one of the best security plugins.

2nd Step: Enable Rate Limiting and Advanced Blocking option.

From here you can limit the page access rate for bots, crawlers, as well as humans. In simple words, it means how many page views or click requests or crawling you allow for people and bots. If that limit is crossed by certain bots/humans then it will throttle or block that.

If anyone’s requests exceed 60 within a minute then it’s important to block or throttle it. While even humans can visit 60 pages or posts within a minute. But if anyone does it, it means that is not a good user or traffic. No one visit more than 4 to 5 pages in a single minute. But bots can go to any range, you can see more than 100 visits within a minute on a particular page.

It’s important to consider such things while using the rate-limiting option in the Wordfence security plugin.

So, with the Wordfence security plugin or with any other such as All In One WP Security and Firewall, Defender, Jetpack etc. you will get various other options to prevent fake traffic, and bots, and block IP addresses. You can see live traffic and bots. And you can block any type of page for any type of IP address and through conditions.

You can use that as the best fit for your type of website and security.

Find and block the IP address:

Find the IP address and Block them through Wordfence or Cloudflare. While Fake Traffic Bots or Bad Bots IPs are dynamic and they keep changing. But there is a high possibility that some of your competitors or content thief are trying to scrap the data of your website through Python scripts or through any other methods.

block ip addresses

In that case, you can find a particular IP address, device, header, hostname, and landing page details through wordfence live traffic option.

After that, you can use Wordfenece or Cloudflare or any other plugin to block those IP addresses from visiting your WordPress website.

Things to remember:

  • Make sure you do not prevent search engine bots and advertising bots if you’re using display advertising on your blog. While they are automatically identified or known as good bots but it’s always good to understand that.
  • Do not try to enable all the security settings in one day. Just learn each step and security practice then implement them.
  • Regularly monitor your website traffic.
  • Do not share your website on Fake traffic generator websites.

So, to increase page speed it’s important to 1st secure your website.

For this, you can use plugins, CDN services, and anything that you want. But the point is that make sure whatever human or referral, bot traffic you get on your website, it’s genuine. If you work on this part of your website not only you will get increased page speed, but it will improve conversion rate and revenue as well.

How useful was this post?

Click on a star to rate it!

Average rating / 5. Vote count:

No votes so far! Be the first to rate this post.

We are sorry that this post was not useful for you!

Let us improve this post!

Tell us how we can improve this post?

Leave a Reply

Your email address will not be published. Required fields are marked *


Difference between Web Hosting and WordPress Hosting

Difference between Web Hosting and WordPress Hosting