• You MUST read the Babiato Rules before making your first post otherwise you may get permanent warning points or a permanent Ban.

    Our resources on Babiato Forum are CLEAN and SAFE. So you can use them for development and testing purposes. If your are on Windows and have an antivirus that alerts you about a possible infection: Know it's a false positive because all scripts are double checked by our experts. We advise you to add Babiato to trusted sites/sources or disable your antivirus momentarily while downloading a resource. "Enjoy your presence on Babiato"

Frustrated With Bots. How to stop them Showing In My Google Analytics?

Iron-Man

Active member
Babiato Lover
Oct 9, 2019
304
87
28
29
India
Hi friends & expert. I am frustrated with bots. My VPS server security is tight (as per hosting provider & mine google research). Using wordfence plugin in my wordpress website & optimized it. I have not been hacked yet (Thanks God for this + I make regular back ups too), but very frustrated with bots.


Bots from hackers/spammers are troubling me. Below are the cases:

1) Every day I see lots of login attempts & IP blocked via my wordfence report.

2) I guess due to this reason My google analytics data is full with bots related data. Thinking about using a new analytics account.

3) Getting 10-20 comments spam everyday.

4) Getting 20+ spam emails via contact form. (Little reduced after using google's recaptcha, but not 100% stopped)


Any expert who has faced similar situation, plz give me some recommendations.

P.S: I am specialty worried about my google analytics data. I have run ads before & among them some data like website visits etc. are real. I feared I will lose them & thus can not retarget them. May be wrong as these data might be stored in google adwords records.
 
Your VPS is LEMP or LAMP? (nginx or apache)
Before accessing your website (thus triggering analytics) your traffic is processed by your server
Therefore you can add filters to limit bot traffic and allow only known real bots (google, yandex, bing and so on) and divert others to a blackhole.
Also, is your website behind cloudflare?

On your other concerns:
1) - you can't stop that, that's why wordfence or other limiting plugins were made (to reduce to minimum your exposure and vulnerability)

2) I have no answer to this

3) Use recaptcha for comments submission and set them to admin approval (it will give you more work but at least you keep your comments clean)

4) Use email obfuscator to hide your contact form email from plain text. Recaptcha it's good to reduce spam mails, you can also use other recaptcha services (whichever you might find best suited for you)
 
  • Like
Reactions: Iron-Man
Your VPS is LEMP or LAMP? (nginx or apache)
Before accessing your website (thus triggering analytics) your traffic is processed by your server
Therefore you can add filters to limit bot traffic and allow only known real bots (google, yandex, bing and so on) and divert others to a blackhole.
Also, is your website behind cloudflare?

On your other concerns:
1) - you can't stop that, that's why wordfence or other limiting plugins were made (to reduce to minimum your exposure and vulnerability)

2) I have no answer to this

3) Use recaptcha for comments submission and set them to admin approval (it will give you more work but at least you keep your comments clean)

4) Use email obfuscator to hide your contact form email from plain text. Recaptcha it's good to reduce spam mails, you can also use other recaptcha services (whichever you might find best suited for you)

Thanks for replying brother .

My server is Apache with nginx support, but I have disabled nginx. And yes, I am using cloudflare and still getting tons of bots traffic. Plz tell me how to stop/filter them from server level...
 
You could easily filter bots traffic from cloudflare ... they have this awesome firewall where you can set your own rule like in images attached.

This way you allow traffic from only CF list of known bots & crawlers (google, bing, yandex, semrush and few more others)

Also set a rule to block empty user agent and probably you want to enable Cloudflare Managed Ruleset and Cloudflare OWASP Core ruleset.

Doing it on server side is a bit tricky and require nginx as server or proxy and huge lists of IPs
If you know what you're doing and master nginx you can find bad bots IPs along with identifiers on WWW

2023-04-01 01_57_01-WAF (Web Application Firewall) _ Security - Firewall rules _.png
2023-04-01 01_57_18-WAF (Web Application Firewall) _ Security - Firewall rules _.png
 
  • Like
  • Love
Reactions: Tuton and Iron-Man
You could easily filter bots traffic from cloudflare ... they have this awesome firewall where you can set your own rule like in images attached.

This way you allow traffic from only CF list of known bots & crawlers (google, bing, yandex, semrush and few more others)

Also set a rule to block empty user agent and probably you want to enable Cloudflare Managed Ruleset and Cloudflare OWASP Core ruleset.

Doing it on server side is a bit tricky and require nginx as server or proxy and huge lists of IPs
If you know what you're doing and master nginx you can find bad bots IPs along with identifiers on WWW

2023-04-01 01_57_01-WAF (Web Application Firewall) _ Security - Firewall rules _.png
2023-04-01 01_57_18-WAF (Web Application Firewall) _ Security - Firewall rules _.png

Ok bro, I understand now. But let me clear once again from your side so that there will be no confusion/misunderstandings.

In my server I am using WHM. I am using all of its security features like mod security, CSF etc.. Still gettings lots of bots traffic. I do not want to active nginx. So as per you it will be very tricky to configure my server to stop bots.

And I should configure and use cloudflare's firewall to stop these fu**ng bots👿 disturbing my analytics data. You have given me screenshots of soe instructions and with some google research, I will be able to stop these bots.

Am I Right?
 
If you're using WHM forget about server side filtering.

If you want to filter bots before reaching your server you should use Cloudflare firewall rulesets.
One of most important I gave you in previous screenshots.

You will never entirely stop bot traffic (as some copies human behavior) but you can filter up to 90-95% of it.
 
If you're using WHM forget about server side filtering.
🤣🤣🤣Thanks for telling me the facts..I have wasted so many hours trying to stop bots using my server.

If you want to filter bots before reaching your server you should use Cloudflare firewall rulesets.
One of most important I gave you in previous screenshots.
Ok, I will follow as per your instructions.

But I have one doubt. After using this will my visitor get cloudflare's bot challenge page first before accessing my home page. I have seen some sites (Including Babiato) who use this cloudflare's feature where, after opening the site, 1st cloudflare's related page open; then ask for check no robot & then allowed. I do not want this feature as it might pissed off my Indian consumers whose attention span is smaller than golden fish🤣.

I hope you understand what I mean brother.
 
If their are using low quality VPNs and proxies that will happen. VPN is considered bot traffic by any analytics.
And showing cloudflare challenge is a result of their choice of how they browse the internet.

You cannot have both.
Either fully human traffic either your messed up analytics. Make your choice.
 
  • Love
Reactions: Iron-Man
If their are using low quality VPNs and proxies that will happen. VPN is considered bot traffic by any analytics.
And showing cloudflare challenge is a result of their choice of how they browse the internet.
OHhh, I understand now. Thanks for this info.

You cannot have both.
Either fully human traffic either your messed up analytics. Make your choice.
Yah, you are right. I can not have both. I will go with your firewall setups. Let's cloudflare decide who is human and who is bot.

Anyway, thanks for your help🙏. I have sent you a PM. Please check it out in your free time.


Regards,
Iron-Man🤣
 
  • Like
Reactions: slvrsteele
AdBlock Detected

We get it, advertisements are annoying!

However in order to keep our huge array of resources free of charge we need to generate income from ads so to use the site you will need to turn off your adblocker.

If you'd like to have an ad free experience you can become a Babiato Lover by donating as little as $5 per month. Click on the Donate menu tab for more info.

I've Disabled AdBlock