Analytics spam

[Mike Rockett]

So I'm seeing these across nearly all of my domains in Google Analytics...

Anyone else gettin this? I guess there's no easy way to prevent it from happening. Or perhaps I should whitelist languages through htaccess?

[Ivan Gretsky]

Nice catch! See it too.

I guess that is Putin's personal hacker squad making itself known to all web-traffic concerned .

[arjen]

Join the club 

[Mike Rockett]

I'm going to try create GA filters that only allow tracking of specific languages - that seems to be the only way to go about it, considering that these douche bags (sorry, they really are) hijack Analytics IDs. I could also use segments, but filters could workwell for this.

[elabx]

Can confirm, no wall can stop spam.

[Mike Rockett]

19 minutes ago, elabx said:

Can confirm, no wall can stop spam.

It's almost as if I shouldn't even bother with analytics. But hey, I'll do what I can and see what happens.

[BitPoet]

I've seen that too, hand in hand with a near doubling of new sessions in GA with arbitrary pages/view rate for last month, so this really messes up the stats. I've found some reports saying that these entries all come from Accept-Language headers (not Measurement Protocol) so it should be possible to block these requests at server level with a regex on Accept-Language that throws away anything that doesn't match the required format given in rfc7231. I'm going to take a look after Christmas hols if Akamai lets me add that such a filter in DSA. It should be relatively easy to do in Apache and NGINX, something like

RewriteCond %{HTTP:Accept-Language} !^$|\*$|([a-z]{2,3}(-[a-z]{2,3})?)(\s*,\s*[a-z]{2,3}(-[a-z]{2,3})?)*($|;) [NC]
RewriteRule ^.*$ "-" [F]

The regex isn't a complete validity check and untested yet, but it should get the job done. Might even work for a GA filter too.

[netcarver]

Perhaps running the 6G Firewall might help.

[fbg13]

Just came across this article https://kinsta.com/blog/language-spam/.

[Mike Rockett]

11 hours ago, BitPoet said:

I've seen that too, hand in hand with a near doubling of new sessions in GA with arbitrary pages/view rate for last month, so this really messes up the stats. I've found some reports saying that these entries all come from Accept-Language headers (not Measurement Protocol) so it should be possible to block these requests at server level with a regex on Accept-Language that throws away anything that doesn't match the required format given in rfc7231. I'm going to take a look after Christmas hols if Akamai lets me add that such a filter in DSA. It should be relatively easy to do in Apache and NGINX, something like

RewriteCond %{HTTP:Accept-Language} !^$|\*$|([a-z]{2,3}(-[a-z]{2,3})?)(\s*,\s*[a-z]{2,3}(-[a-z]{2,3})?)*($|;) [NC]
RewriteRule ^.*$ "-" [F]

The regex isn't a complete validity check and untested yet, but it should get the job done. Might even work for a GA filter too.

Thanks - I have now done that for those spammers that spam through the site. Just wisg Google made it easier to run filters on GA for those that don't spam through the site/domain.

7 hours ago, fbg13 said:

Just came across this article https://kinsta.com/blog/language-spam/.

Thanks - that looks good.