Analytics advocate

SEO expert

User Experience passionate

Follow me on
Category | Google Analytics
Difficulty |

Why spam and bots keep showing in your Google Analytics?

Google Analytics has a powerful built-in filter functionality that helps against spam, bots, and other junk traffic that damages the integrity of the data.  However, I often find sites that don't use this tools or they use them but in the wrong way.

To help you get accurate data and avoid wasting your time on partial solutions, I will show you how to efficiently deal with any type of junk traffic in your Analytics, and how to do it safely so you don't risk your real user data.

Quick FAQ about this guide

  • Which type of spam and bots does this guide cover?
    • All of them! The filters and segment below will help you stop and remove any type of Google Analytics spam (referral, keyword, language, page, etc.) and many known bots,
  • Does this work in WordPress, Joomla, Shopify, Wix, Weebly, Squarespace?
    • The solutions below are purely GA based, so it will work independently of the platform (CMS) you use.
  • How often are the expressions updated for new spam?
    • This guide is updated as soon as new significant threats are detected, so you can keep it as a reference.
    Want to get notified of important updates, new threats, and new ways of keeping your Analytics data accurate?

Spam and bots recently detected (Last Checked: June 23, 2018)

Examples of spam covered by:
  • The valid hostname filter: all combinations of,
    • get-more-freele-visitors
    • best-ping-service-usa-1.blue巜═──═visit-uƨ
    • + 100 more combinations from this ghost spam
  • Crawler filters:,,,,, + 200 more
  • Bot/ISP domain filter: fake amazon keywords from "bing" and network domain
  • Bot/ISP organization filter: microsoft corporation, hubspot and google llc bots
  • See the full historical spam blacklist 500.

Editorial note: Please know that not all sites mentioned in this list were directly involved in spamming your Analytics. In some cases, the domains were referred by spammers to either damage the reputation of the website or because the owner fell in a "cheap traffic service" trap.

Don't have time to deal with this? I can review your analytics and apply these solutions for you.

Myths about the spam in Analytics

Let's begin with what you shouldn't. (If you made any of the mistakes below, undo the changes)

How does Ghost Spam attacks Google Analtyics?

Google analytics spam filters that work

The filters I'm going to show you have been proven to work for over three years regardless of the methods used by spammers (referral, keyword, page, language, etc.)

Want some proof? Here are some examples of users that followed this guide and shared their results with me. Show Examples

The following screenshot shows some examples of analytics users that followed this guide:

  • The data in blue: Segment of data showing only spam traffic.
  • The Orange line: The moment when the filters from this guide were applied to that Analytics property.
Permanent filters for spam applied graphs

So I will show you how to get these results for your Analytics.

To accomplish those results in your Analytics you should do 3 things:

  1. Create a backup view by following a few best practices for your views.
  2. Filter future hits of spam and other junk traffic with google analytics spam filters that don't need to be constantly updated.
  3. Remove spam from your historical data with an advanced segment.

If you want to go to a specific section use the Quick Navigation   on the right side of your screen.

STEP 1: Protecting your data from misconfigurations

This part is not strictly required to keep clean your analytics, but it is important to protect it from possible misconfigurations. 

Every Google Analytics account should have at least the following views:

  • Master - View where you will apply filters. Used for analysis
  • Unfiltered - Your backup view, which, shouldn't have any filter or any setting that alters the incoming data.
  • Test (Optional) - if you want to be extra cautious you can create a test view that you can use to try the filters.

If you are already following these best practices, go to the next step. If you haven't and need help, here you can find the instructions on how to create an unfiltered and a test view

STEP 2: Filtering Google Analytics spam

Once your views are correctly configured, the next step is blocking all of that dirty traffic that skews your reports and don't let you see the real performance of your site. 

The Google Analytics spam filters you will need are:

  1. Filter for Google Analytics ghost spam (for referral, page, keyword spam, language, etc.),
  2. Filter for crawler referral spam,
  3. Filter for fake languages and other less common types spam,
  4. Enable the built-in feature "Bot Filtering" (to exclude known bots),
  5. Filter for internal traffic.

General notes about filters.

  • While most of the time filters start working within minutes, officially it may take up to 24 hours before the filter effects become visible in your data, so be patient.
  • You will apply the filters either in the master view, the view(s) to be used for analysis, or the test view if you want to try them first.
  • Filters only work forward, for historical data you will use the segment (3rd step)

a. Create a Valid hostname filter to stop Ghost spam 

This is the single most effective solution against the spam. This filter will permanently stop all ghost traffic.

The difference between this solution and other commonly shared is that this filter is based on something that you control, your hostnames. So as long as you add all of them you don't have to worry, you won't exclude any real traffic.

Hostname vs Source expand

The difference between these two sometimes causes a bit of confusion and some people mistake the hostname with the source. So to make it clear:

  • The Source is where your visit comes from and there can be any number of them, for example, Facebook, Google, Twitter, Youtube, links from other sites to your site, etc.
  • The hostname, on the other hand, is the site where the visitor arrives. Every place where your tracking code is present will show as a hostname, the main one, of course, will be your domain.
Source vs Hostname Google Analytics

To understand how this filter works you must know how ghost spam works. The spammers that use this technique abuse the measurement protocol a tool that allows sending data to GA directly for other purposes obviously. Since the spammer doesn't know who are they hitting, they always leave a fake hostname or an "undefined" hostname which will appear as (not set) in your reports.

If we use this logic to create a filter that will only let pass traffic with valid hostnames, all ghost traffic will be automatically excluded. This solution is much more efficient than the one commonly used, which is to create a filter with the name of spam. Plus this technique will work for any type: referral, keyword, page, language, etc.

Google Analytics spam filter
You will need 3 things to build this filter:
  1. Make a list of your hostnames:
    • To see a list of all the active hostnames you need go to the Network report in your Analytics:
      • Audience > Technology > Network
    • Change the primary dimension to Hostnames  (blue text at the top of the report)
    • Make a list of all the valid ones you find. You should see at list one valid, which is your main domain, the rest will depend on the configuration of your site.
  2. Build your hostname expression: Once you have the list of all your hostnames, you should put all of them together separating them with a pipe "|" character like this:
      • yourdomain|hostname2|hostname3 and so on. Make sure you add all of them.
    If you need extra help finding your valid hostnames and building your expression check this guide or let me know so I can personally help you.
  3. Create the filter: Once you are sure the expression is correct, create the filter as follows.

How to create a valid hostname filter for ghost spam in Google Analytics

To block all ghost spam in Google Analytics, you need to create an include hostname filter:

  1. Go to the Admin tab, and select the view where you want to apply the filter. If you follow the naming above, this will be the Master view or Test view.
  2. Select Filters under the View column, and select + Add Filter
    Add filter button Google Anlaytics
  3. Enter as a name for the filter Include Valid Hostnames.
  4. Configure the filter as follows:
    • Filter Type Custom > Include
    • Filter Field Hostname
  5. In the Filter Pattern box copy the hostname expression that you built before.
    How to filter spam in google analtyics?
  6. Click on Verify this filter, you will get a quick glance at how the filter will work. You should only see spam or irrelevant hostnames on the left side of the preview table. 

    If you get this message: "This filter would not have changed your data. Either the filter configuration is incorrect, or the set of sampled data is too small"

    It is probably because of the limited data used by this featureTry verifying it with a quick segment (if you haven't done it yet).

  7. After making sure your filter is ok, Save the filter.

IMPORTANT: This filter doesn't require updates for new ghost spam, but it's essential to update the expression whenever you add the tracking ID to new service or domain.

b. Creating a source filter to stop Crawler referral spam

Crawler spam uses a valid hostname so it is a bit harder to detect. To block it you'll need a filter with an expression that matches the source of all known crawler spam.

To save you some time, I've created a set of optimized regular expressions (REGEX) with all the relevant crawler spam detected over the last 3 years, you'll find them below in the instructions.

How to block referrer spam in Google Analytics

To block referrer spam in Google Analytics you will need to create an exclude filter using the campaign source:

  1. Again in the admin section of your GA.
  2. On the last column "VIEW", select Filters  and then click + Add Filter
    Add filter button Google Anlaytics
  3. Enter as a name for the filter "Exclude Crawler Spam"
  4. Configure the filter as follows:
    • Filter Type select Custom > Exclude
    • Filter Field select Campaign Source (don't use referral field or it won't work)
      How to block referrer spam in Google Analytics?
  5. Filter Pattern > Paste the following crawler referrer spam expression.

    Create 1 filter for each expression

    Crawler Expression 1


    Crawler Expression 2


    Crawler Expression 3


    Crawler Expression 4


    Crawler Expression 5


    Get an email with the updated expressions whenever I detect new crawlers.

  6. After everything is set Save.

Note: You may find other referrals that may not be spam, but neither relevant for you. For example, mobile test sites or cache sites. You can create a similar filter with the same configuration and add all the irrelevant referrals there to keep your data pristine and reliable.

c. Creating filters for fake languages, ISP bots, and other types junk traffic

With the 2 solutions above we've covered a great part of the spam but there are other sneaky types that will pass those filters.

To create these filters follow the first steps of the crawler spam filter and just change the fields indicated below.

ISP organization filter

Not all irrelevant traffic comes from spammers, some companies uses bots to crawl sites for information (indexing, analytics, etc.), those bots don't have bad intentions but they still pollute your data.

Here is an example:

google llc and the referral in Google Analyitcs

The following filter includes some ISP organizations that are used mostly by bots.

Note: the ISPs below are not necessarily bad for your site, however, they are bad for your Analytics reports. 

ISP identified for using bots
hubspot google llc google inc. llc ovh hosting inc. microsoft corp
microsoft corporation    
  • In Filter Name set Exclude ISP provider spam
  • In Filter field select ISP organization
  • In Filter pattern box enter the following expression as it is:
    Filter google llc and in Google Analytics

Language spam filter

From time to time you may see weird languages showing in your analytics. I prepared the following expression to prevent any language that doesn't have a proper format like en-us, en-uk, es, etc.

I also added at the end what seems to be language left by bots represented by the letter "c"

    • In Filter field to Language Settings
    • In Filter pattern box enter the following expression as it is:
      spam and language c google analytics

Fake "page title" filter

Sometimes spammers use valid referrals to spam (ie, twitter) in those cases, instead of filtering by the source you can filter by another dimension where they entered fake info, like the page title.

    • In Filter field to Page title
    • In Filter pattern box copy the following expression as it is:

Network/ ISP domain filter

You may be surprised to find amazon keywords in your organic search reports. This is just the latest form of spam, and it comes as Bing organic traffic with the keyword amazon and the network domain

  • In Filter Name set Exclude ISP domain spam
  • In Filter field select ISP domain
  • In Filter pattern box enter the following expression as it is:


d. Enabling "Exclude all hits from known bots and spiders"

There are many other crawlers around that are not spam but neither useful for your reports. For example, the ones crawling your site for indexing. This bots will leave a record in your reports if not excluded.

In this case, is a bit easier because Google Analytics has a built-in feature to exclude this traffic.

How to enable bot filtering

Repeat the following steps for all your views

  1. Again in the Admin Tab, select one of your views under the VIEW column in the admin section.
  2. Click View Settings
    how to block known bots in Google Analytics
  3. Near the bottom check the box Exclude all hits from known bots and spiders (Bot Filtering)
    Exclude all hits from known bots and spiders
  4. Save and repeat the process with all your Views

You can see the more details about Google Analytics Bots and Spider Filtering here.

e. Extra: Excluding internal traffic

Google analytics spam filters are important, but there is another source of junk traffic that is often overlooked, the internal traffic.

If you don't apply filters for the traffic generated by you or other people of your team, this data will get mixed up with your real visits data, and a difference with the spam, this is much harder to identify later.

To create this filter, you will need the public IP of the network/wifi you want to exclude. You can find it here. You will see something like this  12.345.678.90 or the longer version IPv6.

If you need help filtering your internal traffic you can try this:

STEP 3 - Removing spam from your Google Analytics Historical Data

The spam that is already stored in your Analytics (or any data for that matter) can't be permanently deleted. That is why it is important to create the filters to stop receiving junk traffic.

However, you can still clean your past data affected by spam using a combination of the valid hostname expression you built and all the expressions I built for you.

How to Clean up the Spam from your Google Analytics Historical Data

To eliminate referral spam and other junk from your Google Analytics historical data:

  1. Go to any Report in your Google Analytics.
  2. At the top of the graph, click on the box that says All Users. Next click the red button +NEW SEGMENT 
    New Segment GA
  3. In the segment window, almost to the bottom click Conditions  
  4. Configure the first condition:
    • Filter > SessionsInclude
    • Dropdown 1 > Hostname
    • Dropdown 2 > matches regex
    • Textbox > Paste the Hostname Expression that you previously build.
  5. Click +Add Filter at the bottom to add a new condition.
    How to remove spam from  Google Analytics?
  6. The second condition has 5 fields, (repeat for each field)
    • Dropdown 1 > select: 1 Source | 2 Language | 3 Page title | 4 Network domain | 5 Service Provider
    • Dropdown 2 > matches regex
    • Textbox > Paste the expression correspondent with the field type (see below)
    • Click OR on the right side to add another field and repeat with the next expression.
    1 Source
    2 Language
    3 Page Title
    4 Network Domain
    5 Service Provider

    Get notified whenever I detect new types of spam. You will receive the updated expression directly to your email.

  7. Enter 0. All Users - clean as a name for the segment and Save. (the 0 at the beginning of the name is to put the segment at the top of the list)

After saving the segment, you will be able to see spam-free reports, as long as the segment is selected. Eventually, the filters will do their work, and you won't need to use the segment anymore.

List of recent Google Analytics spam (Crawler and Ghost)

The list was getting too big to keep it on the same page as the guide. To keep it cleaner I moved it to a new page. See here the full historical blacklist of spam.

Security, SEO, rankings and other common concerns

Because the article was getting too long, I divided the theoretical from the practical part. If you have more questions or concerns, you can also check the FAQ I made about the spam in Google Analytics. Things like:

  • Does the spam harm my SEO-Rankings? Short answer no
  • Is Google doing something to handle this threat?
  • How does it get in your reports?

Wrapping it up

Whether you are a blogger, a small local website, or a multinational company, filtering your data is crucial for the accuracy of your reports.

"Even on high volume websites were data spamming would be marginal, you still have to explain why there's such a discrepancy. As an analyst you can't dismiss it simply by saying "nah... we're not too sure what it is..."

-Stéphane Hamel

However, you have to do it right. Handling each spammer individually is time-consuming and inefficient. The Google Analytics spam filters explained in this guide may take a bit longer to configure but they will save you a lot of time in the long run.

I will be updating this guide as new threats appear so you can keep it as a reference.

Do you have any questions or feedback?

I've tried to cover every important detail in this guide, however, if there is any part of the guide where you got stuck, let me know in the comments section below.

If this article helped you, consider sharing it or leaving a comment below on your experience, it may help other people! :)need help implementing, configuring, and/or protecting your Google Analytics? I can help

If you need help with this or any other Google Analytics configuration/customization.


Analytics advocate

SEO expert

User Experience passionate

Follow me on
Be the first to comment :)