Website referral spam has been a problem for several years and this form of artificial traffic to websites cannot be considered as real visitors who are genuinely interested in your products and services. Not only does it result in inaccurate reporting of website data, it can also cause overloading of servers. At Hallam we regularly have to inform our clients that their website traffic has not been as high or as valuable as they believe.

Spam RobotSo if you’ve noticed a spike in referral traffic in your Google Analytics account, you might conclude that more people are finally clicking through to your website. However, the harsh reality is that a there is a good chance that this spike in referral traffic may have been the result of visits from spammy referral sources.

Why Do I Need to Exclude Website Referral Spam?

There are two reasons why this is important for your website. Firstly, website referral spam will skew your Google Analytics data, resulting in inaccurate reporting of your website’s performance. Secondly, visits from these spammy referral sources could potentially overload your server. This can lead to slow page loading times which then results in a poor user experience and frustrated genuine visitors.

What Website Referral Spam Domains Do I Need to Look out For?

There are several spammy websites that you need to look out for and block from your website and your Google Analytics data.

Here is a handy list of some common referral spam domains to look out for and exclude from your website:

To take a look at what referral traffic your website has been receiving, first log into your Google Analytics account. Once in Reporting, click Acquisition, then select All Traffic and Referrals.

As you can see from the example below, this particular website is getting a significant volume of traffic from spammy referral domains such as and

Spammy Referral Traffic in Google Analytics

How Do I Block Website Referral Spam Traffic from My Website?

There are two ways: Through editing your domain’s .htaccess file, and by applying Google Analytics filters.

.htaccess file

Blocking spam referral traffic is most effectively accomplished through a .htaccess (hypertext access) file. This is configuration file is used to control your server. It can be instructed to block spammy visits by domain or IP address.

As a file that is placed in the root directory of your domain. This method not only blocks referral spam domains from your website but also removes them from your server, which will prevent your website from overloading and slowing down.

By way of example, if you want to exclude Semalt and, add the following command to your website’s .htaccess file:

RewriteCond %{HTTP_REFERER} [NC,OR]
RewriteCond %{HTTP_REFERER} [NC,OR]
RewriteCond %{HTTP_REFERER} [NC]
RewriteRule .* – [F]

Be very careful inputting commands in the .htaccess file. If you put one character of the code in the wrong place or accidentally type a double space, it could take your whole website offline. In the above example note the use of the slash before the .com and the use of [NR] rather than [NC,OR] on the last line as this is important. If you have a WordPress website, you can download the WP-Ban plug-in to help guide you through the process. Alternatively, seek advice from your website developer.

You might wonder – what’s the difference between a .htaccess file and a robots.txt file? A robots.txt file is used to issue crawling directions to search engine bots, while the .htaccess file will allows you to set up strict commands, including fully blocking certain users.

Google Analytics

The second method of blocking spammy referral traffic is through applying filters to your Google Analytics account.

Filters within Google Analytics are not only great for excluding domains and IP addresses but also come in handy for excluding internal or agency visitors that are considered non-genuine visits to your website. We previously put together a comprehensive guide on how to exclude spammy domains such as Semalt from your Google Analytics data, but if you’re looking to exclude traffic data from certain IP addresses, here is a quick guide:

1. Login to your Google Analytics account 

2. Click Admin 

3. Click All Filters 

4. Give the filter a name 

5. Select Predefined 

6. Select ‘Exclude’, ‘traffic from IP addresses’ and ‘that are equal to’ in the boxes below 

7. Enter the IP Address that you wish to exclude, and then click Save.


Google Analytics Filter

Whilst applying filters is great for reporting purposes, remember that they won’t prevent spam bots from visiting your website. The filters will just exclude the visits from the Google Analytics data. For best results, you should also block these domains through your website’s .htaccess file.

Do you know any more spammy referral domains that you wish to name and shame? Submit your comments below, we’d love to hear from you!

9 responses to “How to Block Website Referral Spam”

  1. Jane Sherratt says:

    Grrr, this referral spam is driving us mad! Thanks for this article, nice and clear. Just a bit confused because in the list of commands you suggest adding to .htaccess your last line is
    RewriteCond %{HTTP_REFERER} [NC]

    then in the paragraph below you say “note the use …. of [NR] rather than [NC,OR] on the last line

    so should it be [NC] or [NR]?

  2. Lavada says:

    I have the same questions as Jane Sherratt:

    is the last line supposed to be [NC] or [NR]?


  3. Tron says:


    Nice to se detailed article on this topic. Can you however explain “NC or NR”? Since I don’t already know this variant in the code – the rest is easy to read/ understand.



  4. James Mac says:

    Just to clarify; [OR] means exactly that – if this spammy domain connects OR if this other spammy domain connects OR if this other spammy domain connects, etc. The last line doesn’t need the [OR] because there is no more conditions after.

    The [NC] specifies that the http host is case insensitive – and so this should be used on all.

    Hope it helps!

  5. Amit Rawat says:

    Thanks Tom Whiley for this article
    i am also getting spam referrals from ijobplus (more than 1200+ visits)
    also include this in your list.

    in another website they say

    RewriteCond %{HTTP_REFERER} ^http://.*ilovevitaly\.com/ [NC,OR]

    how it is different from your command?? or both works same?

  6. Amit Rawat says:

    I use the above and many plugins but still referral spam is not stopping .. now m getting 2000+visits
    please help me with this

  7. Tom Whiley says:

    Hi Amit I would suggest heading over to Analytics and create a new filter for the domain names of the biggest contributors to referral spam.

    Use the Custom filter type, select Campaign Source from the Filter Field drop down and use Filter Pattern domain\.|domain\.|domain\. to create a string of multiple sources.

    I hope this helps!

  8. Amit Rawat says:

    Thanks for writing Tom Whiley 🙂

    Few days after implementing your codes in .htaccess those spam referrers were gone.
    Thanks for your Help.

    Actually those page views were showing in my AdSense reports and this article helped me 🙂


  9. prince saini says:

    Hi Tom whiley,
    I am also getting spam traffic from
    And they send this traffic from different domains like.,
    when i open these website they redirect me to
    So after searching i found your article i am going to try this now.


Leave a Reply

Your email address will not be published. Required fields are marked *