Malicious bot attack?
-
Several of our websites have experienced a major direct load traffic spike in the last 30 days - roughly 40K new visitors for each site. The bots are emulating IE9 and appear to be hitting our home page and bouncing 100% of the time. The traffic is double our usual volume, or more. Our bounce rates, conversion rate, page views, etc have suffered accordingly. The volume hasn't affected site performance, yet.
Since the traffic is direct load, I can't see this being a negative SEO attack. Plus, our search visibility for everything but our brands is abysmal - there aren't any real rankings to tank.
Our engineers are saying that the IP addresses are diverse, and they aren't seeing any pattern. I also checked GA for traffic locations, and we aren't seeing anything unusual from overseas.It appears that the attack is US based.
Has anyone seen this before?
-
I have been experiencing this on my site as well. Just curious if you were still receiving this kind of traffic since it has been a few months?
Recently there have been one or two times throughout the day where I see a huge spike in direct traffic. As you mentioned, the GA numbers seem to suffer but as long as this does not impact my rankings or site performance I'm not too worried. I too am concerned that this is more than just an annoyance and possibly reason for concern.
I've had other sites show up on GA as sending tons of referral traffic and figured it was just spam, but not sure of the benefit to a spammer of sending ghost direct traffic unless it is some kind of negative SEO attack. Would love to find out.
-
try
http://sucuri.net/website-firewall/
or
Stop bot attack resulting in a more secure website. Stop bots
-
Google analytics has issue with ghost referrals and find out what the referral name is parking in the block it in GA
UA numbers ending in two and three are not effected for some reason
You're hosting company can update software in order to make this stop
hope this helps
Tom
-
I would strongly recommend Cloudflare to address this type of problem. They have massive data on malicious sources and offer tools to mitigate attacks like you're facing.
-
Have you tried digging deeper into the type of browser and OS they're emulating? Chances are you could get a pretty precise block on just their activity if you match up their browser, screen dimension, OS, versions, etc without affecting any other users.
Got a burning SEO question?
Subscribe to Moz Pro to gain full access to Q&A, answer questions, and ask your own.
Browse Questions
Explore more categories
-
Moz Tools
Chat with the community about the Moz tools.
-
SEO Tactics
Discuss the SEO process with fellow marketers
-
Community
Discuss industry events, jobs, and news!
-
Digital Marketing
Chat about tactics outside of SEO
-
Research & Trends
Dive into research and trends in the search industry.
-
Support
Connect on product support and feature requests.
Related Questions
-
Inbound links to internal search with pharma spam anchor text. Negative seo attack
Suddenly in October I had a spike on inbound links from forums and spams sites. Each one had setup hundreds of links. The links goes to WordPress internal search. Example: mysite.com/es/?s=⚄
White Hat / Black Hat SEO | | Arlinaite470 -
Massive Spam attack against my domain - automate disvow of tld?
We've been getting hundreds of new links from unique domains every day - all the domains follow a pattern like this: www.someword-1f4163e1.space/wiki/Someterm Hundreds... every day. What techniques exist to deal with a prolonged negative seo attack of this type. By the time we can detect and disvow, the damage is done.
White Hat / Black Hat SEO | | sonar0 -
How to stop google bot from crawling spammy injected pages by hacker?
Hello, Please help me. Our one of website is under attack by hacker once again. They have injected spammy URL and google is indexing, but we could not find these pages on our website. These all are 404 Pages. Our website is not secured. No HTTPS Our website is using wordpress CMS Thanks
White Hat / Black Hat SEO | | ShahzadAhmed0 -
Malicious links on our site indexed by Google but only visible to bots
We've been suffering from some very nasty black hat seo. In Google's index, our pages show external links to various pharmaceutical websites, but our actual live pages don't show them. It seems as though only certain user-agents see the malicious links. Setting up Screaming Frog SEO crawler using the Googlebot user agent also sees the malicious links. Any idea what could have caused this or how this can be stopped? We scanned all files on our webserver and couldn't find any of malicious links. We've changed our FTP and CMS passwords, is there anything else we can do? Thanks in advance!
White Hat / Black Hat SEO | | SEO-Bas0 -
How authentic is a dynamic footer from bots' perspective?
I have a very meta level question. Well, I was working on dynamic footer for the website: http://www.askme.com/, you can check the same in the footer. Now, if you refresh this page and check the content, you'll be able to see a different combination of the links in every section. I'm calling it a dynamic footer here, as the values are absolutely dynamic in this case. **Why are we doing this? **For every section in the footer, we have X number of links, but we can show only 25 links in each section. Here, the value of X can be greater than 25 as well (let's say X=50). So, I'm randomizing the list of entries I have for a section and then picking 25 elements from it i.e random 25 elements from the list of entries every time you're refreshing the page. Benefits from SEO perspective? This will help me exposing all the URLs to bots (in multiple crawls) and will add page freshness element as well. **What's the problem, if it is? **I'm wondering how bots will treat this as, at any time bot might see us showing different content to bots and something else to users. Will bot consider this as cloaking (a black hat technique)? Or, bots won't consider it as a black hat technique as I'm refreshing the data every single time, even if its bot who's hitting me consecutively twice to understand what I'm doing.
White Hat / Black Hat SEO | | _nitman0 -
Cloaking/Malicious Code
Does anybody have any experience with software for identifying this sort of thing? I was informed by a team we are working with that our website may have been compromised and I wanted to know what programs people have used to identify cloaking attempts and/or bad code. Thanks everybody!
White Hat / Black Hat SEO | | HashtagHustler0 -
Bot or Virus Creating Bad Links?
Hey Everyone, We are getting ready to engage a client for some potential marketing/SEO so in preparing for this have ran the site through OpenSiteExplorer. The site is relatively new and there are only two links under the inbound links section. They are relevant and add value, no issues there. Here is where it get strange. When I look under the 'Just Discovered' section there are many (hundreds) new links going back about a month. Virtually all of them have the anchor text 'Louis Vuitton outlet'. Now the client swears he has not engaged anyone for black hat SEO, so wondering who could possibly be creating these links. They do sell some Louis Vuitton items on the site, so I'm wondering if it is possible that some spam bot has picked up the site and began to spam the web with links to the clients site. So far today, 50 or so new links have been created with said anchor text and the clients root URL all on very poor quality, some foreign blog sites. Would like to find out why this is happening and put a stop to it for obvious reasons. Has anyone experienced something similar? Could this be a bot? Or maybe someone with an axe to grind against the client? Anyone could be doing this on their own, but just seems strange for it to be happening to a new site that does not even rank highly at the moment. Any advice or info is greatly appreciated, thanks in advance.
White Hat / Black Hat SEO | | Whebb0 -
Being Link Attacked - Should I worry?
Hey, Hope everyone is well. Just a quick question. I hope to get an answer from Google officially (I've asked in their webmaster forums area) but any experience or opinions from the community here would be great. I noticed recently that our site started to get thousands of links from comments in random blogs from all across the web. This is nothing to do with us as we don't "build links". I can only assume it is a competitor trying to get our site hit by the algorithm for a particular search term, as all the anchor text (I estimate about 1,800 links with this anchor text) point to one page on our site that is ranking for that term. I recently removed the website from webmaster tools and re added, due to an unrelated issue about the a video rich snippet not updating, and all the links have just popped up today on there. Is this something I need to worry about? and should I start collecting all these domains and using the disavow tool to block the whole domain of these sites with the comments (some of them seem like genuine sites). There seem to be new ones everyday and it looks to be an ongoing attack as well. Thanks in advance!
White Hat / Black Hat SEO | | JonathanRolande0