Malicious bot attack?
-
Several of our websites have experienced a major direct load traffic spike in the last 30 days - roughly 40K new visitors for each site. The bots are emulating IE9 and appear to be hitting our home page and bouncing 100% of the time. The traffic is double our usual volume, or more. Our bounce rates, conversion rate, page views, etc have suffered accordingly. The volume hasn't affected site performance, yet.
Since the traffic is direct load, I can't see this being a negative SEO attack. Plus, our search visibility for everything but our brands is abysmal - there aren't any real rankings to tank.
Our engineers are saying that the IP addresses are diverse, and they aren't seeing any pattern. I also checked GA for traffic locations, and we aren't seeing anything unusual from overseas.It appears that the attack is US based.
Has anyone seen this before?
-
I have been experiencing this on my site as well. Just curious if you were still receiving this kind of traffic since it has been a few months?
Recently there have been one or two times throughout the day where I see a huge spike in direct traffic. As you mentioned, the GA numbers seem to suffer but as long as this does not impact my rankings or site performance I'm not too worried. I too am concerned that this is more than just an annoyance and possibly reason for concern.
I've had other sites show up on GA as sending tons of referral traffic and figured it was just spam, but not sure of the benefit to a spammer of sending ghost direct traffic unless it is some kind of negative SEO attack. Would love to find out.
-
try
http://sucuri.net/website-firewall/
or
Stop bot attack resulting in a more secure website. Stop bots
-
Google analytics has issue with ghost referrals and find out what the referral name is parking in the block it in GA
UA numbers ending in two and three are not effected for some reason
You're hosting company can update software in order to make this stop
hope this helps
Tom
-
I would strongly recommend Cloudflare to address this type of problem. They have massive data on malicious sources and offer tools to mitigate attacks like you're facing.
-
Have you tried digging deeper into the type of browser and OS they're emulating? Chances are you could get a pretty precise block on just their activity if you match up their browser, screen dimension, OS, versions, etc without affecting any other users.
Got a burning SEO question?
Subscribe to Moz Pro to gain full access to Q&A, answer questions, and ask your own.
Browse Questions
Explore more categories
-
Moz Tools
Chat with the community about the Moz tools.
-
SEO Tactics
Discuss the SEO process with fellow marketers
-
Community
Discuss industry events, jobs, and news!
-
Digital Marketing
Chat about tactics outside of SEO
-
Research & Trends
Dive into research and trends in the search industry.
-
Support
Connect on product support and feature requests.
Related Questions
-
Malicious links on our site indexed by Google but only visible to bots
We've been suffering from some very nasty black hat seo. In Google's index, our pages show external links to various pharmaceutical websites, but our actual live pages don't show them. It seems as though only certain user-agents see the malicious links. Setting up Screaming Frog SEO crawler using the Googlebot user agent also sees the malicious links. Any idea what could have caused this or how this can be stopped? We scanned all files on our webserver and couldn't find any of malicious links. We've changed our FTP and CMS passwords, is there anything else we can do? Thanks in advance!
White Hat / Black Hat SEO | | SEO-Bas0 -
How authentic is a dynamic footer from bots' perspective?
I have a very meta level question. Well, I was working on dynamic footer for the website: http://www.askme.com/, you can check the same in the footer. Now, if you refresh this page and check the content, you'll be able to see a different combination of the links in every section. I'm calling it a dynamic footer here, as the values are absolutely dynamic in this case. **Why are we doing this? **For every section in the footer, we have X number of links, but we can show only 25 links in each section. Here, the value of X can be greater than 25 as well (let's say X=50). So, I'm randomizing the list of entries I have for a section and then picking 25 elements from it i.e random 25 elements from the list of entries every time you're refreshing the page. Benefits from SEO perspective? This will help me exposing all the URLs to bots (in multiple crawls) and will add page freshness element as well. **What's the problem, if it is? **I'm wondering how bots will treat this as, at any time bot might see us showing different content to bots and something else to users. Will bot consider this as cloaking (a black hat technique)? Or, bots won't consider it as a black hat technique as I'm refreshing the data every single time, even if its bot who's hitting me consecutively twice to understand what I'm doing.
White Hat / Black Hat SEO | | _nitman0 -
Website rankings plummeted after a negative SEO attack - help!
Hello Mozzers A website of a new client (http://bit.ly/PuVNTp) use to rank very well. It was on the top page for any relevant search terms in its industry in Southern Ontario (Canada). Late last year, the client was the victim of a negative SEO attack. Thousands upon thousands of spammy backlinks were built (suspected to be bought using something like Fiverr). The links came from very questionable sites or just low quality sites. The backlink growth window was very small (2,000 every 24 hours or so). Since that happened that site has all but disappeared from search results. It is still indexed and the owner has disavowed most of the bad backlinks but the site can't seem to bounce back. The same happened for another site that they own (http://bit.ly/1tErxpu) except the number backlinks produced was even higher. The sites both suffer from duplicate content issues and at one point (in 2012) were de-indexed due to the very spammy work of a former SEO. They came back in early 2013 and were fine for some time. Thoughts?
White Hat / Black Hat SEO | | mattylac0 -
I'm Getting Attacked, What Can I Do?
I recently noticed a jump in my Crawl Errors in Google Webmaster Tools. Upon further investigation I found hundreds of the most spammy web pages I've ever seen pointing to my domain (although all going to 404 errors): http://blurchelsanog1980.blog.com/ http://lenitsky.wordpress.com/ These are all created within the last week. A. What the hell is going on? B. Should I be very concerned? (because they are 404 errors) C. What should my next steps be? Any help would be greatly appreciated.
White Hat / Black Hat SEO | | CleanEdisonInc0 -
Spamlink attack wat to do
Since today we had a spamlink attack. Just 150 dirty links in one morning and probably more to follow. Last year we also had an attack and we used the disalow. But this domain had a much stronger histrory and a PR of 6. The new domain has an authority (DA36) and PR1. The domain is very valuable and we rank on page on one of the most competitive words. Should I use the disalow tool, or just hope that the spam links don't hurt my ranking. I have some (150) valuable incoming links. Example of bad link: http://lamevabarcelona.com/una-exposicio-ens-guia-per-barcelona/dscn0756/ I think X Rumer/ pingback is used. I hope somebody can help us with this.
White Hat / Black Hat SEO | | remkoallertz0 -
Victim of Negative SEO - Can I Redirect the Attacked Page to an External Site?
My site has been a victim of Negative SEO. During the course of 3 weeks, I have received over 3000 new backlinks from 200 referring domains (based on Ahref report). All links are pointing to just 1 page (all other pages within the site are unaffected). I have already disavowed as many links as possible from Ahref report, but is that all I can do? What if I continue to receive bad backlinks? I'm thinking of permanently redirecting the affected page to an external website (a dummy site), and hope that all the juice from the bad backlinks will be transferred to that site. Do you think this would be a good practice? I don't care much about keeping the affected page on my site, but I want to make sure the bad backlinks don't affect the entire site. The bad backlinks started to come in around 3 weeks ago and the rankings haven't been affected yet. The backlinks are targeting one single keyword and are mostly comment backlinks and trackbacks. Would appreciate any suggestions 🙂 Howard
White Hat / Black Hat SEO | | howardd0 -
Black Hat Attack! Seeking Help
Hello, For the first time, I think my site has been the victim of a black hat (spam) attack 😞 I have a blog in a competitive niche and my rankings suddenly dropped (from top 3 to top 20). A quick peek at my latest backlinks using Open Site Explorer "Just Discovered" revealed some nasty looking comment spam links with my target keywords posted recently. Of course, I haven't hired anyone to post such links and I haven't done it myself. So my only guess is that a competitor has been generous enough to invest on spamming my site. Questions: 1. How can I confirm if this is in fact a spam attack? 2. Should I worry about this? 3. If so, what is the best way to go about this? Would appreciate any thoughts on this. Thanks in advance! Howard
White Hat / Black Hat SEO | | howardd1 -
Yahoo Slurp Bot 3.0 Going Crazy
On one of our sites, since the Summer, Yahoo Slurp bot has been crawling our pages at about 5 times a minute. We have put a crawl delay on it and it does not respect our robots.txt. Now the issue is it's triggering javascript (which bots shouldn't) triggering our adsense, ad server, analytics information, etc. We've thought of banning the bot all together but get a good amount of Yahoo traffic. We've though about programmatic-ly not showing the javascript (ad + analytic) tags but are slightly afraid the Yahoo might consider this cloaking. What are the best practices to deal with this bad bot.
White Hat / Black Hat SEO | | tony-755340