Google Analytics 4 (GA4) excludes traffic from known bots and spiders by default. This traffic is identified using a combination of Google research and the International Spiders and Bots List, maintained by the Interactive Advertising Bureau
However, things can slip through the cracks and a GA4 property can still collect data from spam traffic. Here are additional actions you can take to exclude or filter out bot traffic in GA4.
If you have a WordPress website, you can install a security plugin such as WordFence to prevent malicious bots, spiders, or crawlers from accessing your site. This plugin also allows you to permanently block traffic from specific IPs or IP ranges if you continue to encounter malicious activity.
Blocking traffic from specific IP addresses or ranges helps deter your GA4 property from collecting spam traffic. Once these IP addresses or ranges are blocked, they cannot access your website, meaning GA4 cannot collect and track data from this spam traffic. This helps your GA4 gather cleaner and more accurate data.
If you continue to receive malicious traffic from certain countries, you can block traffic from these regions using plugins or other website security features.
Doing this further prevents GA4 from collecting spam data.
If your GA4 inevitably collects spam data, which is completely normal and understandable, you can manually exclude this data in your GA4 reports.
To do so, take the following steps:
You can apply this manual approach to as many spam referral websites as you find, ensuring your GA4 report shows data from real visitors as much as possible. While some spam may still slip through the cracks, this approach can significantly enhance the accuracy of your GA4 report.
If you have any additional questions about GA4, please feel free to contact us and our GA4 consultant will be happy to help!
Stay ahead of the curve with the latest digital marketing insights, delivered straight to your inbox.