I have a referrer/IP address blocked in advanced blocking but Google Analytics says it hit my site. Why is that?
This from one of our outstanding community members,louannpope, who is awesome!
For more general information on referrer spam please see Referrer spam
It turns out that this is referrer spam that is not actually hitting your website. That's why it shows up in Google Analytics but not Wordfence. Here's an explanation from Samuel Wood (Otto) at https://wordpress.org/support/topic/a-non-existent-page-is-showing-up-on-my-analytics/page/4:
This isn't a WordPress specific thing. This isn't even specific to individual WordPress plugins. Like you said, your "personal website is CodeIgniter" and you can see it there.
Here's a quick primer on how Google Analytics works.
So at least it doesn't appear that our websites are in danger. Given that, it's completely messing up my stats to see this referral spam in Google Analytics. It turns out there are two things we can do to get rid of them. Neither fix will change anything retroactively, meaning the hits that have already occurred will still show up, but they'll fix everything from the time you apply the fix going forward.
Google has built-in capability to filter out known bots. Although this only works for bots that Google is aware of, it's a good idea to turn on this filter. How to: In Google Analytics, go to Admin Home, select All Web Site Data in the View column on the far right of the screen, and click View Settings. At the bottom of the screen, check the box beside Bot Filtering > Exclude all hits from known bots and spiders.
Since it appears that Google isn't aware of these particular Russia spam referrers, we'll have to filter them out manually for now. How to: In Google Analytics, go to Admin Home, select All Web Site Data in the View column on the far right of the screen, and click Filters. Click the New Filter button. Enter a name for the filter (I gave it the oh-so-creative name "Exclude referral spam"). For Filter Type, choose Custom. Select Exclude. For Filter Field, choose Campaign Source (I have no idea why this field works but the Referral field doesn't in this case). For Filter Pattern, I entered the following: darodar\.com|econom\.co|ilovevitaly\.com The backslashes before the periods are necessary so that they are known to be periods rather than wildcards. The vertical bars act as OR. So my pattern filters out darodar.com, economy.co, and ilovevitaly.com. Click on Verify this Filter and it will show you the before and after of your recent traffic (hypothetically if you'd had this filter before). If that looks good, click Save.
I hope this is helpful to others. It drove me crazy until I found this info online. I applied both of these fixes last night and haven't seen any referral spam since.
Sometimes you have a persistent bot thats just hitting your analytics that you need to block. I've included some links a customer was kind enough to send in.
humanorightswatch.org and o-o-6-o-o.com Spam Referral Traffic
Many thanks to Alex R! (who is awesome!)
You'll be adding a predefined filter much like the one below (substitute the referral site you want to ban)
traffic from the ISP domain
that end with