How to reduce bot traffic on my website?
Tips and tools for reducing bot traffic on your website
Do you have bot traffic on your website? Red branch Media recommends looking for the following when trying to spot bot traffic:
- Spikes in traffic
- Unusually good/bad metrics
- A huge amount of traffic coming from one source/medium
- 100% bounce rate
- 0:00 average session duration
- 0% bounce rate from a lot of traffic
It can be hard to eliminate bot traffic, but once you have identified it you can proactively decide what your next best steps should be. If you can’t identify the source of the traffic or it looks suspect in any way reach out to your IT security department IMMEDIATELY (See something say something. Just like the airports).
Once the Security guys clear the traffic as benign you may want to filter any future traffic out from that source to avoid skewing your numbers.
To reduce bot traffic on your website Edward Roberts, Cyber security marketing and Product marketing expert recommends evaluating the functionality requirements for your site. Think of every form or API as a potential doorway to your user’s data; the more doors you have, the more opportunity for intrusion.
“Businesses make decisions about their website based on consumer behavior and user experience. However, sometimes those decisions can backfire and become lucrative targets for automated bots. Comment fields, appointment scheduling and gift card balance audits are all examples of functionality that can be ravaged by bots. Even listing your pricing and proprietary content on your website is subject to web scraping.”
Here is a quick checklist of to-do items, pulled from the Impervia Blog, to help you and the technical experts watch for and mitigate bot traffic on your website:
- Block or CAPTCHA outdated user agents/browsers
- Block known hosting providers and proxy services
- Protect every bad bot access point
- Carefully evaluate traffic sources
- Investigate traffic spikes
- Monitor for failed login attempts
- Pay close attention to public data breaches