I and others that I know get this kind of referral spam on every single domain we have with cloudflare. I know DNS records are public, but is there something cloudflare and other public DNS hosting services can do to prevent this?
Those spambots hit hard these days. However, they never ever touch your origin or your CDN at all (check your logs, nothing). They fake the log entry directly into the Analytics systems.
Google has to cleanup, but sadly, they haven't moved a bit since ages.
Most of these spammers just emit events to a large range of GA tracking ids completely blindly, think of it as the equivalent of...
for (var i=0; i<100000; i++) {
ga('create', 'UA-' + i + '-1');
ga('send', 'pageview'); // But with a fake referrer
}
They do that a bunch of times per day from a bunch of different IP addresses. Adding host filtering to your properties on GA eliminates about 80% of spam which use this technique.
It's possible you're being targeted due to being in a specific market or something, but it's unlikely to be related to Cloudflare. (At least I can't think of any reason why it would be related.)
Do you have any insight as to why those spambots would do that? The only thing I can think of is SEO for the "referral" domain, so that they boost their own domain's ranking.
And this: https://blog.sucuri.net/2015/07/malicious-google-analytics-r...
I and others that I know get this kind of referral spam on every single domain we have with cloudflare. I know DNS records are public, but is there something cloudflare and other public DNS hosting services can do to prevent this?