You may have noticed in Google Analytics that 4webmasters.org sent you a substantial amount of traffic. That’s great, right! Er, maybe not.
4webmasters.org is sending you junk traffic, in hopes you notice it and go to their [malware infested] site. Wait, what?
4webmasters.org isn’t the only kind site sending free bogus traffic your way. These sites are just as gracious:
ilovevitaly..ru
ilovevitaly.org
4webmasters.org
ilovevitaly.info
iloveitaly.ru
econom.co
savetubevideo.com
kambasoft.com
buttons-for-website.com
semalt.com
darodar.com
Shouldn’t Google be stopping this?
Well, yeah. But they aren’t.
Here’s what you can do.
Connect to your site via FTP. Download the latest .htaccess file (located in the top “public_html” folder). Back it up.
You need to back this file up before making changes to it, since one wrong comma and your entire site could become inaccessible. Back it up.
Take a look at the screenshot above. If you have the iThemes Security plugin installed (always a good idea), you can insert the following code snippet after iThemes’s code (don’t worry if your .htaccess file doesn’t look identical to ours. Do worry though, if you don’t back up your .htaccess file!).
# Block Russian Referrer Spam RewriteEngine on RewriteCond %{HTTP_REFERER} ^http://.*ilovevitaly\.com/ [NC,OR] RewriteCond %{HTTP_REFERER} ^http://.*ilovevitaly.\.ru/ [NC,OR] RewriteCond %{HTTP_REFERER} ^http://.*ilovevitaly\.org/ [NC,OR] RewriteCond %{HTTP_REFERER} ^http://.*4webmasters\.org/ [NC,OR] RewriteCond %{HTTP_REFERER} ^http://.*ilovevitaly\.info/ [NC,OR] RewriteCond %{HTTP_REFERER} ^http://.*iloveitaly\.ru/ [NC,OR] RewriteCond %{HTTP_REFERER} ^http://.*econom\.co/ [NC,OR] RewriteCond %{HTTP_REFERER} ^http://.*savetubevideo\.com/ [NC,OR] RewriteCond %{HTTP_REFERER} ^http://.*kambasoft\.com/ [NC,OR] RewriteCond %{HTTP_REFERER} ^http://.*buttons\-for\-website\.com/ [NC,OR] RewriteCond %{HTTP_REFERER} ^http://.*semalt\.com/ [NC,OR] RewriteCond %{HTTP_REFERER} ^http://.*darodar\.com/ [NC] RewriteRule ^(.*)$ – [F,L] |
If you find any other bogus sites sending you traffic, you can follow the same naming convention above and add it to your .htaccess file.
If you update your .htaccess file, and notice that the “Last modified” date in your FTP program doesn’t change, then you have effectively locked yourself out of your .htaccess file by using the iThemes Security Plugin.
Worry not, here’s what you need to do:
In your WP Dashboard, mouse over “Security” and click on “Settings.”
Go to “System Tweaks” and find the “File Writing Permissions” option.
UNCHECK “Remove File Writing Permissions”
If this was already checked, and you had to uncheck it, then you’ll also need to make one change via FTP.
Locate the .htaccess file located on the main directory of your site.
Right-click the file, and choose “File Permissions.”
If the numeric value is: 444, then change it to the following:
664
You might be obliged to change the permission to 644, but by doing so, you’re disallowing your iThemes Security plugin from being able to write to your .htaccess file (and thus would need to do so manually, which is a pain).
Hope this helps!
Big thanks to Moz for providing the initial code!