| 5:23 pm on Dec 17, 2013 (gmt 0)|
Welcome to WebmasterWorld, xulufcb!
This is interesting. I have a few questions, to be clearer on what is happening:
When did your direct traffic started to increase?
How long has this period of increase lasted?
How much is the percentage of increase, based on the direct traffic for the previous period?
What is the percentage of direct traffic amongst the overall traffic for your site now and in the period before the increase?
You are saying IE9 has increased, have other IE versions perhaps decreased in the same time?
And lastly - have you done anything (e.g. email marketing) that could be the reason for the traffic increase?
| 8:37 pm on Dec 17, 2013 (gmt 0)|
It can be a scraper, an automatic script.
| 8:56 pm on Dec 17, 2013 (gmt 0)|
I had a sudden spike in direct traffic too. I do have several scripts to protect this site from scrapers, but it could still be one. I didn't check if all the traffic came from ie 9.
| 9:32 pm on Dec 17, 2013 (gmt 0)|
Scrapers can send fake user agents (browser etc.), when i see unusual traffic spike i check the IP and ban them via htaccess.
| 9:48 pm on Dec 17, 2013 (gmt 0)|
It's very possibly bots. I have written (all over the place) about this type of bot attack. Unless you're obsessive (like I am) you might not even notice it until it starts to show up in your Analytics.
Then on November 12, 2013, the same site started getting hit again. Mostly the same footprints, except that this time, they were spoofing different viewport sizes (some appearing to be mobile) even while still identifying as Windows 7 or Windows XP (NO Windows 8, interestingly) All still identifying as IE. This time, though, they're hitting the home page, and three of the taxonomy pages (but NOT any pages that were created since the 2012 attack) It's still going on right now, and having talked to a few people who experienced the first attack when I did, it seems they're experiencing the second right along with me now.
There's no practical way to ban by IP; there's tens of thousands (if not more) of them. They come from all countries (lots of Brazil, though) including the US.
As far as I can tell, it's mostly harmless, other than being a PITA for analytics. It doesn't seem to be searching for a file, or clicking on any ads, or trying to go any deeper into the site. It may be some kind of PC virus that executing tasks "under the hood" on the infected PC, and going out to sites with whatever IE is installed, but what the payoff is, I sure don't know. It'll be interesting to see if it stops in January or keeps going. The fact that I got hit the same times as a couple of others makes me think that there's some list of sites that we're on.
| 10:24 am on Dec 18, 2013 (gmt 0)|
Thanks, I'll check it if there is a special scraper.
| 10:31 am on Dec 18, 2013 (gmt 0)|
This Monday I saw the direct traffic had grown up. And its percentage is 68% more than last Monday.
Just IE9 has increased, the traffic from rest of IE versions is the same.
So it's very strange. I continue investigating
| 10:55 am on Dec 18, 2013 (gmt 0)|
I've just discovered the direct traffic from IE9 it comes from msn.com.
Maybe they've done a change. And all activity from mailing through msn is considered direct traffic.
Could be a posibility?
| 12:26 pm on Dec 18, 2013 (gmt 0)|
|I've just discovered the direct traffic from IE9 it comes from msn.com. |
I am a bit confused - how can you see it coming from msn.com if it is direct? Direct traffic does not have referrer.
If it is traffic from email (perhaps webmail) where IE9 sends referrer, then perhaps the analytics tool has changed how it treats the traffic with referrer from email? Or IE changed on sending referrer when it perhaps did not send referrer before.
I do not know whether webmail traffic would show as referrer for msn.com in IE. Tried on another webmail on FF and it is not. But on occasion I see mail referrers in statcounter.
In this case, what I would check is if you see corresponding drop of traffic from another source - to check whether the traffic was just re-classified.
If other sources did not change then you for some reason perhaps have increase of traffic from msn emails.
| 1:57 pm on Dec 18, 2013 (gmt 0)|
Sorry I didn't want to confuse you,I'm always talking about direct traffic (filtered by IE9), but i'm trying to figure out if it comes from webmail or not, because, sometimes this one is catalogued by direct traffic.
| 4:22 pm on Dec 18, 2013 (gmt 0)|
I've looked into it and saw a 517% increase in direct traffic from internet explorer users. The average visit time is 35 seconds, way lower than my normal time on site. So it seems a bot or something.
| 4:48 pm on Dec 18, 2013 (gmt 0)|
If I knew, I'd be blocking mine. Only thing I did (even though it didn't appear to be clicking on ads) was arrange it so that only the traffic with a referrer of some kind sees the AdSense; the direct traffic just gets affiliate ads.
Note - I *do* apparently have ad-clicking bots on other sites, and Google won't give me any information on them so I can't block them, but they say they have it under control, and they just take away the clicks a few minutes after they occur. And my ecommerce sites have shopping bots and scrapers, and... basically there's a metric **** ton of bots out there doing all kinds of things.
| 5:30 am on Dec 20, 2013 (gmt 0)|
netmeg I had the same bots last year on three pages.
This year they are back on two pages, I removed one of the pages last year.
They have dropped off quite a bit over the last week but still getting some at various times of the day.
| 3:02 pm on Dec 20, 2013 (gmt 0)|
Mine are going up.