Welcome to WebmasterWorld, xulufcb!

This is interesting. I have a few questions, to be clearer on what is happening:

When did your direct traffic started to increase?
How long has this period of increase lasted?
How much is the percentage of increase, based on the direct traffic for the previous period?
What is the percentage of direct traffic amongst the overall traffic for your site now and in the period before the increase?
You are saying IE9 has increased, have other IE versions perhaps decreased in the same time?
And lastly - have you done anything (e.g. email marketing) that could be the reason for the traffic increase?

It can be a scraper, an automatic script.

I had a sudden spike in direct traffic too. I do have several scripts to protect this site from scrapers, but it could still be one. I didn't check if all the traffic came from ie 9.

Scrapers can send fake user agents (browser etc.), when i see unusual traffic spike i check the IP and ban them via htaccess.

It's very possibly bots. I have written (all over the place) about this type of bot attack. Unless you're obsessive (like I am) you might not even notice it until it starts to show up in your Analytics.

I have one site that has been hit by this (out of many). The first time around was in February of 2012. There were IP numbers from all over the world (even though this site is targeted only to a single US state) and they all represented as Windows, and some variant of IE (from 6-9) They were all hitting ONLY the home page, and never going deeper, and they typically would come back for multiple visits (huge bounce rate of course, they just pinged in and pinged back out) Obviously they were executing javascript, because they showed up in Google Analytics and StatCounter. Sometimes there would be as many as several hundred simultaneously on the site, and other times just a handful. At first I was worried they were clicking on ads, but they appeared not to be. After two months almost on the dot, it all stopped.

Then on November 12, 2013, the same site started getting hit again. Mostly the same footprints, except that this time, they were spoofing different viewport sizes (some appearing to be mobile) even while still identifying as Windows 7 or Windows XP (NO Windows 8, interestingly) All still identifying as IE. This time, though, they're hitting the home page, and three of the taxonomy pages (but NOT any pages that were created since the 2012 attack) It's still going on right now, and having talked to a few people who experienced the first attack when I did, it seems they're experiencing the second right along with me now.

There's no practical way to ban by IP; there's tens of thousands (if not more) of them. They come from all countries (lots of Brazil, though) including the US.

As far as I can tell, it's mostly harmless, other than being a PITA for analytics. It doesn't seem to be searching for a file, or clicking on any ads, or trying to go any deeper into the site. It may be some kind of PC virus that executing tasks "under the hood" on the infected PC, and going out to sites with whatever IE is installed, but what the payoff is, I sure don't know. It'll be interesting to see if it stops in January or keeps going. The fact that I got hit the same times as a couple of others makes me think that there's some list of sites that we're on.

Thanks, I'll check it if there is a special scraper.

Hi aakk9999

This Monday I saw the direct traffic had grown up. And its percentage is 68% more than last Monday.

Just IE9 has increased, the traffic from rest of IE versions is the same.

So it's very strange. I continue investigating

Thanks

I've just discovered the direct traffic from IE9 it comes from msn.com.

Maybe they've done a change. And all activity from mailing through msn is considered direct traffic.

Could be a posibility?

I've just discovered the direct traffic from IE9 it comes from msn.com.

I am a bit confused - how can you see it coming from msn.com if it is direct? Direct traffic does not have referrer.

If it is traffic from email (perhaps webmail) where IE9 sends referrer, then perhaps the analytics tool has changed how it treats the traffic with referrer from email? Or IE changed on sending referrer when it perhaps did not send referrer before.

I do not know whether webmail traffic would show as referrer for msn.com in IE. Tried on another webmail on FF and it is not. But on occasion I see mail referrers in statcounter.

In this case, what I would check is if you see corresponding drop of traffic from another source - to check whether the traffic was just re-classified.

If other sources did not change then you for some reason perhaps have increase of traffic from msn emails.

Sorry I didn't want to confuse you,I'm always talking about direct traffic (filtered by IE9), but i'm trying to figure out if it comes from webmail or not, because, sometimes this one is catalogued by direct traffic.

I've looked into it and saw a 517% increase in direct traffic from internet explorer users. The average visit time is 35 seconds, way lower than my normal time on site. So it seems a bot or something.

But it must be a javascript bot because I have the same passion as Netmeg (blocking bots).

Any idea how to block javascript bot's because I did see some posts from IncrediBill in the near past, but haven't looked into it.

If I knew, I'd be blocking mine. Only thing I did (even though it didn't appear to be clicking on ads) was arrange it so that only the traffic with a referrer of some kind sees the AdSense; the direct traffic just gets affiliate ads.

Note - I *do* apparently have ad-clicking bots on other sites, and Google won't give me any information on them so I can't block them, but they say they have it under control, and they just take away the clicks a few minutes after they occur. And my ecommerce sites have shopping bots and scrapers, and... basically there's a metric **** ton of bots out there doing all kinds of things.

netmeg I had the same bots last year on three pages.

This year they are back on two pages, I removed one of the pages last year.

They have dropped off quite a bit over the last week but still getting some at various times of the day.

Mine are going up.