I’m currently dealing with a large wave of automated bot sessions (around 15k per day). These are not real visitors — the traffic repeats constantly and is inflating my sessions and damaging my analytics.
My domain was purchased directly through Shopify. Has anyone faced a similar bot attack before? I’ve tried multiple Shopify apps, but none of them have worked.
If yes, how were you able to solve it?
Any advice or shared experience would be greatly appreciated. Thank you.
This is standard problem when bot attack on shopify stores straight at the dns layer. Because Shopify domains don’t support custom server rules, the best workaround is to put a Cloudflare or similar proxy in front of your store. Turn on bot filtering, rate limiting, and challenge pages to mitigate repetitive automated traffic. You may also limit traffic by country or user-agent strings to clean analytics data from noise without blocking actual visitor.