Lately I’ve noticed a lot of bot traffic hitting my store every 3-4 days. The visits are usually very short around 3-4 a.m. EST, and bounce right away. Everytime it happens, it adds about 6k extra visits in report.
Has anyone else dealt with this before?
Is there a way to block these bots?
Besides polluting my analytics, could this cause any negative effects on my store (SEO, speed, ads(retarget), etc.)?
I’d really appreciate any advice or tools you’ve found useful for handling this.
There are lot of bots signups and many of the store get bot orders. Basically, there are 3 ways to block the bots.
1.) Enable new One Time password pased Customer account.
2.) Enable captcha to the store.
3.) Block some specific countries.
Also, there is no major impact on Speed and SEO but it depends upon ads like If these bots are triggering ads (like Google Ads or Facebook), they can eat up your budget without any actual sales or conversions. That’s particularly problematic for retargeting ads, where you’re aiming to show ads to visitors who were actually interested in your products.
Thanks for your suggestions! These bots all appear to come from IPs in Ashburn, VA, so it seems they’re originating from data centers.
From what I can see, they’re only landing on my homepage and aren’t visiting other pages, creating customer accounts, or leaving comments.
I’m not sure what the purpose of these bots is, and if they’re not benefiting anyone, why are they happening?
I’ve been in this business for 7,8 years, it’s odd that these bots only started showing up recently. I do notice there’re some direct competitors who just started this year though
Even though they’re only hitting your homepage, these bots might be scraping your content (like product details, pricing, and promotions) for price comparison sites, affiliate marketing, or to track competitors. The homepage is often a good entry point for bots because it’s typically where key information like your site’s navigation, promotions, and meta tags are listed.
Also, captch is helpful to restrict the bot signups.
I’ve also checked some other posts and found a few common ways people are doing:
Using a Shopify app to restrict bots. I’ve seen people say these apps help block bots by redirecting them or denying access, but the shopify analytics report still gets messed up. Do you have any apps you’d recommend?
Using Cloudflare to manage the domain and block bots. I’m not sure if anyone has experience with this approach. However, this feature appears similar to Shopify’s built-in bot blocking, so it likely won’t work for the type of bots in my case.
You could also add a firewall or bot management solution such as Cloudflare, which stops suspicious requests in their tracks before they reach your store. Adjust rate limiting, bot rules, and filter the internal analytics from known bot IPs. This will ensure report accuracy and avoid any possible impact on ads or performance.
Thanks! A bit disappointing that Shopify not handle this automatically, but I’ll go with Cloudflare’s solution. Don’t see this topic too much here, guess not many people have this issue…
Hey, so did you implement a Cloudflare solution? If so, did it wprl?
I am having a similar issue(s). I now have two source of bot traffic: one from China and a new one from Ashburn. I read about the Cloudflare approach, but did not try it yet as I would need to transfer my domain there first.
