Title: Daniel_CradleCloud's Replies | WordPress.org --- # Daniel_CradleCloud [ ](https://wordpress.org/support/users/daniel_cradlecloud/) * [Profile](https://wordpress.org/support/users/daniel_cradlecloud/) * [Topics Started](https://wordpress.org/support/users/daniel_cradlecloud/topics/) * [Replies Created](https://wordpress.org/support/users/daniel_cradlecloud/replies/) * [Reviews Written](https://wordpress.org/support/users/daniel_cradlecloud/reviews/) * [Topics Replied To](https://wordpress.org/support/users/daniel_cradlecloud/replied-to/) * [Engagements](https://wordpress.org/support/users/daniel_cradlecloud/engagements/) * [Favorites](https://wordpress.org/support/users/daniel_cradlecloud/favorites/) Search replies: ## Forum Replies Created Viewing 3 replies - 1 through 3 (of 3 total) * Forum: [Fixing WordPress](https://wordpress.org/support/forum/how-to-and-troubleshooting/) In reply to: [A non existent page is showing up on my analytics.](https://wordpress.org/support/topic/a-non-existent-page-is-showing-up-on-my-analytics/) * [Daniel_CradleCloud](https://wordpress.org/support/users/daniel_cradlecloud/) * (@daniel_cradlecloud) * [11 years, 4 months ago](https://wordpress.org/support/topic/a-non-existent-page-is-showing-up-on-my-analytics/page/8/#post-5563165) * And, here is another WP plugin that is vulnerable to Russian Spam attacks and somewhat similar to the current spam attacks going around. * Check out the link below : [http://wptavern.com/100000-wordpress-sites-compromised-using-the-slider-revolution-security-vulnerability](http://wptavern.com/100000-wordpress-sites-compromised-using-the-slider-revolution-security-vulnerability) * Forum: [Fixing WordPress](https://wordpress.org/support/forum/how-to-and-troubleshooting/) In reply to: [A non existent page is showing up on my analytics.](https://wordpress.org/support/topic/a-non-existent-page-is-showing-up-on-my-analytics/) * [Daniel_CradleCloud](https://wordpress.org/support/users/daniel_cradlecloud/) * (@daniel_cradlecloud) * [11 years, 4 months ago](https://wordpress.org/support/topic/a-non-existent-page-is-showing-up-on-my-analytics/page/8/#post-5563164) * [@dan14](https://wordpress.org/support/users/dan14/), * Good for you. Don’t forget to deny this IP address too – 217.23.11.15 as it is linked to the Semalt spam. * Have a nice day 🙂 * Forum: [Fixing WordPress](https://wordpress.org/support/forum/how-to-and-troubleshooting/) In reply to: [A non existent page is showing up on my analytics.](https://wordpress.org/support/topic/a-non-existent-page-is-showing-up-on-my-analytics/) * [Daniel_CradleCloud](https://wordpress.org/support/users/daniel_cradlecloud/) * (@daniel_cradlecloud) * [11 years, 4 months ago](https://wordpress.org/support/topic/a-non-existent-page-is-showing-up-on-my-analytics/page/8/#post-5563161) * Hello Everyone, * Honestly, I don’t think this is an unique attack on Google or Google Analytics or your personal UA-ID. As these spammy Russian domains are appearing as top referrers under JetPack’s Site Stats too. Has anyone checked their Bing and other analytics? My guess is that those spammy referral domains are there too. Moreover, JetPack does not request for any UA-ID in order to activate the Site Stats. Besides, I am also seeing one particular spammy referral on one of my client’s WP site that is yet to be associated with anything Google. * Well, on certain sites, I am able to block them with .htaccess file alone, but, on certain sites I have to block them by configuring the nginx.conf file as well. I am not sure if it has something to do with the server setups. * On another note, filtering these spammy domains via Google Analytics is temporary. Somehow, sooner or later, they will still spam-visit your sites. Tried it and it does not work. Well, it does work for a few hours, but, that is all. * Another thing that I have noticed is that, this particular attack is quite unique to PHP. Is anyone getting these spammy referrers in your websites coded in programming languages other than PHP like Ruby, Perl, Phyton, etc? * P.S. : Semalt was not as naughty as these spammy Russian domains isn’t it? But, Semalt seems to be routing via other names too…like the makemoney version. * Let me know if you guys have found another way to block them. * Thanks, Daniel@CradleCloud Viewing 3 replies - 1 through 3 (of 3 total)