[wp-meta] [Making WordPress.org] #4138: PROPOSAL: Maintain a blacklist of obviously nefarious traffic sources

Making WordPress.org noreply at wordpress.org
Mon Feb 4 08:13:43 UTC 2019


#4138: PROPOSAL: Maintain a blacklist of obviously nefarious traffic sources
----------------------------+---------------------
 Reporter:  jonoaldersonwp  |       Owner:  (none)
     Type:  defect          |      Status:  new
 Priority:  low             |   Milestone:
Component:  General         |  Resolution:
 Keywords:  analytics       |
----------------------------+---------------------

Comment (by jonoaldersonwp):

 Agreed. This is whack-a-mole. However, we don't need to detect the
 ''bots''; if we just filter out particularly high volume ''referring
 domains'' of obviously bad traffic, and we'd easily clean up a big chunk.

 I can do/maintain this via GTM if we'd prefer (nice interface, access
 control, change logs) and chip away at it happily - but that only hides
 the issue. Feels like if we're going that far, we should probably have a
 process to block them from the site (rather than just hide them from our
 tracking, save the bandwidth/processing overhead, etc)...

 @Otto42 The plot thickens, I _think_ all of the sites in question have
 been hacked, and are running some nasty obfuscated JS. Check the first
 script which gamefullpc loads. Can't see any evidence that it's preloading
 in/from there, but I might be missing something?

-- 
Ticket URL: <https://meta.trac.wordpress.org/ticket/4138#comment:8>
Making WordPress.org <https://meta.trac.wordpress.org/>
Making WordPress.org


More information about the wp-meta mailing list