I’ve noticed that on all the sites where I’ve installed the Blog widget, without any clear logic, there’s an unrealistic spike in visits every now and then (even over 3,000 in a single day!), which in Google Analytics all show up as direct visits.
This is a huge problem, as it completely distorts the analytics of the sites where the blog is implemented.
Any idea what could be causing this?
I’ll add some metrics pics:
Hi there, @Giorgio_Fiorini 
Could you please specify what browser plugin you’ve installed? I’ll be happy to check things for you 
No plugin Max, I’ve installed the Blog widget on my websites.
Since I’ve done with that, Analytics went crazy: after every month (more or less), I have that insane peak of fake visitors.
I guess it’s because the Javascript of the widget, but not sure about it.
Got it, thanks!
Our devs will look into this, and I’ll update you as soon as I hear back from them
Thanks a lot, Max
Hi there, @Giorgio_Fiorini
Apologies for the delayed response!
It is highly likely that these are automated attacks, as the spikes are too sharp over a short period of time, but they are not coming from our app.
Requests are coming from this ASN, and the graph shows that many attacks are originating from there (WAF, DDoS):
There is a high chance that the issue comes from the CookieBot scanner, which is used on websites like this. We’ve made this assumption because some of the declared IPs match those from which mass requests are coming:
There is info in the Cookie Bot Scanner article, that it should contain the following User-Agent:
Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko; compatible; Cookiebot/1.0; +http://cookiebot.com/) Chrome/X.X.X.X Safari/537.36.
Thus, the automated attacks are coming not from our apps and, unfortunately, nothing can be done to prevent them on our end.
I hope this explains things.
If you have any questions left, we’re always here to help
Thanks a lot Max, now this explains a lot.
It’s somehow curious that those attacks started when I’ve implemented the blog widget.
It’s probably a coincidence then.
Thanks again!
You’re always welcome 
I figured that out, Max: it was just like you guys said, the problem was because the Cookiebot monthly scan.
But there’s one specific problem who started everything, and it’s related to the blog widget.
In fact, widget add /?blogPost= and some other pseudo-server all to the pages where the widget is installed.
If you have the widget, like my case, taken from an PHP include, that repeats itself in any page, Cookiebot will scan ALL the pseudo-pages.
Filtering the Cookiebot IPs is an excellent solution that works well in Google Analytics, but there’s one more problem: every Cookiebot scans add a view to the widget that drowns the monthly limit.
Is that a way to exclude the automatic Cookiebot scans from the widget counter?
Cause that’s a huge problem: if the blog widget creates a lot of pseudo php pages, and that means thousand of pages for any site (cause the widget is called from an PHP include for every page) Cookiebot will scan ALL of them, causing the enormous using of the view limit.
Thanks again!
Unfortunately, currently there is no way to exclude views counting when the cookie bot scans the pages.
The reason is that we omit requests from bots (for example, Googlebot) to prevent views from being counted, based on their specific User-Agent. Since requests from your cookie bot come from regular browsers, we cannot exclude these requests in the same way we do with Googlebot. I am really sorry!
If you have any questions left or any assistance is needed, we’ll be happy to help!
Yeah I supposed that, Max.
It’s quite a problem, indeed.
Well, thanks anyway.
No sweat
