How to Block Bot Traffic from Any Country Using CloudFlare

By / Updated: February 19, 2024 / Digital Marketing

If you've noticed an uptick in spam traffic from various countries recently, you're not alone. It's a common issue that affects the accuracy of Google Analytics data for many websites. Spammers do this kind of stuff for various reasons. Unfortunately, it adds more work to our list of tasks. In 2024, website owners are reporting a lot of spam referral traffic from Poland. The source country of the spam might change but the affective tactics to block this referral spam remain the same.

In most cases, spam traffic hits die off once Google figures out how to block the spam bots. Until then, you'll probably want to clean up your Google Analytics reports.

There are a number of ways of ‘removing’ this traffic or hiding it.   In the meantime, you could filter it out in Google Analytics.  But if you monetize your website with display ads or you’re interested in the conversion rate optimization of your e-commerce store, these spam visits might be a real headache and could be affecting your ad revenue RPM.

These bots stand out because the Bounce Rate is very high, Pageviews are generally no more than one, and Avg. Session Duration is one or two seconds. This kind of traffic is useless. Time to get rid of it.

google analytics spam traffic from czechia

A universal solution to block bot traffic is by implementing firewall rules in CloudFlare, applicable to any country.. I’ll discuss CloudFlare here as it’s the most popular and versatile CDN and firewall tool. But you can adapt these instructions to your own service.  

  • Open CloudFlare and click on Security
  • Click WAF
  • Select Create Firewall Rule
  • Name your rule descriptively, such as ‘Block International Bot Traffic'.

While you can create individual rules for specific countries, consider using boolean operators with a list of countries you've identified as sources of bot traffic for broader coverage.

Here's how it should look:

cloudflare firewall rules block bots seychelles

Under “Then…”, the part where the action is chosen, you've got a number of choices but I recommend using Managed Challenge to differentiate between genuine users and bots, ensuring accessibility while blocking unwanted traffic.

You can then see how much traffic is blocked by CloudFlare and completely block all traffic if you think too much is getting through.

cloudflare analytics managed challenge spam bot blocks

Marketing Nuggets Newsletter: Advice, Tips, News & New Blog Posts

Get a curated list of the lastest posts on Fat Frog Media and marketing tips from around the web.
A couple of times a month. Free. Packed full of good stuff.

Scroll to Top