[ad_1]
Hoping someone has a solution …
I keep getting 0 seconds engagement in GA4 from some users – which most likely means they are bots. They land directly on the home page, not from search, so they register as a user, but it shows 0 seconds engagement.
I have tried banning the IPs manually through the admin panel in GA4 but it’s not helping much.
Is there a security plug in/solution/subscription that would eliminate this? This is really bugging me and at this point I am thinking of moving the site to something other than WordPress if this is a WordPress issue and can’t be solved
[ad_2]
Cloudflare in front of your website will block most of them. And with few security rules, you will be fine.
I’ve mentioned it in this post yesterday
[https://www.reddit.com/r/Wordpress/comments/1bvjd7q/best_caching_combination/](https://www.reddit.com/r/Wordpress/comments/1bvjd7q/best_caching_combination/)
here is a simple WAF rule that helped me reduce spam traffic
`(ip.geoip.country ne “RS”) and not (cf.client.bot) and not (ip.geoip.asnum eq 32934)`
And for that rule I’ve set action to show managed challenge. You can change the country to match your target market or top 5 countries from your list of visitors.
You need to install a plugin like as:
**Web Application Firewalls (WAF)**, **Bot Detection**, or **Login Attempts Monitoring**
otherwise you can enable Google **reCAPTCHA**
It will help you a-lot
Keep in mind that a bot can send a hit to GA4 just by loading gtag from their own server without ever even visiting your site. In this scenario no waf or other tool will stop it although it may help prevent future bots from scraping your measurement ID and doing it again.
Also it’s not a WP issue. It’s a an issue of the internet being a crappy place.