Blog

  • http://www.snaptech.com Jose Uzcategui

    Thanks Andrew for the great tip.

    To my knowledge, we haven’t experienced any serious security threats or attacks. Either way, I think it’s a good alert to have just in case :)

  • http://www.advanced-web-metrics.com Brian Clifton

    Nice lateral use of GA here :)

    One comment – if a bot doesn’t set cookies, Google Analytics will not be able to track/report on the visit – it needs *both* JavaScript and cookies in order to receive data.

  • Pingback: Détecter tentative de hack avec GG Analytics

  • http://juliencoquet.com/en Julien Coquet

    Nice post Andrew!

    Of course, you could complement this method with server-side GA tracking (with mobile tracking for instance) ;-)

    Cheers,

    Julien

  • http://www.ratmort.fr Rat Mort

    Thanks for sharing this tips, but I don’t think analytics is the best tool to do such monitoring. It nice to understand how “Intelligence” works in Analytics, but from my opinion, hacking detection should be linked to a specific action to be efficient, like banning the ip, or redirecting the hacker to a temporary page for a while to limit bandwith. Analytics is not designed for that at all.
    When do you recieve the email? In real time, or once the data are processed, few ours to 24 h later?

  • http://www.jasonjsmith.com Jason Smith

    Great advice and the useful email alert. Forewarned is to be forearmed. Thanks

  • http://www.seerinteractive.com Andrew Burke

    @Jose
    Glad to be of help! Hopefully you won’t need it but as you said good to have just in case.

    @Brian
    Thanks for the catch, I’ve updated the post to reflect this.

    @Julien
    You certainly could, this would help you detect non-JavaScript attacks as well.

    @Rat
    You are right; analytics isn’t the best tool to use to monitor hacking. However often times web analysts are consultants who either do not have direct access to a client’s server, or do not know how to the setup anti-hacking techniques you mentioned. This is just a way for a web analyst to detect an attack, further measures must be taken to stop it. You should receive the email alert sometime the next day once Google Analytics has finished processing the previous day’s data.

    @Jason
    You’re quite welcome!

  • http://www.seobrighton.com SEO Brighton

    great article – I suspected one of my sites had been hacked and followed the Google analytics alert suggestion and it worked – thank you so much :)

  • http://www.seerinteractive.com Andrew Burke

    @SEO Brighton

    Glad to hear it was of help!

  • http://www.approvedindex.co.uk maurice

    well this is only going to detect trafic on port 80 – say a brute force attack to guess passwords or a DDOS.

    its not going to replace a proper ICE system

  • http://artsofthetimes.hubpages.com Iyabo

    This is so good to know. I have experienced some unusual spikes on some of my sites which i really cant explain. This makes it all easier Andrew thanks.

    I will have to do this and see how it works out.

    Thank you for this insightful post.

  • Hal1

    Hacking on site caused endless tech headaches but hijacked pages did not cache.

    beware the single client sign on. Turns out Drupal Open Source really is open source unless you change the setting.

  • acs

    Thank you SOO MUCH! I was wondering why I had so much direct traffic. Weird thing was my bounce rate stayed just under 2%. Which made no sense as they didn’t last longer than 1 second on my page.

  • Ice

    Thank you for the important insight! I would have liked to implement this PHP script to track non JS enabled bots http://www.cardinalpath.com/tracking-search-bots-in-google-analytics/ . Hope I can find an asp.net version of this functionality!

  • AKSteve

    I had such a spike for the last two days. What are they after? What damage to my site should I be looking for? (I’m on Blogspot). What, if any are the long term affects to my blog?

Get our Newsletter

Keep up-to-date search trends, latest blog posts and more!