Start a Project
Tutorials

How to Protect Google Analytics Data from Being Hacked

By Alexander Molchan
February 1, 2023
2 min read
Content
  • What if someone uses your tracking code
  • How to understand if you data was hacked
  • How GA data can be corrupted
  • How to secure your Google Analytics

UPD. This information is not relevant to Universal Analytics (UA) but will be helpful for those who work with Google Analytics 4 (GA4). 

To learn more about it, check out our newest article. If you need help with migrating to Google Analytics 4, contact us here

Some time ago I saw a drastic traffic increase while looking into Google Analytics data…

Dizzain Google Analytics

I’ve explored traffic sources and detected some new websites in the statistics that actually did not have links referring to Dizzain.com website on their pages.

Someone else put our Google Analytics tracking code on their website and caused a bit of a commotion in our data.

So, in this blog post, I will be sharing a solution and explaining what to do if someone else put your tracking code on their website.

Someone put my tracking code on their website. What’s next?

When someone puts your tracking code on their website, Google Analytics receives false data. Fraudsters can’t see your website data, but can corrupt your analytics data for you to make wrong decisions in the future.

How to understand that someone is hacking my data?

Click on the “Customization” button, choose “Create Custom Report” and click on the “New Custom Report” button.

image

Choose “Flat Table”, “Sessions” metric group, “Hostname” dimension, click “Save”. Now you can see all the main domains that originate traffic to your website in the view.

image

How can someone corrupt my Google Analytics data?

Corrupting Analytics data is easier than you think. Just go to any website, right-click on the content area, select “View page source” and find the java script code including UA-xxxxxxxx or GTM-xxxxxx (property id/tracking id).

image

Now all you need is to install the js code to another website to falsify the data.

Note: in case someone stole your GTM id, set up filters for all the data receiving tools installed via Google Tag Manager.

How to secure my Google Analytics data?

Historical data in Google Analytics can’t be changed, so we recommend to set up this filter in order to receive data from your website only:

1. Click on the “Admin” button at the bottom left corner.

2. Choose “All Filters” at the account level (1-st column).

image

3. Click“Add Filter” and name it.

image

4. Choose “Custom” filter type.

5. Click “Include”.

6. Choose “Hostname” in the Filter field.

7. Write domain name in the “Filter Pattern” tab.

Note: don’t forget to add a backslash “\” before every dot “.” in order to tell regular expressions to see the dot in its original context as a separator.

8. Mark the “Case sensitive” checkbox.

9. Apply this filter to the view you’re going to look your statistics through.

10. Click “Save”.

image

From this moment you know for sure that Google Analytics data you see in your account is reliable. I do also encourage you to set up the aforementioned filter if you have multiple website versions (production, staging) to hide all the irrelevant data not related to your production website.

You might also like
accessible website
How to Make a Website Accessible

How to design, code, and present content for everyone on the web including people with disabilities and temporary impairments.

security
How to Secure Your WordPress Website from Hackers

The more you know and aware of, the more you can prevent so that your website could stay live 24/7.
seo unfriendly things
The Most SEO Unfriendly Things about WordPress

With a little time and set up, you can have your WordPress website running more SEO-friendly.