Problems With Google Analytics

We all use it, but did you know...

Posted 10 months ago by Tom Maiaroto.


Google Analytics must be the most popular web tracking service in the world. It's free for starters, that helps...But it's also quite nice and easy to install and use. However, there's a few problems that most people don't realize.

The biggest problem is that the analytics can be skewed quite easily. This leaves many businesses vulnerable to malicious attack. What? For being able to record metrics?! Can they see them you ask? No, but they can add to your numbers. Bear with me and I'll explain.

This is a huge problem for businesses because decisions are made based on traffic numbers. Think about it, from which pages to promote to how much to charge for ads (if you run your own ads and don't subscribe to some ad network of course). It can lead you to making bad decisions and if you do any sort of A/B testing and your competition knows about it...They could make you believe what they want you to believe. This is basically corporate warfare.

I could, right now, create a simple script to run on a loop and record visitor metrics to any web site using Google Analytics and provide a variety of IP addresses, browsers, and locations. This would essentially mask the malicious requests and most people wouldn't be able to see that the visitors were all fake. 

Even if an attacker wasn't on some mission and was just being annoying...They could skew your metrics so bad that it would render them useless. You wouldn't be able to sort through the data effectively. So what would your business do if you all of a sudden didn't have Google Analytics to rely on tomorrow? It could happen.

I was curious if anyone else had these reservations about Google Analytics as well and did come across this post by IrishWonder. It goes into even more detail and agree or disagree with the points being made, he also identifies this serious problem with data being skewed.

What's the real chances of a threat here? Probably quite low. If someone were to send that many requests, from a single server at least, Google would easily be able to identify and lock it down. It would be annoying, but you could probably work with Google to get any problem resolved. However, that could still leave you with a hole in your data. The other factor here that will determine your risk is how much you depend on the data. Does it really matter to you for business decisions? Or is it more of a "nice to have" kind of metric?

So how do you get around this? You could use another service, but you'd need to ensure that it also wasn't susceptible to the same problems. Or, you could use your own solution locally. Hummingbird is a pretty popular solution, but there's many others. Web traffic is best handled by your web serve to be frank. It already gathers most of the data you need and while people can fake their locations and web browsers, it's harder to fake their IP addresses. There's only so many proxies you can bounce through out there and you can block traffic that comes from a single source. Furthermore, you can even setup your server's firewall to rate limit and deny requests from the same IP that occur too frequently. This would protect you from skewed data.


Filed under
comments powered by Disqus

Search for Posts

Popular Labels

social media virality score general internet web development reviews and opinions php web tools hosting lithium web design

Recent Posts