We are actually in the process of creating a resource for preventing invalid traffic right now– I'm happy to share that resource in this group once it's published. Right now I don't have any confirmed information, but this is what we’ve noticed could be causing invalid traffic that could be useful:
- Buying expired domains or redirecting old sites to a new one has the potential to send unwanted spammy redirect traffic your way. Super common SEO practice that many don’t often connect to unwanted traffic
- Being an easy hacking target. Bots trying to login to CMS admin so they can hack into a site. It’s really common, so sites should set their CMS login page to something different than a common or default URL (for example, make the login page www.website.com/myadminportal_12 instead of /admin)
- Sharing content or “link-building” using common practices espoused by SEO folks online. Sharing links to your site in comment sections, online listings, and in places that it’s highly possible that web crawlers may try to crawl those pages is ripe for having crawlers hitting your site pages with a lot of frequency. If the crawler is unsophisticated or the link is on a page that is hit by bots a lot, this can trickle down to more invalid traffic to your site