Diagnosing a sudden jump in "Direct" traffic in Google Analytics

Google Analytics is a very powerful tool for understanding the source of web traffic. A critical report is the Acquisition Report, which shows the channels through which visitors came to the site.

Typical referral channels

This report is very good at giving a high level view of key questions a site owner has, such as:

• is my search traffic falling?
• how effective is my social media campaign?
• are my newsletters effectively sending users back to my site?

One recurring question we get asked to explain is "Where is the Direct traffic coming from?". Seeing large amounts of traffic coming in via this channel can cause a site owner to become concerned - perhaps their site is tagged incorrectly? Their marketing campaigns are driving traffic in a way they can't fully track? It's often interpreted as a gap in the data, so let's explore what exactly this traffic source is reporting, and see if there are ways to identify better where those visitors are coming from.

What do the different Channels mean?

• Organic Search: Users have come from Google, Bing, Yahoo, or a recognised search engine.
• Referral: The user has come from another website (these websites can be viewed in the extended reporting in the Acquisition section of analytics). This proportion of site traffic has been falling in recent years, as more sites make use of rel="noreferrer" when linking, or users install privacy-aware plugins which prevent the sending of referrer information.
• Social: Users have come from twitter, facebook, instagram.
• (Other): Users arrived to a URL with a utm_medium parameter which Analytics does not recognise as part of any other group. These are commonly added by social sharing tools, and can be fixed by adding filters to the Analytics account.
• Email: Links followed from email sites and applications, like Gmail, Yahoo Mail, etc.
• Paid Search: Traffic which has come through advertisements bought on search engines (not just Google - Bing, Yahoo, and any other search engine which adds parameters to successful clicks which Analytics recognises)

What about Direct?

"Direct" is Analytics' catch-all way of saying "I've no idea". Any traffic which Google can not attribute to the Channels listed above defaults to Direct.

The most common reasons why a user visit may end up in Direct are:

• they came from "Dark Social" - links shared on Whatsapp, Telegram, or other social apps.
• they followed a link from a non-web platform, e.g. a link in a Word document, PDF, or Slack message.
• they came from a site via a rel="noreferrer" link or are using a privacy plugin to block referrer information.
• they came from a mobile application other than social, which is not passing referrer information.

That last item is a relatively new and growing area in Direct traffic. Enter Google Discover..

What is Google Discover?

Google Discover is "a feed curated by Google on mobile devices to deliver articles and videos. Google personalizes the content through searches and related stories. Users can further customize what they see in their Discover feed by following certain topics. The results in Discover change regularly based on changes in user interests or newly published content."

Over the last year or so, it has risen to become a significant traffic driver, for news sites in particular, as Google push it across more devices and deeper into integrated Android modules. It is now considered one of the three pillars of Google-driven traffic for publishers, alongside News and traditional search results, with each having their own reporting section inside Google Search Console.

Google Search Console - Discover traffic

When users follow a link from Discover, they are not sending referrer information from the app to the site, so the traffic appears as "Direct". The Discover report in Search Console does give us the opportunity to shed a bit more light on spikes in Direct traffic though.

The Search Console report will show both impressions and clicks over a given time frame. If there has been a suspicious spike in Direct traffic on analytics, comparing visually the two reports over the same time frame is usually enough to validate Discover as a significant contributor to the Direct traffic spike.

Analytics Direct traffic (top) vs Discover Search Console report (bottom)

Here we can see a very direct correlation between Direct spikes and Discover spikes. This is very common in the case of articles which go viral - a large part of the Direct traffic will come from Discover. Typically in the case of a viral article, it will also have been shared widely on Whatsapp and other "Dark Social" apps too, so while Discover will not account for 100% of the Direct traffic, it being of a similar pattern typically confirms that a number of articles will have gone viral.

In both Analytics and Search Console a list of the articles involved are shown beneath the graph. When these match up between the two tools, it confirms that particular articles have gone viral, leading to a sharp spike in Discover traffic.

If we know traffic comes from Discover, can we force Analytics to categorise it as something other than Direct?

No - the Discover app at time of writing (May 21) does not send any referrer information, so cannot be tracked through the addition of custom Analytics filters. It's a common complaint from people who work in SEO, or in Marketing, but to date Google have not indicated that this behaviour shall change any time soon.

Are there other possible reasons for a suspiciously large amount of Direct traffic?

One way which Direct traffic can spike is if internal links on a site start to use rel="noreferrer". Recent versions of Wordpress automatically add rel="noreferrer noopener" to any links opening in a new tab as a security measure.

Unfortunately, Wordpress' implementation doesn't validate whether the link opening in a new tab is opening in a new domain or not. It's not unusual for someone writing content in the Wordpress editor to decide that any links in an article should open in a new tab, so their article remains open in the first tab. When they link to an internal article with this tag attached, what happens is that a user clicking on it technically registers a new visit as far as Analytics is concerned. The second page the user clicks will go into "Direct" traffic, while the user themselves will often trigger a new session and be treated as "new" (not all the time - it does depend on browser and time since the original page was opened).

If there's a sudden jump in Direct traffic, Bounce Rate, and Users, but a drop in the Time on Site and Pages Viewed Per Session metrics, this is likely what is happening. In these cases, it's necessary to modify the links so that they no longer have the "noreferrer noopener" attributes when the links are internal (either via code modification or plugin addition).