New Facebook Referrals in Google Analytics
What l.facebook.com and lm.facebook.com Referrals are in Google Analytics
Website owners checking their Google Analytics recently may have noticed a mysterious change in their referral section and many are scratching their heads as to what it means. The cause for concern is a couple of new referral sources from Facebook: l.facebook.com and lm.facebook.com which started appearing around the beginning of April 2014.
Some information on the web has cited that this is something to worry about – the referral links point to warning pages that suggest your site is insecure and that this could have detrimental effects on visitor trust for your product and reputation. Many have postulated that it has something to do with Facebook ad campaigns while a few others have suggested that it is something to do with the change in the news feed algorithm a while back.
Speculation is beginning to grow without too much in the way of concrete answers for businesses hoping to make sense of their analytics.
Myth Busting Time! The reason you are seeing these new referral sources is because instead of these Facebook referrals being returned as ‘none’ they are now being identified by Google Analytics as a referral from Facebook, that’s it! Nothing sinister, your page isn’t being classed as spam or black marked.
New Facebook Referrals in Google Analytics – What is ‘The Link Shim’?
The web world is full of spam sites and like most other platforms Facebook works hard to combat it and keep the ordinary, honest surfer safe. One of the tools it uses is called the link shim. When you click on a link in Facebook, the link shim checks the URL against a regularly updated list of malicious sites. If one is detected, the shim will display an interim page that is designed to protect or warn people visiting the site, whether they are accessing it from their browser or email. The link shim address is also used to protect any personal identifying information from 3rd party sites.
When someone is on a HTTPS page and clicks on a HTTP page, the browser normally fails to send a referrer header. A knock on effect of the link shim in Facebook means that this referrer traffic is always logged as coming from Facebook rather than an ‘unknown source’. This now means that previous referrals that were recorded incorrectly are logged on systems like Google Analytics as originating from Facebook.
New Facebook Referrals in Google Analytics – Better for Google Analytics
The link shim is there to provide a high level of security to users so they don’t get redirected to spam sites or are exploited by malicious actors and it has been doing this since it was introduced back in 2008. The only difference now is that, with the introduction of the new URLs, more traffic that was originally from an unknown source will show up as Facebook traffic and give a more accurate picture of referrals on platforms such as Google Analytics.
The notion that people clicking on links to sites from Facebook are now being routinely redirected to warning pages is incorrect. Most users don’t even see the link shim operating and go directly to your site. Nor is it true that the l.facebook.com and lm.facebook.com referral links relate to ad campaigns and it certainly has nothing to do with the news feed algorithm.
In summary it is Facebook ensuring you can clearly see how traffic is referred to your website, after all Facebook are not the only social site out there charging businesses for adverts, of course they will want webmasters to be able to readily identify just how valuable the time and money spent marketing to Facebook users really is.
New Facebook Referrals in Google Analytics – More Info
For more information on how Facebook has been protecting your browsing (since 2008) take a look at their article Link Shim – Protecting the People who Use Facebook from Malicious URLs from January 2012 Alternatively post a question below and we will endeavor to find the answer for you… for Hitchiker’s fans – the answer is 42!
We are having a problem with some bots generating traffic “direct” on our site. However, coincident with recent bot peaks, we also see a peak in l.facebook referrals. These referrals are clearly dead bot traffic – one page, zero time on page, and 100% bounce. So it looks like the i.facebook referrer is handing us lots of junk!
Pingback:Best Practices to Avoid Dark Social - LunaMetrics
Pingback:Best Practices to Avoid Dark Social | Bugdaddy
Jules – great post – thanks! One question – do you know if this is only coming from posts on a page? Or could they be coming from other sources on Facebook?
They come from the unsecured areas of Facebook, from what I can tell. You will know Facebook went SSL so certain areas of the site are secure displaying a https in the url. However, there are still parts of Facebook which are not in the secure area – makes sense that Facebook would implement the LinkShim more heavily in these areas. These are not confirmed facts from Facebook, only my best guess and what would make sense to me – doesn’t make it so!
Hey Jules, thanks for this post. I guess the thing I still don’t understand now is the difference between the two referrals eg facebook.com and l.facebook.com. Facebook is https and all links get put through the link shim so why would the same site see facebook.com and l.facebook.com? Why would any referral just be facebook.com? Am I just being really dense here?
Hiya, a good question, Google Analytics is splitting the data it receives and identifying those filtred through the Link Shim. That’s really all we know at this stage, I keep checking to see if there is a further explanation available from either Google or Facebook… nothing I have spotted so far. Will keep you updated but shout if you spot it first!
Pingback:Understanding Facebook Link Shim Referrals | Google Analytics Tip of the Day
Jules, thanks so much for this post. Really well written and informative.
Hi there – and thanks for a great explanation of l.facebook and lm.facebook.
I stumbled across your article when trying to research those referrers.
I’ve been taken to the warning page one time after clicking one of my own links. This troubled me. I was afraid that this happened to many potential visitors of mine, scaring them off.
I then started reading online. The information was sparse. But I saw some comments like this one: “Lost 90% of my traffic thanks to this …”
Hopefully, your information is correct.
You write:
“The notion that people clicking on links to sites from Facebook are now being routinely redirected to warning pages is incorrect. Most users don’t even see the link shim operating and go directly to your site.”
How do you know that? Have this been confirmed by Facebook?
And when there’s nothing shady about a web site (I can’t see why Facebook would deem my site as suspicious), why are some people still being warned?
Do you think using SSL on my site could help?
I’m thankful for any reply 🙂
All the best!
Hello,
Thank you for reading our post, the information we are referencing comes directly from Facebook and it’s help sheets about Linkshim. Linkshim has been in place for a long time (2008) without anyone noticing anything derogatory. As I understand the process the ‘warning’ is simply there to tell the user they are passing from a secured site (https) to a non secured site (http).
regarding your query about SSL – I would recommend SSL but not as a way to fight against the above – because Google does rate secure sites higher… for now!
If you have any more queries feel free to post again. Hopefully the above helps.
Regards
Jules White
PS In case you missed it, here is the article we refer to in the article, https://www.facebook.com/note.php?note_id=10150492832835766