Skip to main content
Some settings, like canonicals and DNT can be adjusted in your embed script’s advanced settings. Other settings (like the ones below) can be adjusted from within your Fathom account. To adjust your firewall settings, go to Settings, then Sites, click on your site, then click the Firewall tab.
If you’ve blocked pages, IPs, domains, or countries, visitors coming from those sources will still be able to access and navigate around your site, but their visits just won’t be shown as data in your Fathom dashboard.
**Note: **Changes made to your site’s firewall can take up to 10 minutes to come into effect.

Blocked pages

To block a page, multiple pages or use wildcards to block pages, add the pathname to the Blocked pages section on the Firewall tab. For example: 
/about/
/contact/
The above would block both of those pages. If you wanted to block all the pages under the /about page, so pages like /about/team and /about/luna and so on, you’d add a wildcard: 
/about/*
For blocked pages, you can’t add the domain (hostname) or http:// or https://, just add the path after the domain. If a visitor to your site goes to a blocked page, that pageview will not be tracked. If they’re a current visitor, it’ll show them as still on the previous page (as their view of the new page was blocked). Visitors who visit blocked pages do not count as pageviews, so they do not count against your payment plan allotment of pageviews.

Blocked IPs

To block your IP, someone else’s IP, or a group of IPs, add the IP to the Blocked IPs section in the Firewall tab. Note that IP blocking takes about 60 seconds to take effect. For example: 
100.100.100.100
200.200.200.200
The above would block both of those IP addresses. That means if one of them was yours and you visited your website, your visit would not show up on the dashboard stats. If you wanted to block a group of IP addresses, you could use a wildcard: 
100.100.100.*
That means anyone with an IP address that started with 100.100.100. would be blocked. So 100.100.100.1, 100.100.100..123, etc, would all be blocked.
Note: Currently only IPv4 addresses are supported for wildcards

Blocked countries

Like IP blocking, you can block specific visits from anyone within a country. Why would you do this? Say you’re getting a ton of traffic from a country that your business doesn’t serve; simply add that country to your block list. They’ll still be able to see your website, but their page views and analytics data won’t show up in Fathom.

Blocked referrers

Similar to IP and country blocking, you can also block pageviews and events that come from specific referrers. This is useful if you notice you’re receiving a lot of spam traffic from a given site, and you want to ensure that traffic is not recorded in your analytics. To block a referrer, add the domain of the referrer to the Blocked Referrers section in the Firewall tab. For example, to prevent recording traffic originating from example.com and spam-website.com, you would add: 
example.com
spam-website.com
You can also use wildcards to block a group of referrers. For example, to block all subdomains of example.com, you would add: 
*.example.com

Allowed domains

If you want to only allow data to be collected from specific domains, add them to the Allowed domains section of your firewall settings page. Domains should be entered one per line (no commas). Once you add one or more allowed domains, this means data coming from any other domain will be blocked instantly. This is useful if you do not want to collect data from your local development environment or are worried that other people may be using your script (by accident or otherwise). We support wildcards here too, so if you want to allow all subdomains, you can use: 
*.example.com
This then allows only subdomains of example.com, so: subdomain.example.com and www.example.com, etc. But note: using *.example.com would not allow example.com, so be careful. If you want to only allow data from your site and use both the root domain and subdomains, you’d allow: 
*.example.com
example.com
And that would cover all subdomains and your root domain.