Referrer exclusion list mistakes
GA4's unwanted-referrals (referrer exclusion) configuration tells analytics not to treat certain domains — payment gateways, SSO providers, your own domains — as new traffic sources. Get it wrong and you either fragment sessions (under-listing a gateway) or erase real referrers (over-listing). This page explains the mechanism and the two-sided error.
What this means
When a user leaves your site to a payment gateway or SSO provider and returns, the return looks like a fresh referral from that domain — ending the original session and crediting the gateway. The unwanted-referrals list tells GA4 to ignore those domains as sources so the original session and its attribution continue.
In GA4 this is configured under the data stream's tagging settings as a list of domains to exclude.
The two-sided mistake
Under-listing leaves payment or login domains as top referrers and fragments sessions. Over-listing — for example excluding a broad domain or a real partner — erases legitimate referral traffic from reports, undercounting that channel. Both distort source attribution.
- Under-list: gateways fragment sessions and steal credit
- Over-list: real referrers disappear from reports
- Exclude only round-trip payment/SSO/own domains
How it appears in analytics and logs
A payment domain showing as a top referrer means it is not excluded; a real partner traffic source vanishing means it was excluded too broadly.
Diagnostic use case
Tune the unwanted-referrals list so checkout and SSO round-trips do not break sessions, without accidentally hiding genuine referral sources.
What WebmasterID can help detect
WebmasterID surfaces which referrers are creating new sessions, making it easy to see whether a gateway needs excluding or a legitimate source was wrongly suppressed.
Common mistakes
- Forgetting to exclude the payment gateway domain.
- Excluding a real referral source by mistake.
- Using an over-broad match that hides legitimate traffic.
Privacy and accuracy notes
The exclusion list operates on referrer hostnames, not personal data. WebmasterID classifies referrers first-party so payment round-trips do not pollute sources.
Related pages
- Self-referrals and lost attribution
A self-referral is when your own site shows up as a referring source in your reports. It usually means a session was broken and a new one started attributed to your domain, often when a visitor crosses subdomains or returns from a payment provider. Self-referrals fragment sessions and steal credit from the real source. This page explains the causes and the fix.
- Cross-domain tracking issues
A single user crossing from one domain to another (site to a separate checkout or booking host) should stay one user and one session. Without cross-domain tracking, the second domain starts a fresh session and often a self-referral, double-counting users and breaking attribution. This page explains how the GA4 linker passes the client ID and the common reasons it does not arrive.
- Direct traffic as a catch-all bucket
Direct traffic is often misread as 'people who typed the URL'. In practice it is a catch-all for any session with no usable referrer or campaign: untagged links, stripped referrers, app and messaging clicks, and redirects that lose data. When other attribution fails, direct swells. This page explains what really lands in the direct bucket and how to shrink it.
- Attribution Analytics
Keep payment round-trips out of source reports.
Sources and verification notes
Last reviewed 2026-06-24. Facts are checked against primary/official sources where available; uncertain specifics are marked “Data not yet verified” rather than guessed.