Any user with Admin permissions can selectively manage and control what sessions are captured within Fullstory.
To supplement domain blocking, you also have the ability to add filters for client IP addresses and User-Agent strings.
Simply navigate to Settings > Data Capture and Privacy > Data Capture to add targeted exclusions. Exclusions need to be added one at a time (we don't accept comma separated lists).
Block IPs
Many customers want to omit traffic generated by their employees who work
behind
a shared IP address. When you add an IP address to the list under Settings > Data Capture and Privacy > Data Capture,
any client browser with that IP address that visits your site won’t have
Fullstory
data captured. Additionally, to save time, you can add IP addresses in bulk
from
this same view.
You can wildcard (*) each part of the IP address, where each part is separated by "." (IPv4) or ":" (IPv6). For example, if you wanted to block both 192.168.1.2 and 192.168.1.17, you could simply supply 192.168.1.*.
In addition to blocking IP address by wildcard, Fullstory also supports CIDR IP notations for blocking purposes.
Block User-Agents
Robots and automated crawlers aren’t usually an issue for web applications that exist behind a log in. Many of our customers run Fullstory on public facing, content-rich sites, and robots can generate lots of unwanted sessions.
We automatically block a list of common bot user agents and you can manually add User-Agent strings to prevent these visits from generating sessions. If the string you specify is contained at all in the User-Agent reported by the robot when it visits, we won’t capture data.
User-Agent blocking is not case-sensitive.
Here is the list of bots we block automatically:
AdsBot-Google AdsBot-Google-Mobile Baiduspider Bingbot CSpeedTP DareBoost Chrome-Lighthouse DatadogSynthetics DuckDuckBot Exabot Google Web Preview Google-AdWords Google-AdWords-Express Google-Ads-Conversions Google-Ads-Qualify Google-Adwords-DisplayAds-WebRender Google-InspectionTool Google-PageRenderer Google-Read-Aloud Google-Safety Google-Structured-Data-Testing-Tool GoogleOther Googlebot HeadlessChrome Mediapartners-Google PTST PetalBot Pingdom Pinterestbot RSiteAuditor RuxitSynthetic Seoradar Slurp Sogou Storebot-Google YandexBot YandexMobileBot YandexRenderResourcesBot amazon-QBusiness amazon-kendra bitdiscovery facebookexternalhit facebot ia_archiver moatbot site24x7
Note: Common bot traffic is blocked by default for newly created accounts. However, there are times you may find it useful to watch sessions from bots to understand exactly how they interact with and consume resources on your site.
For example, this may be because they are using programmed monitoring services to ensure great uptime and catch user experience issues, or they may need to see how much robot traffic they are getting to hold a marketing partner accountable.
Admins can add or remove common bot traffic blocking in Settings > Data Capture.
You can find the User-Agent string for each session in the session replay view. At the top right of the screen, we'll show details under the user's name. Click on the browser and operating system to view the full User-Agent string.
It's important to note that the User-Agent details will only be available for a user during a session playback and not available on their main user card, since the details are specific to the session and can change as users log in from different browsers or machines.
After you've copied the User-Agent details, navigate to Settings > Data Capture & Privacy > Data Capture and select "Add blocked UA..." under the Blocked User-Agents section. From here, you can paste your selection to block visits by these robots.
Identifying Unwanted IP Addresses or User Agents
If you're unsure how to identify potentially harmful IP Addresses or User-Agents, using a dashboard card to monitor session volume by user dimension is a great way to start. Use this recipe as a guide to creating your own dimensionality card to monitor session volume by IP Address or User-Agent.