Bots are automated software programs that look at (crawl) websites for information. Most commonly, search engine bots from Google will be doing this to find new pages and add them to their search index. However, there are many other bots, both good and bad, that can cause problems with your online store. One of these situations is when bots keep adding products to a shopping cart, causing cart abandonment rates to increase significantly.

Bots that are crawling your online store and adding products to the cart can have various impacts for both store owners and visiting consumers. Here are some of the main issues that can arise:

Reduced conversion metrics

When bots are adding products to a shopping cart without completing the checkout (which they never do), this dilutes the conversion rate for the store, as it's telling you that a lesser percentage of visitors are completing checkout, when really, the majority of these visitors or at least a big portion are not real human visitors at all.

Wasted advertising

Advertising campaigns are used to attract visitors to a site and optimisation is often carried out to encourage conversions (sales). When bots are in the mix, these resources can be wasted on visitors that aren't human. However, with the likes of Google Ads, they will have algorithms in place to prevent bots from clicking ads, which mitigates resource wastage.

Denial of inventory

Often when visitors add a product to their shopping cart in an online store, the store can hold that product for a certain period of time so that other visitors cannot purchase it. This gives visitors time to browse around and add further products, securing them in their cart for checkout and preventing others from purchasing them so that the visitor doesn't lose out. However, when bots do this, they are denying inventory to other human visitors, which can hurt sales, particularly when there is limited inventory. Sometimes competitors can commission bots to do this on purpose. If your online store does not use inventory management, or you allow back ordering, this is not so much of an issue. However, if you have strict inventory management and only want to allow sales for products you have in stock and you allow the visitors cart to secure it, this can cause issues when bots are in the mix.

How can we prevent bots from adding products to their shopping carts?

There are a few techniques that can be used to prevent bots from adding products to their cart.

Robots.txt directives

Robots.txt is a file that can sit on any site that will tell bots what to look at and what to stay away from. This method will only work for good bots that obey these directives. Bad bots will often ignore them.


CAPTCHAs are a double edged swords, as they can prevent legitimate bots like Google from crawling your site. They can also cause additional friction to human users that may leave your site if the CAPTCHAs are too difficult. Adding these in the right place at the right time and using them sparingly is recommended. However, they can be an effective tool in blocking bots in certain situations.

IP Blocking

Retailers can block IP addresses or ranges of IP addresses that are know to be associated with bot activity. This will prevent them from accessing the online store entirely. Care must be taken not to block IP addresses from legitimate sources.

Machine learning firewalls

Putting your online store behind a firewall that has machine learning capabilities in the area of bot detection and prevention can be an effective tool. These firewalls often come with a monthly subscription and you will need to route and/or migrate your domain's DNS through the firewall. A qualified agent can set this up for you with minimal to no down-time for your site. There may also be other effective tools within the firewall platform that you can benefit from.

Machine learning firewalls will often track visitor session activity (visits and clicks) to identify patterns and then limit the rate in which they can reach the site or block them entirely, automatically, based on pattern recognition.

In conclusion, a combination of the above techniques can help prevent bots from adding products to the cart of online stores, helping to ensure only genuine visitors are able to access the website.

What is SSL?

SSL (Secure Sockets Layer) is an integral tool ensuring the security of your information on the internet. When you visit a website, your computer communicates with the website you're visiting. If you're on a public network such as Airport Wi-Fi, other people that are on the same Wi-Fi connection can snoop on your communications between your device and the website you're visiting. This can be a privacy issue, particularly if you're trading important information such as entering personal information into a form on the website, or purchasing something with your credit card.

When a website uses SSL, it will encrypt the communication between the user's device and the website. This means that if you're using an internet connection with other users (e.g. public Wi-Fi), potential snoopers and hackers won't be able to read the communications between the device and the website.

Why is SSL Important?

The first reason is obvious; to stop people snooping in on your communication between your device and a website, protecting your information. If you have a website, the second reason is to improve trust between your website and your visitors. In 2018, Google wanted to see all of the web using encryption, and began showing a warning message "Note secure" in Google Chrome next to the website address. This meant that some visitors could get scared off and leave your website. Furthermore, if they happened to go to your website using the SSL link, they wouldn't even see your website, they would see a "Your connection is not private" warning message that looks something along the lines of what you see below.

Not everyone will know how to proceed to your website past this screen and will most likely close the window or go somewhere else.

For websites that don't have SSL encrytion, you visit them on "http" and for websites that have SSL encyrption, you visit them on "https". As an example, if we didn't have SSL on our website and someone went to, it would throw up the warning message. If you go to the non-encrypted version at, it will work, but your browser may show a "Not secure" label or padlock with the strike through it next to the website address.

Another reason to use SSL if you're a website owner, is that it will slightly improve your ranking signal with Google. Ranking signals are a whole other topic and Google won't tell us exactly how much weight or priority they will give to sites with SSL over sites that aren't using it, but with SEO (Search Engine Optimisation), which is the practice of getting your website on the first page of Google for a specific search phrase, every little thing counts.

If your website isn't encrypted with SSL and you'd like it to be, please reach out to our team on [email protected] if you're new, or on [email protected] if you're a client of ours. Or pick up the phone and call us on 09 929 3123

Thanks for reading 🙂