SaaS CMS has officially launched! Learn more now.

Visitor Group referrer not working


I think the Referrer criterion might not be working for the Visitor Groups. We have the problem in our CMS, but I also tested on the Alloy sample site and the same issue occurs.

Essentially, wrap a block of content in a 'Personalize' container and choose a Visitor Group that uses a referrer check and the URL doesn't match.

Steps to reproduce:

  • Visit
  • At the time of writing, the carousel block on the homepage is only shown to referrers from
  • Either change your referrer or use Dev Tools to insert a link on to
  • After landing on the Alloy site, from Twitter, the carousel block still doesn't show

The criterion is currently setup as 'URL' 'Starts with' ''.

Am I doing something wrong here or is it a bug?

May 11, 2016 16:26

I'm currently experiencing the same problem. Using the Visitor Group Statistics gadget on the dashboard also shows no hits for the visitor group using this criterion.

May 12, 2016 10:51

Same here, seems that this  very basic criteria does not work, we are running 9.12 version. Didn't find any bug from bug list related to this. Others, any news?

Apr 17, 2018 14:33

Hi, we still get this problem. Using EpiServer.CMS 11.20. Does anyone know if this was ever fixed?

Jul 15, 2022 10:10

I also have this problem. CMS

Nov 30, 2022 12:45

I've used that criterion successfully and can confirm that it does work however there are some caveats to be aware of. The referrer which is used by the referrer criterion is the value of the referrer header in the first request received by the site in a given session, not the referrer from the current request. In the original post, the first step in the reproduction steps is to visit the alloy site directly. Because it's being hit directly, there will be no referrer so, even though the last step says to hit the alloy site from a link on twitter, that referrer on the request from Twitter will be ignored because it's not the first request to the site.

You should also bear in mind that the referrer header isn't always present and, even if it is present, it may not contain what you think it should. In the original post, the alloy site runs on HTTP and twitter runs on HTTPS. That's relevant because of browsers' referrer policies. The current default policy on Chrome (strict-origin-when-cross-origin) means that, if you're linking to a less secure site (e.g. HTTPS to HTTP), no referrer header will be sent. If you're linking from one HTTPS site to another, there will be a referrer header but it will contain the site origin rather than the whole URL. 

Dec 01, 2022 10:18
* You are NOT allowed to include any hyperlinks in the post because your account hasn't associated to your company. User profile should be updated.