1. Advertising
    y u no do it?

    Advertising (learn more)

    Advertise virtually anything here, with CPM banner ads, CPM email ads and CPC contextual links. You can target relevant areas of the site and show ads based on geographical location of the user if you wish.

    Starts at just $1 per CPM or $0.10 per CPC.

Bots and Cookies

Discussion in 'PHP' started by Garth Hagerman, Feb 16, 2019.

  1. #1
    I wrote a very simple PHP script to allow visitors to my photo site to rate individual photos. The visitor clicks on one of five stars, then the page reloads and tallies the vote. It uses cookies to keep the same person from voting over and over, and also to keep random bots from registering meaningless ratings. If there's no cookie, the rating isn't tallied. If there's already a rating for that pic with that cookie, I assume it's a correction and only use the last one. My photo site doesn't get huge amounts of traffic, and when I first installed this script it just sat there. A few ratings came in when I announced it to my Facebook friends, but then there were no ratings for a couple of weeks. Then, bang! over a thousand ratings. The raters have logged quite a few different cookies. Maybe a bunch of actual humans started rating my pics all of the sudden, or maybe my assumption that bots don't get cookies set is in error. Do bot "users" ever set cookies?
     
    Garth Hagerman, Feb 16, 2019 IP
  2. mmerlinn

    mmerlinn Prominent Member

    Messages:
    3,197
    Likes Received:
    818
    Best Answers:
    7
    Trophy Points:
    320
    #2
    It totally depends on how your code sets cookies. If you are getting garbage, you have not properly set up your cookie code.
     
    mmerlinn, Feb 16, 2019 IP
  3. sarahk

    sarahk iTamer Staff

    Messages:
    28,494
    Likes Received:
    4,457
    Best Answers:
    123
    Trophy Points:
    665
    #3
    Your analytics should give you some idea of the tech those visitors are using.
    Most bots can't trigger javascript which I'm guessing is how the cookies are set. There are sites that will show you what a bot sees and you can turn javascript off on your browser to see what happens.
     
    sarahk, Feb 17, 2019 IP
  4. Garth Hagerman

    Garth Hagerman Peon

    Messages:
    12
    Likes Received:
    0
    Best Answers:
    0
    Trophy Points:
    1
    #4
    This script doesn't use Javascript; it's the plain ol' PHP setcookie() function. The traffic stats do look mighty suspicious. There hasn't been a spike in human traffic, but there have been quite a few bots through. Not just Google and Bing, but MegaIndex.ru, Blexbot, and others, too. On the other hand, most of the data doesn't look unnatural, except for the suddeness and volume of it. It's mostly five star ratings with some ones and hardly any two and threes. Quite a few different cookies, but one specific cookie rated 338 images as five-star on the same day. Maybe the bots follow each of the star links for a given image and only the five remains since it hits that one last. I'll figure out a better way to stop bot ratings.
     
    Garth Hagerman, Feb 18, 2019 IP
  5. Garth Hagerman

    Garth Hagerman Peon

    Messages:
    12
    Likes Received:
    0
    Best Answers:
    0
    Trophy Points:
    1
    #5
    Maybe the best approach is for me to use a form so the rating is transmitted via POST instead of GET. The code is a little longer that way, but from what I've been reading it'll keep the bots from giving me meaningless ratings. Does anybody have a better idea?
     
    Garth Hagerman, Feb 18, 2019 IP
  6. sarahk

    sarahk iTamer Staff

    Messages:
    28,494
    Likes Received:
    4,457
    Best Answers:
    123
    Trophy Points:
    665
    #6
    Yep, use ajax and POST - that way they can't store a link

    I had a client whose customer was getting confirmation emails constantly. Turned out that somehow she'd saved the confirmation page from a transaction. We changed a few processes and problem solved. Sometimes the extra work is worth it.
     
    sarahk, Feb 19, 2019 IP