hi, I have a file hosting service like rapidshare , hotfile and i share revenue with my site users for sending us traffic. i log ip, reference and user agent of each hit inside my site internally but few users always try to send fake hits, bots hits with fake reference and user agent. Can anyone provide me some kind of solutions which detects fake hits just give out the value if a hit is fake or real. i can pay for solution or development. how do advertising companies like adbrite , Google , clicksor etc etc detect all fake hits and other automated clicks ? is there any tracking system ? Regards, Happy_s
Hello Happy, What you are doing is a step in the right direction. I don't know anything about your script or its capabilities but I will give you a few pointers in which I implement in detecting fraudulent or invalid clicks which is pretty much the same thing your are experiencing. -- Somethings You Might Already Be Doing -- 1.) Log the users IP - By logging a users IP you can get a lot of useful information such as the users country, city, ISP, etc. With having the users IP you can decide for yourself if it is out of the ordinary for a particular city, or country to be visiting your site at a particular time, especially if you see a lot of the same cities coming from a particular referrer. 2.) Sessions, Integrate sessions into your system, see if the session remains constant for a particular download or page. If it remains the same for multiple IPs you can assume that is fraudulent. 3.) User-Agent - This is pretty easily masked and should be used lightly but can help. 4.) Detecting Proxies. If a user is coming from a proxy, I really don't care for them. I have no idea why they are coming from a proxy and do not wish to have. --> You could also implement a captche system. There are more complex ways to do this I'm just telling you a few. But the single most effective way to stop it is by simply monitoring activity yourself.
A solution to this would be to make the users have to have a time limit on the site in order for it to register then as hitting the site. Alot of fake traffic is from bots and the traffic hits the site through proxies and then bounces right back out of the site so place a time limit of say 30 seconds for the traffic to count towards the totals that are credited to the users. This time would be what would be needed to upload/start downloading files etc from your site.
thanks for your reply We detect , user agent , referral page and ips , but checking each ip is not possible like if file got downloaded my 4000 people , as shown in script , how can we can out of 4000 all are legit or fake or some of them are legit or some of them fake , its not posible to check each ip manually. thanks
You really don't need to go thru 4000 records, if you store click record for each user, and check just 10-20 clicks, will give you idea if user sending bot proxy clicks, if most IP is proxy, it means user cheating. Check that frequently, if you always find proxy IPs, than user traffic is bot traffic for sure Other than that there are a lot tools can be developed, like u can create filtering proxy IPs, you will not need to check manually in that case very frequently, just keep updating your proxy databse and user with proxy traffic, will get filtered itself.
@Happy I assume this data is stored in a database? If it is you don't have to check it manually, well you do and you don't. All you have to do is create some form of script that would check to see if the ip already exist in the database and if they have downloaded anything within the past X amount of time ( use timestamps ). if not allow it, if so disallow it and don't pay;
Well also store cookies to track normally people wont delete cookies every now and then so its a good way to track
@happy_s In all honesty it is isn't possible to detect all invalid clicks. You just have to use your best judgment. If your gut says something is fishy, then odds are it is. Never doubt yourself. I would rather sacrifice losing a publisher by not paying them for a valid click that I thought was invalid, then have the chance of charging advertisers for a worthless and invalid click. It isn't a flawless idea but in the end you will obtain more trust with your advertisers, and that is one of the most important things. the idea is still the same no matter what you do on the internet, don't pay for crap and always use your best judgment.
One method is to load a banner with java script. Java script is processed by the browser only, so a simple page load will not send request to the advertising server (my own server). Example:here On the other side I register valid hits on the advertising server. It makes the fake attempt more complex as the bot has to process the javascript. No ultimate solution for this problem tho. I would simply suspend the suspicious account and write a friendly email asking the person to explain where the traffic comes from.