Avoiding high (100%) CTR when dropping cookies
One problem with dropping the cookies on every visitor is that it will result in a 100% CTR which can be an obvious flag that something isn’t right. To avoid this you can take a couple of steps, depending on how much time you wish to put into it and your coding skills.
The simplest way to avoid this problem is to use PHPs rand() function to select a random number between(and including) 1-4 and then only output the code to drop the cookie if the number equals 1. This method won’t allow you to set an exact percentage because the number chosen will always be random. Out of 100 visits, it might select the numbers 2,3 and 4 30 times each while selecting the number 1 only 10 times.
Code sample:
-
<?
-
if($random_number == 1){
-
echo “Our cookie stuffing code goes here!”;
-
}
-
?>
If you have time then you might want to code something more advanced. For example:
- Drop cookie only once per IP address
- Keep a daily count of visitors and then limit how many people you drop the cookie on the next day. For example if you have 1000 unique visitors on Monday, on Tuesday you will drop the cookie on a maximum of 200 people.
- Log every visitor and only drop a cookie on every tenth visitor
- Etc.
Avoid getting caught forcing cookies on users
A lot of people have said, surely it’s easy to get caught forcing cookies on people if you have an iframe where the source is the affiliates page. This is true to some degree. You should take the following things into consideration:
- The iframe method is the most basic and is intended as proof of concept rather than real world usage
- If you have been an affiliate for awhile and your CTR isn’t ridiculously high then there’s no reason the advertiser would ever check your site for cookie stuffing
So what is a safer method than Iframes for dropping the cookie?
A safer method of dropping the cookie would be using a false image which redirects to the affiliates page that has the HTTP Cookie header. The browser will try to load the image, be redirected to the affiliate page and although it won’t process any html on the final page, it WILL read and process the HTTP headers… including the one which places the cookie 
It’s crucial that you redirect to the exact page that has the cookie header, so be careful if the affiliate site redirects a lot of times before landing on its final page so that you select the correct one which is dropping the cookie.
The simplest way to do this would be using a .htaccess file which says, if there is a reference to “tracking_pixel.jpg” then redirect it to xyz affiliate page.
.htaccess Code sample:
-
RewriteEngine On
-
RewriteRule tracking_pixel.jpg http://www.affiliate.com/BDHDHDHDJ/ [R,L]
You now edit your site template so that every page includes the image:
-
<img src=”tracking_pixel.jpg” />
Now, even if the affiliate decides to come and take a look at your sites source code, they’re going to see nothing which catches their eye. If for example you had a website which sold clothes then the chances are you’d have a lot of images named blue_shirt.jpg and such like. So in this case you could easily name it red_shirt.jpg and have it mixed in somewhere in your template and they’d never know!
An even safer image cookie stuff..
Whilst it’s extremely unlikely, it is possible that someone checking your site for stuffing could try loading tracking_pixel.jpg into their browser and then they’d be redirected to the affiliate page and guess something is amiss. To combat this, instead of using .htaccess to redict to the affiliate page, we will instead tell it to treat a file named tracking_pixel.jpg as a PHP file.
.htaccess Code sample:
-
<Files tracking_pixel.jpg>
-
ForceType application/x-httpd-php
-
</Files>
Now we put PHP code in tracking_pixel.jpg which checks the referring page. If the referrer is empty then the user has gone direct to our image and we should output a 404 error, if there is a referrer then the image has been included on a page and should be redirected to the affiliate site.
tracking_pixel.jpg code sample:
-
<?
-
if(!$_SERVER[‘HTTP_REFERER’]){
-
} else {
-
}
-
?>
So now just include the following code on any page that you wish to drop cookies from:
-
<img src=”tracking_pixel.jpg” />
Also note that you’re not limited to including the image on your own site! You could also include it on forums and such like… basically anywhere that will allow you to place images. So if you signed up to a popular bingo forum you might decide to start becoming a regular poster and dropping cookies for all the well known bingo rooms.
