I had a bit of a hard time getting Zend Framework to run on my 1&1 hosting. It was all down to the .htaccess file in the end. The default htaccess configuration in the ZF getting started guide just doesn’t work, and neither did all the other posts I could fine on the subject around the internet, however, I’ve finally cracked it.

Presuming you’ve put your ZF index file in the webroot, here’s what the 1and1 htaccess file should look like.


AddHandler x-mapp-php5 .php
AddType x-mapp-php5 .php
Options -MultiViews

RewriteEngine On
RewriteBase /
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule !\.(txt|swf|js|ico|gif|jpg|png|css|xml)$ /



Note: The same file will not work on my local dev machine, which is running only PHP5. You will need to comment out the first two lines (AddHandler, AddType) to get it to run on a stadard PHP5 installation.

I was having a bit of a problem with TinyMCE not loading in Zend Framework (ZF). It turns out the .htaccess file was not configured correctly. It was redirecting .js to the index bootstrap and causing the page to fail to load.

The solution was the htaccess file as so…


Options -MultiViews

RewriteEngine On
RewriteBase /website
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule !\.(txt|swf|js|ico|gif|jpg|png|css|xml)$ /website/

I run another blog, although it’s hosted on wordpress.com rather than my domain, here.

The blog is about my boat, ‘Kudu’. It’s a 21ft Corribee - a sailing yacht - and we are planning some substantial voyages toghether. Anyway, the other evening I got an excited facebook message from a friend saying my blog was listed on the wordpress.com’s Blog Of The Day stat’s page. I had the 7th fastest growing blog on all of wordpress. I was ecstatic about it. The 7th fastest growing blog on all of wordpress!

I awoke in the morning to find I was no longer 7th, but 1st. I was shocked. I had THE fastest growing blog on all of wordpress, which means I had one of the fastest growing blogs on the entire internet at that point in time. Sadly it was short lived, I’ve since dropped off the list, but to sustain the sort of growth I was seeing was never going to happen.

I decided to rebuild my home page since it was originally done as little more than static pages. Ok, I used a bit of PHP to include headers and footers and do a couple of other litte things, but it was nothing clever.

Since it is trying to promote me as a developer, I thought I should apply a bit more effort than that. It turns out, I failed. I used Zend Framework to rebuild the site, and it just made everything even easier and less effort. From form validation to displaying my twitter feed, I had the lot built in about 4 hours, well, excluding the other 4 hours it took me trying to figure out how to get Zend Framework working with 1and1’s hosting.

I’m just giving some link love here since a friend of mine has just launched a new project.

Cardsmart.co.uk is a credit card comparison service and it went live about 3 minutes ago at the time of writing. It’s quite exciting to see the birth of a brand new company, it’s quite a refreshing change given all of the dying one’s that are around at the moment.

As I recall, they’ve got about 250 credit card offers on the site, which compared to money supermarket is a HUGE selection.

So there you have it, if you are in the market for a new bit of plastic check out the site.

JP, you owe me a beer.

.

.

Firstly I must apologise for this blog post, it’s perhaps a little spammy but I fancied owning the arses of the Dev team in ego searches, it’s a social experiment you see

My theory is that being skilled (or at least semi skilled in my case) at SEO brings a whole host of power to your social life that is as yet untapped. I mean, what if I were the top result for Olaf Spinkel? I’d pretty much own the worlds opinion on the guy. Or Parminder Matharu for that matter, or even Daniele Sangalli. They all members of the dev team at work and fortunately for them they are both good chaps and very talented developers. Also, I’m too nice to do anything nasty, but I’m not nice enough to not carry out the experiement. :p

So, if I were number one for Olaf I could change the worlds opinion of him. I could tell you he likes to kick dogs or eat raw snails, and Google would believe me. This, as I’m sure you can see would work very well in the pub.

“Spinkel, another beer please”

“I bought the last one”

“Another beer, or I’ll tell Google you have all the Gary Glitter Albums and listen to them everyday!”

Ah, life will be grand, but I may get bored, give in, and 301 this page to a site of their choice eventually (after the law suit)… but not yet.

So not to make this too pointless, and to give me some tasty keywordey content, I’ll write something useful, and indeed genuinely deserved about these guys.

Who are Olaf Spinkel, Parminder Matharu and Daniele Sangalli?

Well, they are currently PHP developers at TradeDoubler. They work on Searchware 4 and are genuinely a very talented bunch of people. Olaf knows more about search engine APIs than anybody I know (apart from myself, of course :p ), he has after all spent over 18 months solid on a project involving nothing but tinkering with Google reports, Yahoo reports and the other one that everybody has forgotten about.

Parminder Matharu is our resident Business Objects guru and equally good at what he does. In fact he is so good I think he deserves some extra Google love so I’m going to put write his name again, but more bold, like Parminder Matharu. Then there’s Daniele, or Don Sangalli as we call him, is one of those rare creatures who can both write proper OO code (and that’s a big compliment given my standards of proper OO code!) and also produce well designed websites. He’s like a development unicorn, and unless you work here at TD, then the only chance you might get of spotting him is quietly sat in the back of the pub with a red wine on a Thursday night, surrounded by girls pining after his Italian dress sense and impecably mild nature.

Mr Olaf Spinkel is German, which was a rather pointless thing to say expect for it will help make this page number for for his name. That kind of power has got to be worth something in the pub I think. I should also compliment him to, not for any other reason than he also deserves it (and it get’s me top for ‘Olaf’). He wrote a data caching system that’s rather impressive and he also knows a consierable amount about search and the internet, although I would argue not enough to out rank me for “Nathan Whitworth”

Oh, he has a website, a very good one too if you can read German and like rock music, http://www.musik.terrorverlag.de/

Well, if you read this and would care to help me in this very valiant and slightly childish cause, then please either digg the page, or even better, give this page a link from your own site. In return, I promise to think of something entertaining to do with their fame.

Ooh, what’s this?

I’ve been noticing “Oohgle” adverts on the tube trains around London recently. They consist of no information about the product, just a bright pixelated search button containing the text “Oohgle”.

Now, I usually get a bit annoyed with adverts that don’t tell you what they are selling, but this time it was so sparse and gave no hint whatsoever about its purpose, that I had to look.  So, off to Google I went to follow the honey trap set out on the tube.

It turns out Oohgle seem to be some sort of advertising agency, but even their website is void of any hard facts about what they do. They have a tool called Prism Search which “analyses the relationship between OOH and Search” - OOH being “Out Of Home”, which apparently seems to mean bewildering people until they finally crack and curiosity gets the better of them - as I did.

However, Oohgle seem to be offering something a bit more intelligent than just bewilderment. The statement “The way we gather data means we’re not reliant on campaign-specific URLs” suggests to me that they are replacing URLs printed in traditional media with the suggestion to search for a particular keyword, and as we all know, keywords are trackable, which is where Prism Search seems to come into play.

Ooh Bugger

This concept is actually quite a reasonable idea, but it could go massively wrong.

If, for example, your expensive above the line campaign contained the keyword, oh I don’t know, let’s say ‘Oohgle‘, then to actually see any traffic off that you’re going to have to be number one for both PPC and Natural listings across all of the big engines.  That could be quite expensive depending on the keyword, but much worse than that, it means competitors can very easily hijack your expensive advertisment by being a little bit better at SEO or having a slightly more robust PPC campaign.

Ultimately this is a good idea, but unless you are prepared to invest a lot of money to safeguard your OOH keyword, then it’s a dangerous prospect, although does open the door for your PPC agency to be much more attentive to your competitors advertisements. If you can move quickly, you could be the one reaping the benefits, not them!

I’ve started using Zend Framework for a project I’m under taking here at TradeDoubler. I’m building a new part of Searchware that is essentially standalone, so figured that this is a great oportunity to push for framework support. Better form validation, less scope for creating errors in trivial donkey work coding because it’s already done for you, and ultimately a better experience for the user.

The problem I soon discovered with ZF, is that the documentation is not as good as I would of hoped. Their introductory videos are absolutely amazing, but when it comes to getting a real project started, they leave you feeling a bit left out in the cold.

Multi Page Forms

A good example of this, and something I’ve just been working on, is multi page forms. Zend Form is a great start and will go places, but right now, I think it’s not quite there. I discovered that subforms are the recommended way to implement multi page forms, but the example in the documentation again doesn’t quite explain how to do it, it just points you in a direction and expects you to figure the rest out for yourself. All very good, but some of us are fairly busy and would rather just read a comprehensive example.

A comprehensive example

This is how I decided to make a multi page form based on Zend Form subforms. I don’t know if this is the best way of doing it, and I am a complete newbie to ZF, but since I couldn’t find any other examples, and this does work, I’ll just have to presume it is until I’m corrected by one of you kind readers :p. This example will show you how to setup the required classes, build a simple form, validate, and then store the information and make it available to subsequent forms for decision making.

Note: This is not a beginners guide to Zend Framework or MVC. If you’re not quite sure how ZF works, or what MVC is, please check out the introductory vids on the Zend site. They are very good.

So, to kick things off we’re going to need to load up all the classes required for our forms. To do this, add the following lines to your boot strap file.

DEFINE('APPLICATION_PATH','/data/web/yourApplication');

Zend_Loader::loadClass("Zend_Form");
Zend_Loader::loadClass("Zend_Session");
Zend_Loader::loadClass("Zend_Session_Namespace");

// And any validation classes you will be using, for example
Zend_Loader::loadClass("Zend_Validate_NotEmpty");

This will set up our bootstrap file with everything we need to build a form, so the next job is editing your controller class. Add the following methods into your controller. They are used to store and read validated form values, but more on that later.

	private function storeFormValues(Zend_Form $form)
	{
		$formSession = new Zend_Session_Namespace('yourAppForm');

		foreach ($form->getValues() as $key => $value)
		{
			$formSession->$key = $value;
		}
	}

	private function getFormValues()
	{
		$formSession = new Zend_Session_Namespace('yourAppForm');

		$data = array();
		foreach ($formSession->getIterator() as $key => $value)
		{
			$data[$key] = $value;
		}
		return $data;
	}

You will also need to add the following method in your controller class.

	 protected function getForm($formName)
	 {
	 	// you will need to edit this later, but leave it for now.
	 	require_once APPLICATION_PATH . '/forms/parentForm.php';

	 	$mainForm = new Form_ParentForm($this->getFormValues());

	 	if ($formName == 'main')
	 	{
	 		$form = $mainForm;
	 	}
	 	else
	 	{
	 		$form = $mainForm->getSubForm($formName);
	 		$form->addElement('hidden','currentFormStage',array('value' => $formName));
	 	}

	 	return $form;
	 }

So, I’ll take a little time to explain that one since it’s not instantly obvious.

First off

require_once APPLICATION_PATH . '/forms/parentForm.php';

is the path to your form classes. I’ll explain how to create those later but for now, decide where you will want to store your forms, and point this there. Remember the constant APPLICATION_PATH was set in the bootstrap file.

The next line is

$mainForm = new Form_AddAccount($this->getFormValues());

This instantiates our parent form and passes to it any form data we have in our session.

The next part is

if ($formName == 'main')
{
	$form = $mainForm;
}

This is used later on in the controller to check whether the entire form (i.e. all of it’s sub pages are validated). The controller asks for the sub form name, but if this is ‘main’, then the parent class is sent back.

Creating our forms
So far we’ve built the required scaffolding for our multi page form that will be used by the controller. The next step is to create the forms themselves. As I’ve already mentioned the overall multi page form consists of a parent container form, and a collection of sub forms. For the sake of making it easy to read, I’m going to use VERY crude examples of forms, but please consult the Zend Form docs for more details about creating various form elements. That part of things is fairly well documented.

The entire parent class looks like this…

class Form_ParentForm extends Zend_Form
{
	private $formValues;

	public function __construct($formValues)
	{
		$this->formValues = $formValues;
		parent::__construct();
	}

	public function getFormValue($name)
	{

		if (isset($this->formValues[$name]))
		{
			return $this->formValues[$name];
		}
		else
		{
			return null;
		}

	}

	public function init()
	{

		$this->setAction('index');
		$this->setMethod('post');

		require_once APPLICATION_PATH . '/forms/SubFormPageOne.php';
		require_once APPLICATION_PATH . '/forms/SubFormPageTwo.php';

		$pageOne = new Form_SubFormPageOne($this);
		$pageTwo = new Form_SubFormPageTwo($this);

		$this->addSubForm($pageOne,'pageOne');
		$this->addSubForm($pageTwo,'pageTwo');

	}

}

The only bit you need to be concerned about editing here is the init() method. Change setAction() and setMethod() as you see fit, but they will probably be ok as they are in most cases.
The next bit, the requires, is important. Remember in the controller class we edited the getForm() method. There was an include path in there that pointed to the parent form. You need to make sure that, obviously, this parent form is saved to the same place. You could put the subforms in other directories, but I don’t see any benefit of doing so, so I’d recommend you keep then all bundled together in the same directory.

Once you have included then, you instantiate the subforms (actually, they are instances of Zend_Form and not SubForm, but that is ok), and then pass them to addSubForm. Hopefully this is quite easy to follow so I’m not going to explain it any further. If you get stuck, please feel free to ask me a question.

So then, our final step in building the forms is to create the sub forms. The subform class looks like this.

class Form_SubFormPageOne extends Zend_Form
{
	private $parentForm;

	public function __construct(Zend_Form $parentForm)
	{
		$this->parentForm = $parentForm;
		parent::__construct();
	}

	public function init()
	{

		// engine dropdown
		$engineSelect = $this->createElement('select','engine');

		$engineSelect->addMultiOption('','Please Choose...');
		$engineSelect->addMultiOption('google','Google');
		$engineSelect->addMultiOption('yahoo','Yahoo');
		$engineSelect->addMultiOption('msn','MSN');

		$engineSelect->setRequired(true);

		$this->addElement($engineSelect);

		// create submit button
		$this->addElement('submit', 'btnNext', array( 'label' => 'Next')); 

	}

}

Apart from changing the class name to suit your needs, the only other thing you should need to edit is the init() method. In here you create the form elements, apply validation, decorators and so on. This work in exactly the same way as a single page form, so please consult one of the many Zend Form examples for details on adding elements. As you can see our example form simply gives a dropdown list of search engines and a submit button.

Plugging it all together
So we’ve got our scaffolding, and we’ve got our forms. The only thing left to do now is to stick it all together, and this happens in the ‘action’ method of the controller. In most cases, and certainly this one, it will be the index action.

This method is a bit longer than the others so rather than me blabbering on here, I’ll let the comments to the talking.

public function indexAction()
{
	$request = $this->getRequest();

	// is this a post back, i.e was the form submitted or is it a first visit.
	if ($request->isPost())
	{
		/*
		Get an instance of the current form.
		Remember currentFormStage was appended
		to the form as a hidden field in the getForm method.
		*/
		$form = $this->getForm($_POST['currentFormStage']);

		// does is pass validation?
		if ($form->isValid($_POST))
		{
			// yes, so save the values to our session.
			$this->storeFormValues($form);

			/*
			So, we've just check a subform and it was valid.
			Does this now make our entire form collection valid?
			Let's check by getting in instance of the parent form.
			*/
			if ($this->getForm('main')->isValid($this->getFormValues()))
			{
				/*
				The form is complete, so redirect to the
				finish action (you will need to create this)
				*/
				$this->_redirect("index/finish");
			}

			/*
			A crude but workable method of choosing which form to go to next.
			*/
			switch ($_POST['currentFormStage'])
			{
				case 'pageOne':
					$newForm = 'pageTwo';
					break;
				default:
					$newForm = 'pageOne';
				break;
			}
			/* get an instance of our new form.
			having passed page one, this would be now page two.
			*/
			$form = $this->getForm($newForm);

		}

	}
	else
	{
		/*
		If this is the first time the page is loaded
		i.e. no forms submitted, let's make sure the session is
		empty.
		*/
		$formSession = new Zend_Session_Namespace('yourAppForm');
		$formSession->unsetAll();

		// and then load the first form page.
		$form = $this->getForm('pageOne');
	}

	$this->view->printForm = $form;

}

And there it is, you’re done. You have a working multi page form in the Zend framework. One final note, the last line $this->view->printForm = $form; is simply to pass the form to the view. The view file for this controller/action, would contain printForm; ?>

I hope that helped clear things up, and if anybody has any questions, please feel free to post them.

I was out on the monthly schnitzel night last night, a periodical gathering of former IMW employees, where we drink beer, eat pork and talk about, amongst other things, the search industry.

JP Jones, former CTO at buy.at Leads, handed me his well used iPhone (he got his hands on it seemingly before Steve Jobs managed too!) on the screen was an email, a press release from Affiliate Future detailing a miraculous but somewhat secret technique of tracking users without cookies.

I find it hard to avoid a challenge, especially one implying other people in search thought of something before me, so I made the promise that I would have this figured out by the end of the following day. I have.

As we all know cookies are evil, so tracking users without them is a good thing, right? Well, not really. Not at all in fact, for a start cookies are not in the slightest bit evil. Yes, they track users, but when you actually think about it, that’s pretty essential. Anti spyware applications block cookies in the name of your ‘privacy’, but this is just utter nonsense they pedal in order to generate a faux “need” for their products. Ok, don’t take that as me saying spyware is not real. It is, and it’s bad, but cookies are not spyware, they are not a violation of your privacy and they do make the internet a much better place to work and play.

So, how is Affiliate Future’s unique and indeed patent pending (which by the way will NEVER stick) tracking system better? In short, it isn’t. It’s worse.

What AF have done is very clever, but it’s just as “intrusive” as a cookie. It still tracks the user across the internet in exactly the same fashion as the common garden cookie, but they do it by employing a devious, although admittedly clever hack. Unfortunately, it’s the same sort of hackory and bending of standards that real spyware writers employ.

Entity Tags, the new cookie?

Busy websites MUST employ some sort of caching system. They need a way to identify if a user has already downloaded a certain file, and then tell them to use that already downloaded version rather than use up bandwidth fetching the exact same content again. A header image or javascript file would be a perfect example of data you would want to be downloaded as little as possible. For very large websites this can save a fortune in bandwidth bills and server/admin requirements.

The “old” way of doing this was by issuing an expiry date for the content (file), and if that date had passed, then browser would request a new version. There are some problems with this method and so the powers that be came up with Entity Tags, or ETags.

Avoiding the essentially unimportant technical implementation, ETags are small chunks of text that uniquely identify a particular file, not by it’s creation date but by it’s content. Something like an MD5 hash would be employed to create a unique reference to the file content.

Upon the first visit, the users browser has no ETag for the file it’s requesting, and so the web server sends it the file, along with the ETag. The users browser then saves this ETag on the local computer, just like a cookie. The next time the user visit the webpage, the browser recognises that it has an ETag for that page, and so when requesting the page it says ‘here is my ETag, is that valid?’ The web server compares the unique identifier supplied by the users browser to the the current version of the file existing on the server. If the ETag matches, the server simply says ‘you already have that content, use your cached version’. If the ETag does not match then the server let’s the browser know and sends the new content, along with the new ETag.

Now, it is possible, as with all HTTP headers (which is what a cookie is) to manipulate (read and write) the data sent. So, instead of of sending a unique identifier for a file, Affiliate Future are sending a unique identifier for that particular user. JUST LIKE A COOKIE.

When the user revisits that site (or any other that includes that ‘trigger’ file) AF intercept the ETag, which instead of being used properly to optimise caching operations, now tells them who the user is.

While this is clever and I really do have to respect their outside of the box thinking here (bravo chaps!), it’s absolutely no better off for the privacy privy user, it still tracks them in just the same way, but anti spyware application users, and users with cookies turned off will be tracked, even though they blatantly don’t want to be. This is a bit of a middle finger to consumers who are, albeit naively, concerned about internet tracking.

Great news for affiliates then, right? They get more tracked sales, brilliant!

Perhaps - in the short term. ETag is not supported in anything but the newest of browsers and now this “technology” has been made public by AF, privacy advocates and anti spyware vendors everywhere will be very quick to jump into action and create ETag filtering plugins for browsers. This might be a route to slightly more tracked sales, but it is without doubt a temporary one.

Essentially what this hack has shown is that ETags can be abused, and if this means people start turning them off (if the option becomes available) then the bandwidth bill for large websites is going to rise, and they’re going to have to pass that cost along to us, the consumers.

I know a lot about click fraud, I won’t claim to be a “pioneer” of today’s scene (if that’s a suitable term), but once upon a time I certainly was breaking ground - amongst other things. Does that mean I agree with it? Well, no is the simple answer, but in some cases the answer is perhaps bit a bit more gray - but that’s a topic for another time.

What is click fraud?

Well, I somehow doubt your found this post without knowing, so I’ll keep this paragraph very brief and here purely for the benefit of those very few who don’t know. Click fraud is the act of clicking on Pay Per Click links without any intention of buying, or interest in, an advertisers product or service for personal gain. It’s as simple as that.

Why fraudulently click links?

There are three reasons people would want to do this. There may be other petty reasons but these are the important one’s.

1) To make themselves money. With scheme’s like Google’s Adsense around, clicking on your own links is a profitable venture.

2) To cost competitors money. Smaller businesses are going to be most affected by this since big search spenders would hardly notice your average click fraud campaign.

3) Tactics. Again, this only really works in the arena of smaller business, but if for example I wanted to make the most of my budget, I could reduce my CPC but targeting my competitors on Friday evening, depleting the budget and thus not having a any PPC competition over the weekend. This leaves me to bid essentially the minimum amount and get the top result.

How?

Clicking by hand doesn’t work. If you as a wannabe click fraudster sat clicking endlessly on an advert, you’ll achieve nothing. It’s quite trivial for Google and all the other engines to tell that the source of all these clicks is a single person and they will mark the clicks as fraudulent. If you’re doing this for reason number 1 (as stated above), then expect to loose your Adense account.

Ok, so YOU clicking by hand doesn’t work, but a farm of cheap labour in another country, all clicking from different locations, does. To a point, and very poor point at that.

Bot nets are a good choice for the potential fraudster. In this day and age where people are still silly enough to open random email attachments, and Microsoft can’t plug the holes in IE quick enough, there are more than a few viruses (or viri, or worms) floating around. Once upon a time a virus was a simple creature, who’s sole purpose in life was to damage peoples computers or data for the heavenly goal of entertaining its creator. Not that the creator ever saw any of the damage unless his little beasty got in the news. These days however, they lead far more sinister lives. A modern day virus doesn’t eat your files, or destroy your data, or do anything to give away it’s presence, it just sits on your computer quietly. Waiting for orders. People who control these bot nets have great power in click fraud terms. They have a bunch of real computers, on a diverse collection of IP addresses. Thousands of them, and they can make mincemeat of your budget.

Proxy servers. Not every aspiring click fraudster has access to a bot net. The very act of obtaining control over the computers in a net is illegal and at best if caught you would face a seriously large fine. That is if you have a talented lawyer. You’re probably going to jail otherwise. So, probably the most prolific way to “fake” a load of different click sources, by your average click fraudster at least, is to use proxy servers. These are servers littered around the internet that simply allow website requests to pass through them. If I were a person or program using a proxy server, the process would be like this…

I ask a proxy for google.com, the proxy gets the page, google log’s the proxy servers’ IP address and not mine, then the proxy gives the content back to me. I remain anonymous (in most cases), so using a list of proxies, all with differnent IP’s allows a person or program to keep clicking and clicking, and clicking.

If you have enough proxies this way is a feasible method for a fraudster to use, but the trouble is, or rather the blessing for us advertisers, is that Google aren’t stupid and are aware of most of the publically available proxies. Collecting a large enough list of private proxy servers is a difficult and time consuming process.

Method x. There is another way for a seasoned click fraudster with a little capital behind them to simulate a multitude of clicks. This was is so devastatingly undetectable from ‘real’ clicks that I am reluctant to disclose it, but rest assured, there is fifth method, and as far as I know, not one that is often (if ever anymore) employed. Be thankful.

Stopping click fraud

This biggest lie about click fraud as that the search engines (Google, Yahoo, MSN) don’t try to stop it because they make money from it. Every undetected fraudulent click in money in there pocket and out of the advertisers. I can understand why people would think this, but as evil as Google can be, this is utter rubbish. Google’s entire business model is based on Pay Per Click. That’s BILLIONS of dollars for providing this advertising platform. If thy for one moment neglect commitment to quality of service to the advertiser, they will crumble. It’s absolutely in Google’s interest to stop click fraud, so don’t believe they don’t try.

Click fraud comes in two flavours; that which you can prove, and that which you can’t. You can always detect all but the most subtle & gentle (ergo harmless) click attacks by the fact that your ROI drops, or plummets in some cases. ROI peaks and troughs, but if you are consistently spending more and earning less, then you are probably a victim of fraud (or a bad agency )

Your ROI dropping is not going to be good enough evidence for a refund however. Fair enough really, why should the engines believe you, and even with more compelling evidence, you’ll still be lucky. Nope, you’re on your own here, you will need to attack this problem yourself.

Firstly, you need to detect it. There are tools available (which I have no experience of) that claim to offer this service. I am skeptical.

Automated bot attacks can be detected because they leave patterns in your logs. You can see by digging through your site analytics that things are out of place. Traffic peaked when you don’t normally see it do so, or you suddenly got a 10% more people visiting with the same kind of browser. Things like that give away the presence of a click fraudster, and things like this mean the kind of products I’ve just mentioned CAN work, but what if we have a clued up fraudster on our hands?

What if this person has done the research on their target, what if they have devised a program that copies browser usage patterns and fakes them in an accurate balance across all the clicks, IE being x percent of the traffic and Firefox being y, in an accurate figure based on widely available stats.

Indeed, what if this person is aware of when your vertical see’s traffic peaks, Holiday searches in January, around lunchtime for example. What if they copy this pattern, and what if they slowly amplify it over a period.

What if this person has a reliable way of generating all this from REAL sources. Not bot nets, not proxies, not click farms.

There’s nothing that can detect this kind of fraudster. The only way you could perhaps tell it’s happening is by a drop in ROI, but you still won’t know where it’s coming from, or who is doing it. Thankfully, most click fraudsters aren’t capable of this, so we can combat it.

So, the conclusion we (or at I) have cme to, is that click fraud is unstoppable! Does that means we should surrender to it? Absolutely not. Do all you can to fight these useless clicks, they are wasting YOUR money, but ultimately you have to accept that it can and does happen.

Treat fraudulent activity as part of account management. As long as your ROI is on target, does it really matter beyong being frustrating that x percent of your traffic is fraudulent? Probably not. If however you’re below target and know that click fraud is a substantial part of the reason, then as an account manager you should absolutely invest your time in detecting and stopping it, after all your targets are at stake if you don’t.