Ideas and implementation of the anti-malicious click Code System

Baidu promotion is the reason for its existence. The potential benefits it can bring to enterprises are very large. However, its advertising costs make most enterprises unable to afford it. while advertising investment, how can we minimize advertising investment costs and maximize ROI?

Maybe you can optimize the Baidu promotion account structure, optimize keywords, and optimize creativity, but what you can't do is malicious clicks on your advertisements by peers or other motivated people. Guangzhou yihu technical team, the following solution is proposed. Although malicious clicks cannot be completely eliminated, at least some malicious clicks can be avoided. This article is a technical article written by the Guangzhou yihu technical team. If you see this article, we recommend that you forward it to your technical support. He will know how to operate and implement the system.

First, let's figure out how malicious clicks are generated: peers pay attention to their bidding rankings and find your ad links, it is hoped that the advertisement will be automatically taken offline as soon as possible by consuming your advertising fees; the same employee will hire a gunman or instruct internal staff to click on your advertisement anytime and anywhere; some employees in Baidu increase their performance by clicking ads. These malicious clicks may be anytime, anywhere. Although Baidu promotions offer screen-closed IP addresses, these malicious clicks can easily change the IP address, making it difficult to defend against attacks.

Many anti-malicious click Software on the market, advocating that its function can prevent all malicious clicks, not to mention whether it can play a role, the cost alone makes people skeptical. Okay. Let's get started. How can I write a self-writing anti-malicious click system?

First, we know that anti-malicious clicks cannot start with anti-IP, because the IP address is changed. If a person uses ADSL to continuously dial and change the IP address to click your bidding advertisement, you can't do anything. The IP address of your screen closed may also be allocated to new potential customers, so that the loss of customers is absolutely possible. So can we start with the unique identifier of the client?

If you have this idea, you must want to use ASP, PHP, JS, or other editing languages to obtain the MAC address of the client computer, the unique serial number of the hard disk, or the unique serial number of the CPU. Unfortunately, neither Baidu nor Google can obtain the information. The only possibility is that the information can be obtained through activeX plug-ins, however, the new version of IE will basically close your activeX automatic screen. Who will be willing to click an insecure installation prompt to let you detect and filter malicious click protection? Obviously, this is unrealistic. Only one target is to obtain the unique identifier of the client, provided that it is friendly.

ASP and PHP can only obtain information on the server. JS cannot obtain the MAC address, but can obtain the browser information of the client. This information is sufficient to generate a unique ID number.

Attribute description IEFO

AppCodeName: return the code name of the browser. 419

AppMinorVersion returns the secondary version of the browser. 4 NoNo

AppName: the browser name. 419

AppVersion: returns the platform and version information of the browser. 419

BrowserLanguage returns the language of the current browser. 4No9

CookieEnabled: returns a Boolean value indicating whether the cookie is enabled in the browser. 419

CpuClass returns the CPU level of the browser system. 4 NoNo

Returns a Boolean value indicating whether the system is in offline mode. 4 NoNo

Platform returns the operating system platform that runs the browser. 419

SystemLanguage returns the default OS language. 4 NoNo

The userAgent returns the value of the user-agent header sent by the client to the server. 419

UserLanguage returns the OS's natural language settings. 4No9

Add the preceding information obtained by JS with the browser window information:

String (window. screen. width + "x" + window. screen. height) display pixel Ratio

String (window. screen. colorDepth) display color depth

String (window. screen. fontSmoothingEnabled) display font

... Get all client data that can be obtained (different browsers support different functions, but will return a value to connect them)

Connect all obtained client information to a string. The generated string is basically unique. After a unique string is obtained, the subsequent tasks are much easier, but this does not mean that malicious click protection has been successful, because several different browsers may be installed on the same computer, that is to say, the same computer may generate multiple unique identifiers. However, this is enough for us to use. It is impossible for us to install unlimited browsers on a single computer, so we can brush up every day for your bidding ads.

After JS obtains the unique identifier, it needs to be passed to the ASP or PHP program on the remote server for analysis through AJAX. This is a bit similar to the Statistical Code such as CNZZ, but we do not need to do the statistical code, we do not need to re-develop a statistical system. By using ASP, PHP, and other editing languages, the server can easily record the unique identifier and record the IP corresponding to the unique identifier for backup. When the unique identifier of each access is recorded in the server database, the visitor's access keywords can be recorded at the same time (retrieving the visitor's search keyword Baidu has many tutorials, which are not described in detail). Through judgment, you can find out whether the customer is searching from Baidu every time. After opening and closing, repeat this operation and can basically be positioned as malicious clicks. Some unique identifiers can be marked as Access denied.

There are also many tutorials on the Internet about how to reject access. In fact, you can do this. It should not be an overly radical means to attack malicious Clickers. You only need to give a prompt to the malicious click operator to prevent the operator from performing malicious clicks again.

The simplest way is to generate a unique ID through JS on the client and compare the unique ID record on the remote server through AJAX. If the access is denied to the target computer, then, the COOKIE is written to the browser of the malicious click and marked as the Access Denied object. In this step, you only need to create a small program. For example, the following message is displayed: "Your operation is suspected of malicious clicks. Please stop executing malicious clicks. If you like this site, you can add it as a bookmark. "If the object is still maliciously clicked, you can use a small JS program, while (true) {window. open ('www .xxxxxx.com ',' _ blank ')} This infinite pop-up page causes the browser to become stuck. You can click malicious clicks based on different programs to display more friendly prompts, or more complicated punishment means, it depends on you.

Now, the ideas and implementation methods of the Baidu spot price anti-malicious click system have been completed. I have compiled the code, and the interaction between JS and dynamic languages can basically achieve anti-malicious click protection. However, this type of Anti-malicious click code should not appear in a good Internet environment. Guangzhou yihu advocates a green internet environment. We hope this mini-program can help you reduce the loss caused by malicious clicks, we also hope that more malicious click makers will give up this unfair and illegal means of competition.

This article by Guangzhou yihu http://www.easyhoo.cn original provision, red and black alliance first, reprint please note, thank you onlookers.