Traffic filtering

The filtering and trafficback mechanism allows you to redirect traffic that does not fit in geography or filters to another flow, offer or site. Traffic can be sent via redirect, iframe, or direct request to the target resource.

  • Simple filtering of traffic is configured inside a flow or split test in the "Filters and trafficback" block. Here you can enable simple traffic filters, select a list of available countries and specify the trafficback itself - a link with different opening methods or a dummy site from the repository. In some networks and offers, working with trafficback is prohibited and these sections are missing.
  • Advanced filtering is confugured in the "Traffic Filters" subsection of the "Flows" or "Traffic" section. With its help, you can create full-featured traffic filtering campaigns, connect them to flows and split tests, or use them separately as traffic filtering files. They support additional settings and the ability to create your own blacklists of addresses and headers.

Simple filtering settings

Traffic filters are configured inside the flow or split test in the "Filtering and trafficback" section. The following global settings are available to you:

  • Bots: blocking is based on well-known browser headers used by various bots, including spyware and crawlers.
  • Black lists: the visitor's main IP address is checked against smart blacklists.
  • Country: visits that are not included in the list of allowed countries are blocked.
  • Language: visits that do not support at least one of the languages of the allowed countries are blocked.
  • Ad ID: blocks visit if it has no click ID of popular ad networks such as Google, Facebook or Bing.
  • Coutries allowed: list of countries from which visitors and languages are allowed. If empty, the list from site or offer is ised.
  • Connect to traffic filter: disables simple filtering settings and connects a full-featured campaign from the "Traffic filters" section.

If a visit is blocked by filters, a trafficback is shown to the user. The following settings are available:

  • White site. One of the sites located in your white repository. If white is selected, the link and working method are ignored.
  • Trafficback link. URL or path to a file that is shown when a visit is blocked. If no link or site is provided, a random HTTP error is shown to the user.
  • Working method. One of the options for displaying trafficback is similarly described below.

When each filter is triggered, its type will be recorded in the filtering log: bots, geo, language, or blacklist. You can view the data on the triggering of filters in the "Statistics" section with the "Filter" criterion selected.

Traffic filtering campaigns

In some networks, you have access to the "Traffic Filters" subsection of the "Streams" or "Traffic" section. With it, you can create full-fledged traffic filtering campaigns with their own blacklists and settings. To add a new campaign, specify its domain or name and click "Create".

Main parameters

  • Domain - the name of your campaign. Can be used to install the traffic filter itself in one of the convenient ways. Please note that this is not the domain of your target site, because the filter will most likely be placed on a completely different domain. Interesting fact: actually, the "domain" field can be anything. In reality, it is used only to check the headers (host or referrer) of incoming traffic. But you can check the "Ignore domain" checkbox in the site settings and specify any text.
  • Work mode determines whether filtering is enabled.
    • Auto mode: the filter is enabled and checks the traffic.
    • Pause: always shows the dummy site, visit data is not saved.
    • Disabled: always shows the target site, visit data is not saved.
    • Training with dummy: always shows the dummy site, but logs the visits and real filter responses.
    • Training with target: always shows the target site with saved visit data.
    Automatic mode turns on the filter. A pause always shows a dummy site. A disabled filter always shows the target site.
  • Countries - you can limit the list of countries from which visits will go to the target site. If no country is selected, then traffic will come regardless of its geography. We strongly recommend specifying a limited list of countries to filter out visits from bots located on remote servers.
  • Target and dummy sites - in these fields you need to specify the URL or file name (only when working with a file include). Read more.
  • Site working method - choose a display method for the target and dummy sites. Depending on the chosen methods, we will create a ready-made filtering file. Read more.

Extra options

  • Trash visits - the filter will discard the number of visits specified in this field and show them the dummy site. Useful when testing a filter. With each call, the number in this field will decrease.
  • IP protocol version - you can only admit visitors to your site who are accessing IPv4 or IPv6. Useful for organizing IPv6 honeypots.
  • Traffic - you can limit the list of devices from which traffic will come. There is a choice of desktop traffic and mobile traffic (any, iOS and non-iOS)
  • Operating systems - list of OS from which traffic is allowed. If the OS is not recognized, it is always blocked.
  • Browsers - list of browsers from which traffic is allowed. If the browser is not recognized, it is always blocked.
  • Ignore request domain - may come in handy if you use the same site to work with multiple domains or via API without taking into account the real domain.
  • Check primary IP only - the filter will only analyze the main IP address and will not accidentally block your front server or CloudFlare.
  • Check the language - the filter will check the title of the user's language and compare it with the languages from the list of valid countries. Allows you to weed out the majority of intruders.
  • Check ad click - the filter will check for the presence of an ad click identifier of popular networks in the request. It is the presence of parameters that is checked, not their correctness. Examples of parameters: fbclid, adclid, gclid, wbraid, gbraid, msclkid and others.
  • Filters - you can limit the list of used filters by which traffic will be checked. If no filter is specified, then filtering will be performed on all blacklists available to you. This is the best option for most situations.
  • Exclude countries - you can use exclusion countries instead of countries that are allowed to display the site. In this case, language filters will not work, specify the allowed languages ​​yourself.
  • List of allowed languages - you can specify your own list of languages ​​with which visitors will be allowed to the site. By default, the list of languages ​​is formed according to the list of countries.
  • Block traffic if URL contains - a blacklist of words in the request URL. Specified one word per line. If the word is found in the URL, the traffic will be blocked and sent to the dummy site.
  • Pass traffic if URL contains - white list of words in the request URL. Specified one word per line. If the request does not contain any of the words in this list, the traffic will be blocked.
  • White list - requests from the specified addresses will not be checked. It is indicated one address per line. You can specify both a single address (12.34.56.78) and a subnet with a numeric mask (12.34.56.0/24).

You can download a ready-made traffic filtering file and use it on your hosting. Please note that when changing the operating method of the target site or dummy site, you must download the filter file again.

Important! If you connect the filter to a flow or split test, some parameters are ignored. Instead of the specified target site and stub, as well as from the operating methods, the flow or split itself and their trafficback are used. The operating mode of the filter itself is also ignored, the filter always works in active mode!

Working methods

You have several methods available to process the trafficback. Some methods are present only in flows and splits, some methods are present only in filtering campaigns, but they are basically identical.

  • Show white site (flow and split only). If you select a site in the path or trafficback settings, it will be used instead of a link. Sites are located in your local storage. The script will show the index.html file from the site folder. If this option is selected, the URL and display method are ignored.
  • Redirect by URL (302). The visitor is redirected to the specified link using the 302 Found header. This is the standard and most common method of working with redirects. It is not recommended to use 301 and 302 redirects in combination with other methods, since some ad networks may regard this methods as compromised site.
  • Redirect and glue domain (301). The visitor is redirected to the specified link using the 301 Moved Permanently header. This type of redirect is cached, even if rotation is enabled in the split settings. There is a belief that this redirect method allows you to glue your link to the target domain and the target domain will be shown in ads. We don't recommend believing these rumors.
  • Redirect via separate page (meta). The user sees the "Your browser is being checked" page and is redirected to the target site three seconds after it is displayed. In this case, the browser does not receive direct 301 or 302 redirect headers, all redirects are performed using HTML. It is recommended to use this redirect option if you combine different methods of work, for example, displaying content for some paths and redirects for others. This will help avoid blocking an advertising campaign, for example, in Google with the "Malware" mark.
  • Show link in iframe. The user sees a page without content, on top of which an iframe opens in full screen with the site specified by the link. Not all sites support working inside an iframe due to security restrictions. When working with an iframe, it is recommended to open all links in a new window, adding the target="_blank" attribute to them, or allow all sites to be displayed in frames using headers.
  • Show content by URL (curl). The script loads content by link and shows it to the user. In this case, the base tag is added to the content, which replaces all paths to resources. So all resources (pictures, scripts, styles) are shown on the site without the need to change its content. GET and POST requests are supported. There is a belief that the presence of the base tag in the site content negatively affects the approval of the site by search engines. We don't recommend listening to this nonsense. Showing content by link is the best option!
  • Show content without processing. The content is loaded by link without changing the paths and shown to the visitor. When working with this method, it is necessary to specify absolute paths with the domain for all resources: pictures, scripts, styles, fonts, otherwise they will not be loaded. The action fields in the forms must also have absolute paths.
  • Open local file (filter only). Instead of a link, a relative path to the file is specified that will load and display the script. The file must be in PHP or HTML format. This method will only work when downloading a ready-made filter file.
  • Show an error page (flow and split only). Instead of the content by link, a standard NGinx error page is shown. The specific error is chosen randomly and depends on the IP address of the visitor. You can ignore the random selection of the error code and specify your own code. To do this, specify the HTTP error code in the URL field. The most common option is to simply enter 404.
  • Show a blank page. Instead of the content by link, a blank page without content is shown. Even standard HTML tags for empty markup are not sent. The response status is always 200.
  • Embed in WordPress (filter only). To install, disable WordPress updates and upload the index.php file to the server instead of the same WordPress file.

Macros in traffic link of flow and split

You can add some parameters from the origin request to the link.

  • {geo} - ISO code of the visitor's country.
  • {host} - the domain where the site or flow was opened.
  • {flow} - flow ID.
  • {utms} - utm_source tag.
  • {utmc} - utm_campaign tag.
  • {utmn} - utm_content tag.
  • {utmt} - utm_term tag.
  • {utmm} - utm_medium tag.
  • {subid} - subid parameter from the request.
  • {uuid} - uuid parameter from the request.
  • {uid} - unique click ID from fbclid, gclid, adclid, uid or unique_id.

Note to administrator

These subtleties will be useful to the owners of networks based on AlterCPA. You, as a webmaster, can send this note to your manager so that he can set up the necessary options for you.

  1. You can make generic trafficbacks for TDS and redirect sites. They are configured within these sites and are used if the user has not set their own trafficback.
  2. You can disable using of trafficbacks with the offer. To do this, go to the "Control - Offers" section, find the desired offer, click "Settings" and scroll down to the "Technical Capabilities" section. Uncheck "Work with trafficback".
  3. You can allow certain users to add trafficbacks even in those offers where they are prohibited by the previous paragraph. To do this, go to the "Control - People" section, find the desired user and click "Edit". In the "Access to the site" section, check the box "Always can use trafficback".