I just found out that the new version of hitbot supports cookies. This hitbot is killing my tgp

I am getting 10k/day hitbot traffic from sites that doesn't even excist. Some of my friends have this problem to.

This becomes a real fucking big problem

Sandy,

I have the same fucking prob....

I got hit by that adultregion zerosex fucker and my UCJ stats and prod have been fucked ever since....

If you find a solution relay it over

Everyday look your new trades section. Visit thoose sites by hand, eliminate CJ sites :=)

XP, I think the problem is that they keep sending 'hits' after you have deleted and blacklisted them.

ok here i go showing my newbie self again, but how do you tell if youre getting traffic from a hitbot? my tgp has a wild number of 'bookmarkers' so im starting to wonder...

The scourge of hit bots...

Even non-adult sites feel the slimy effects of scumbag cheaters.

Y2k Moms (http://www.y2kmoms.com/top_sites/info.html)

RMS

Ok, some cheating info:

1 - No all norefs are bookmarkers. Norefs are also surfers with old browsers, surfers behind various types of proxy surfers, and hitbots.

2 - No cookie support is only a symptom of a shitty hitbot - the good ones do support cookies, and have for a while.

3 - If you've determined that a site is hitbotting you, you need to send all of that sites traffic to a popup hell, via htaccess. Also, nocookie traffic needs to go as well. Now, here's the bite in the ass: Unfortunately, hitbotters usually aren't so bright, so they'll hitbot you using proxies that don't pass along their referrer info (and thus, they don't get credited for the trade) so it will have the effect of pouding you with fake traffic that you have no idea where it came from. This is noref traffic and looks like "bookmarkers".. If you're running a CJ/CJ2, the solution is simple.. If a TGP, you're in trouble, and I don't have a remedy for you. Also, a hitbotter could slam your out script without a referrer just for fun if you delete him/it after finding out he's cheating you.

Anyway, it's a hard road for a TGP, I don't think there's an easy 100% solution.

Cheers,
Backov

Hyde: use .htaccess to block their hits, its easy!

Juicylinks,

Im hit by domain names that doesn't even excist!! istealyourstuff.com and hits from danish chatboxes with no outgoing hits at all

A friend of my was hit to, he was from 10k to 60k in one day. only those 50k is hitbot traffic. The ref url was a gallery from him, he doesn't know who hitbotted him!
Very strange.

Could one of you guys post an htacess file that shows me how to block a certain address?

Thanks :)

XP, Backov,

that's the problem, they hitbot your out.cgi with no referrer info at all, but it is killing your site because of low prod on other sites!
And they just laugh about it, nothing you can do about it.
XP - .htaccess who?? i don't know who is hitbotting me! istealyourstuff.com? doesn't excist!@

Well, it doesn't have to exist for you to put it in your htaccess. Here's the htaccess for Exxxotica:

AuthUserFile /dev/null
AuthGroupFile /dev/null
RewriteEngine On
RewriteCond %{HTTP_REFERER} ^http://.*cheater1.com/* [NC,OR]
RewriteCond %{HTTP_REFERER} ^http://.*cheater2.com/* [NC,OR]
RewriteCond %{HTTP_REFERER} ^http://.*cheater3.com/* [NC,OR]
RewriteCond %{HTTP_REFERER} ^http://.*cheater4.net/* [NC,OR]
RewriteCond %{HTTP_REFERER} ^http://.*cheater5.com/* [NC]
RewriteRule .* http://popuphell.com/ [R,L]

Note that the last domain entry (or first if there's only one) has no OR in it.. If it does, BAD THINGS will happen, so be careful.

Cheers,
Backov

Backov,

that won't help. They can just change the referer and send hits from other sites. They don't need to get anything in return. They do it for fun. They can just send tons of hits from one IP to your out.cgi and you'll get serious troubles! Your script will think that hits are sent, but your trades never receive them. you just loose the traffic.

Things are better for CJ sites. Solution is - configure your .htaccess to accept traffic from your trades only. Other traffic send to your sponsors/toplists/anywhere.

Solution for TGPs (not good though): block noref hits and send to special page. Can be the same page as yours, BUT with no script links. You can use blind links like the old days, but not links to out.cgi. Or, use .htaccess as for CJs (filter traffic from trades to go to a page with script links) and other traffic to your normal pages without script links, just normal old days blind links. And remove auto signup page!

To tell the truth, it's mostly impossible to 100% protect your sites from cheating. The point is to make that cheating useless and time consuming, so that cheaters will stop cheating your sites.

Good luck. Have questions about cheating? ICQ me :) 9838281 Got better solutions, but don't want to spam :)

CLOSE YOUR AUTOSIGNUPS


the only solution

Playa, They send you hitbot traffic just to fuck your site up!! If you close your signup page isn't a solution. closed or not, they will hitbot you, just to fuck you up.

Only solution is to trade the old way, hard links. But i didn't bought a $600 script to trow it away :-(

I've got an idea. Maybe it's dumb, so you tell me :)
The key is to keep two pages - one for bookmarkers (it will have some perm links for your best trades), another one for trading (powered by script, sending all no-refs to console hell). Is there any sense?

Kodek,

yes, that two pages make sense. Read my previous post (and Backov's with .htaccess structure) to find out how to make it.

BUT, that won't help you to get rid of professional cheaters/motherfuckers. They can simply use the same referers as one of your trades and send you tons of hits to out.cgi, you'll still be fucked :(

There is no way out to 100% protect from this.

Yep, you are right. They can always spoof a refferer.
I've missed that.

out.cgi should have a checking routine that checks if it was launched from your site's domain name. If out.cgi has no refferal, it should exit without doing anything. I need to tell Tim to do that.

Yes, I see this as a BIG potential problem (if it isn't allready a BIG problem)

Trade scripts should have something to bypass a hitbot!
especially when the script costs you $600
:-)

Originally posted by Sandy:
<STRONG>Playa, They send you hitbot traffic just to fuck your site up!! If you close your signup page isn't a solution. closed or not, they will hitbot you, just to fuck you up.
</STRONG>

they won't waste the hitbot on your site if they never signed up,,,

what is a hitbot, like a script? i have been a webmaster for years and have never seen any for sale. hehe

Originally posted by Speedy26:
<STRONG>what is a hitbot, like a script? i have been a webmaster for years and have never seen any for sale. hehe</STRONG>

A hitbot is a program that generates artificial traffic.

does anyone know of a script thats cheater proof?

If you got php installed here is a litte script to do the trick, send your outgoing traffik to this script:

&lt;?
$refer=$HTTP_REFERER;
if(!(preg_match("/yourdomain.com/", $refer))) {
header("Location: <A HREF="http://whereyouwantyourhitbooter");" TARGET=_blank>http://whereyouwantyourhitbooter");</A>
}
else {
header("Location: <A HREF="http://youroutscript");" TARGET=_blank>http://youroutscript");</A>
};
?&gt;
:cool:

Originally posted by Torben:
<STRONG>If you got php installed here is a litte script to do the trick, send your outgoing traffik to this script:

&lt;?
$refer=$HTTP_REFERER;
if(!(preg_match("/yourdomain.com/", $refer))) {
header("Location: <A HREF="http://whereyouwantyourhitbooter");" TARGET=_blank>http://whereyouwantyourhitbooter");</A>
}
else {
header("Location: <A HREF="http://youroutscript");" TARGET=_blank>http://youroutscript");</A>
};
?&gt;
:cool:</STRONG>

Not secure enough, I have already figured out two effective ways to work around that.

Originally posted by Unknown:
<STRONG>

Not secure enough, I have already figured out two effective ways to work around that.</STRONG>

How?

Oh I know now, I am tired and not thinking clearly.

Originally posted by Torben:
<STRONG>

How?</STRONG>

First and most obviosly, you could find and hitbot the correct out script URL. (The one your script redirects to if valid ref)

Second, you could hitbot from a folder named /yourdomainetc.com and it would pass the ref test. Standard ref spoofing would ofcourse work too, but the script can be worked around much easier with mentioned "folder" method.

Originally posted by Torben:
<STRONG>Oh I know now, I am tired and not thinking clearly.</STRONG>

I see. Well, seek comfort in that almost any script can be hacked/worked around if you know what you are doing. lol

Originally posted by Unknown:
<STRONG>almost any script can be hacked/worked around if you know what you are doing. lol</STRONG>

Especially those on-the-fly 10 second scripts might I add. ;)

HTTP_REFERER is set by the client "browser". This client browser is usually your web browser but it could be a hitbot. Therefore, even this can be faked by hitbot.

I've given up on my trade sites. I'm concentraing on my small free sites - fewer headaches.

Guys,

IT IS POSSIBLE to 100% emulate like it is a real person clicking! Removing signup page won't help. Cheaters can just click on your out.cgi, see with what sites you are trading and make you fake prod by spoofing a referer.

There is NO script that cannot be cheated. BUT there are scripts that differ in showing who is cheating.

The only solution i see is don't count proxy hits, BUT lots of normal surfers do use proxies. So, if you don't count them, then probably your trades will die because you won't return the same amount of traffic.

All available CJ script in the current market is CHEATABLE, so dont waste your time to protect it :D

So, we are back to good old perm links I think? :)
Is it possible to run a tgp on perm links today?

Can't you also ban them with hosts.deny file on linux?

There has to be a way to findout who is doing it to you though, otherwise they could hitbot yahoo or aol and take them down?

Yep gotys is a very good programmer he have enough ideas to bypass hit bot ... Tim you should contact him

I dont think anyone has enuff bandwidth at their disposal to take down AOL. Im sure it would take a hell of alot more then a single hitbot to even put a dent in AOLs backbone.

Calm down you guys.
First professional hitbotters never do attack to TGPs for fun! Who wants to kill tgps, that sends his to real traffic?

Also attacking to out.cgi is possible with many programs (Windows) and they're not hitbots or something!

I'm sure thoose guys are newbie, who attacking to out scripts.

Newbie or not, they have fucked up my site and several other sites. And it can be used to get the competition down!!

you should do a search on the term hitbot on altavista ive seen some of them that can kill our sites for sure

some features i found on that webpage

set static or dynamic URL in 6 ways, even dig out the url buried in the entry page,
support Cookies
set the ratio of hits to impressions
set the time interval between two actions
set the number of viewed pages for every "visitor
change the proxy randomly to act as different visitors from different IPs,
change the reference automatically

to bad our scripts arent protected against those software, the only way to stop this is to disable your auto-signup untill there comes an update for your script

But, The best cheaters only fake 5% of their traffic!! so sending me 1k and faking 5%!!

You'll never ever conna catch them cheating, if they do it right! and their are a few who do it right. That's the first problem.

Second problem is when you detect a hitbotter and blacklist him, he wants revenge and fucks your site up by sending you 50k fake productive hits.

Maybe Tim wants to read this thread and ucj can have some protection build in.

I lost much traffic yesterday and today. Apparently someone is using a hitbot which doesn't support cookies. Anyone have any idea on how to block such traffic?
Adding their IPs in the htaccess every time they come up with another one is not an easy way :-(

dont include no cookie clicks in the stats

Originally posted by Sandy:
<STRONG>
Second problem is when you detect a hitbotter and blacklist him, he wants revenge and fucks your site up by sending you 50k fake productive hits.

Maybe Tim wants to read this thread and ucj can have some protection build in.</STRONG>

You can't protect from this. that's the problem. you can see that your prod is fake, but you cannot do anything about it. Even closing autosignup page won't help.

You may not be able to fully protect against some prick getting revenge, but you can surely protect against the ones that are in it for gain by shunting the nocookie/noref traffic off, and htaccessing the trade they are sending from.

Cheers,
Backov

Originally posted by vovan!:
<STRONG>

You can't protect from this. that's the problem. you can see that your prod is fake, but you cannot do anything about it. Even closing autosignup page won't help.</STRONG>


Some are very dumb with hitbotting, like adultregion.com etc his site was clicking 500 times on my top 30 list!! yeah right

so some you can catch, but the best cheaters are very very very hard to catch, if they can be catched at all!!!

as playa said : Close your Auto Sign up pages and take the control in your hands.

Youre wrong Bora some of those cheaters will give you some extra after you blacklisted them ive had this one year ago on of my celeb sites that fucker was sending me 20k two weeks later my site was dead

Originally posted by Torben:
<STRONG>If you got php installed here is a litte script to do the trick, send your outgoing traffik to this script:

&lt;?
$refer=$HTTP_REFERER;
if(!(preg_match("/yourdomain.com/", $refer))) {
header("Location: <A HREF="http://whereyouwantyourhitbooter");" TARGET=_blank>http://whereyouwantyourhitbooter");</A>
}
else {
header("Location: <A HREF="http://youroutscript");" TARGET=_blank>http://youroutscript");</A>
};
?&gt;
:cool:</STRONG>


www.theredomain.com/yourdomain.com (http://www.theredomain.com/yourdomain.com) as the ref and your cheated again, thats probally one of the worse yet best against newbs cheat protection u can find... :rolleyes:

Originally posted by gotys:
<STRONG>out.cgi should have a checking routine that checks if it was launched from your site's domain name. If out.cgi has no refferal, it should exit without doing anything. I need to tell Tim to do that.</STRONG>


petr, it shouldnt just exit, instead go to the tgp's url if theres one there instead of a trade, it would indeed raise the click level yes but that could also be bypassed if tim wanted it to.

but if ive saw some pretty well done cheaters as i have the problems with my topsite and they are tricky turning proxies into ips etc very hard to bypass..

maybe have c.cgi check if its not from the domain referer then have it go to a customize other page of your tgp like tgp2.html with a different design etc for the surfers on no ref just incase, or have it go to a blank page.. or whatever...

;)

Originally posted by Bora Diker:
<STRONG>as playa said : Close your Auto Sign up pages and take the control in your hands.</STRONG>

yups true

Today I had one of my webmaters coming and asking me why his site did 20k but he didnt make any money.

Well I went and checked..

I say 8 sites wich sent 2k daily and about 3k productive on each of them

The return on those guys was well, even good. but it was fake !!

At the end after examining all trades manually it was very clear that all traffic was send to some toplists.

He didnt like it, because he was doing 20k/day and about 16-17k of that traffic was hitbot traffic (totally fake)

Going in and out and in and out.

Total scam. But the problem is, it can get you banned from a sponsor.

So which i agree is on the part that you should aways examine your trade manually.
always,

I mean even with the worst CJ. you still have to examine you trades manually, at these days (with current techniques) no script can detect hitbotters itself. you have to look carefully at your trades, and check back randomly to see where they are sending their hits too.

Raiden,

That's just plain wrong - scripts CAN detect hitbotters themselves. It's all about proxies. Hitbots don't work without proxies. If you're getting 40%+ proxy traffic, you're getting hitbotted. If you're getting only 5% proxy traffic, but that 5% is really productive, that's probably a hitbot too.

Cheers,
Backov

it just depends if you have some smart asses there if they do the trades the do probably only 500 to 1000 hits from a hitbot so their prod wouldn't be that low aswell, if theyhave advanced software the could maybe do 4k cause a lot of people dont like searching logs especially when you talk about 10k hehe

Originally posted by Carneal:
<STRONG>


www.theredomain.com/yourdomain.com (http://www.theredomain.com/yourdomain.com) as the ref and your cheated again, thats probally one of the worse yet best against newbs cheat protection u can find... :rolleyes:</STRONG>

OK, OK.. It was late and I was tired. Is this better:

&lt;?
$refer=$HTTP_REFERER;
if (strpos($refer, '://')){
$pos = 3 + strpos($refer, '://');
$refer = substr($refer, $pos);
}
if (strpos($refer, "/")){
$pos = strpos($refer, "/");
$refer = substr($refer, 0, $pos);
}
if(!(preg_match("/yourdomain.com/", $refer))) {
header("Location: <A HREF="http://whereyouwantyourhitbooter");" TARGET=_blank>http://whereyouwantyourhitbooter");</A>
}
else {
Do your php out script here
};
?&gt;

Originally posted by Torben:
<STRONG>

OK, OK.. It was late and I was tired. Is this better:

&lt;?
$refer=$HTTP_REFERER;
if (strpos($refer, '://')){
$pos = 3 + strpos($refer, '://');
$refer = substr($refer, $pos);
}
if (strpos($refer, "/")){
$pos = strpos($refer, "/");
$refer = substr($refer, 0, $pos);
}
if(!(preg_match("/yourdomain.com/", $refer))) {
header("Location: <A HREF="http://whereyouwantyourhitbooter");" TARGET=_blank>http://whereyouwantyourhitbooter");</A>
}
else {
Do your php out script here
};
?&gt;</STRONG>

still not good :)
use this:
$referer_url=strtolower(getenv("HTTP_REFERER"));
$ref_ar = parse_url($referer_url); $referer = $ref_ar["host"]; $rest = substr($referer, 0 ,4); if ($rest == "www.") { $referer = substr($referer, 4); } }

if ($referer != "your_domain.com") { header("Location: /fuck_him.html"); exit; }


$referer - contains the domain name.

BUT, that can be 100% bypassed just by spoofing the referer. Cheaters can make it look like the script was hit from your server.

well dont know of any BOT that could take out TGPS sites ,, Would be DREAM though :=)
we all could make more money! start CJ-101 AGAIN! :=)

Originally posted by Backov:
<STRONG>Raiden,

Hitbots don't work without proxies. If you're getting 40%+ proxy traffic, you're getting hitbotted. If you're getting only 5% proxy traffic, but that 5% is really productive, that's probably a hitbot too.

</STRONG>

Backov, how can you tell if an ip is a proxy or not? would help me great if you tell me

:D
Mucho thnx

Sandy check HTTP_VIA variable in HTTP header
Some other variables may help as well...

HTTP_VIA is only one of 6 or so. But the problem is that detects at most about 70% of proxies - you also need a database of known proxies to compare against. It's fairly complex, and unfortunately pretty much needs to be done script side.

Cheers,
Backov

Well, my site droped 10 ranks on sextracker, and only thing holding it still alive are my bookmarkers. Whoever is doing this shit deserves death, very slow and painfull death. I lost thousands of dollars and once what was a big site. FUCK YOU ASSHOLE! FUCK YOU! ROT IN HELL MOTHERFUCKER!

Guys, any ideas. This really sucks :(

Everyone talking from different thing. Basically :
Attacking to a TGP's out.cgi (Yes main subject was that!) is very simple and no hitbot needed (Don't be silly, I won't tell you how.)

I see some guys closed autosignup pages. That won't protect you, because if some cheater don't like you (because you smart, catched him!) he may attack your script, no signup needed!

Where the fuck is Tim? I need this fixed God damn it! Fuck! Why can't he add a feature that if it has no refferer, it goes to a fucking gallery instead of a trade. This is rediculus, one fucking line of fucking code, and he can't fix it. Jesus, I am so pissed

It's not that simple. Sending noref traffic to a gallery won't do you tgp good either. Noref are your BOOKMARKS to ~!! I personally don't want to send my loyal surfers to a gallery! they will never come back.
Tim probably isn't here because he is thinking his brain out how to fix the hitbot problem

here is my idea, that will be realized in SmartCJ. (if u'll like it)
we have bookmarker (no http_referer) and hits from sites that we don't have
on file (have http_referer but we don't have such domain name in our records (traders))
let's call it 'no_trade_sites'
so traffic from that 'no_trade_sites' wil NOT be used to count in\out hits.
it's good cause: we will be protected from hitbots and so on
it's bad: we'll not count hits not only hits from hitbots but also from SE and so on.

i don't know but usually cj sites don't get too much traffic from SE so may be that's
the way we can do it?

ICQ: 2810040

Alexz,

that won't help much. Actually, this feature is useless. If a cheater needs to fuck your tgp/cj, he can just spoof the referer of one of your trades. Your feature won't help, you will just use additional CPU resources...

if somebody want's to fuck your cj script - there is only one thing u can do - close it before that :-)

yahoo and microsoft were fucked by someone, so what we can say ...

may be we can just don't count hits from proxies ?
usualy traders have approximatly the same % of proxies, so ... ? what do u think ?

Hi
My site is losing visitors too.
How can we config the .htaccess if we don't have any IP to ban?
btw is there a way to block access to a site with RB2?
How about an example of htaccess blocking sites using proxies...????
help

If cheater want to fuck your site... too bad... gotta live with it :D

Originally posted by freedom:
<STRONG>How about an example of htaccess blocking sites using proxies...????
help</STRONG>

blocking ? redirecting ?
mod_rewrite or smartcj
:-)

this thread is pointless,,,

i think it should be closed,,

if you guys are gonna come up with a solution it should not be posted here in public,, any any suggestions to make a quick fix can also hint a cheater onto counter acting your quick fix,,

hence why Tim isn't posting on this post...