Is it true, bots are clicking on the ads in facebook?
Yes, its True!
Limited Run Company noticed it could only verify about 20
percent of the clicks that were supposedly being converted to users showing up
on its Web site.
80% of clicks it was
paying for were coming from bots.
Bots are computer
scripts or fake users who simply repeatedly click the ads.
What if you complain this to facebook?
If a complaint is send to Facebook, then it demands for the
below information:
- Server Logs
- Aggregated counts of your clicks
What are these?
1. Server Logs
Raw server logs of all clicks coming to your website, or the
total amount of all clicks coming from Facebook, with an explanation of how you
filtered them.
These server logs must contain:
- Timestamp of page load
- User agent string
- User IP
- Exact page loaded, with the parameters passed
2. Aggregated counts of your clicks (Optional)
If possible, please also include the following:
- The total number of clicks you received from Facebook split by day, for the specific time period where you have noticed the click issues.
- The total number of clicks you were billed for, by Facebook, also by billable day for the period in question.
- A screenshot of your external reporting system showing the total number of clicks received from Facebook.
How to get Server Logs?
For Tomcat Application Server, it can be achieved by setting
the value of ‘Access Log Valve’ tag, in pattern attribute as ‘combined’ in
server.xml.
<Valve className="org.apache.catalina.valves.AccessLogValve" pattern="combined" directory="logs" prefix="yoursitename_access" suffix=".txt" />
Techniques to find or block bots
1. Unique Cookie is one way to find out whether a
user has registered multiple times from the campaign or not.
When a user registers from a
campaign, server should store a unique cookie value to that user’s browser. So
the next time a user registers from that browser, server can find out by
looking at the cookie stored.
2. Create a blacklist of user agents of known bots
like FeedBurner, Googlebot.
Whenever a request comes, compare
their user agent string with the blacklist, to determine whether these are bots
or not. Or even a prevention step can also be taken from these identified bots.
This implementation has a
performance hit because we have to check each user request user agent to the
blacklist.
Also some user agents are real
users (hired by ad agency for cheap labour). No blacklist is going to have those
real users.
3. Flag bot vs. non-bot.
Log information about browsers which cannot execute Javascript, and then built some sort of system that analyzes these browsers and their
trends (like, if they originate from
a certain IP range).
Javascript is something that is on by default
and for a user to turn it off is an explicit manual action. No user wants to
turn off the javascript, unless for doing any suspicious activity or he is a
guy who hates the word ‘java’.
But this means cannot catch the bots
until after the analysis.
4. Whenever user registers, send a verification code to the user’s email
or sms to authenticate the identity.
5. Captcha
But not good for user experience
and may even prevent irritated users from registering.
 |