Affiliate Program Overkill Part 1: The Cloaker

This will be the first post of a small series how I built a complicated advertising/promotion system.

It all started pretty small and then evolved and grew over few years.
At the end I ran tens of thousands of different affiliate programs simultaneous.

The whole stuff didn´t even take too much time for maintenance and made me good 6 figures in profit so it definitely was worth it.

The first step in the whole process was how I coded my own cloaker.

How It Started

In 2009 I got an account at a trafficsource closed.

“Due to deceptive practices your ads have been disapproved and your account has been terminated. “

Their explanation was “The ad originally approved is no longer displaying”.

Well, I was splittesting different landing pages so of course it can happen that the lander shown later is not the one shown when I created the campaign.

But it´s not deceptive at all.

Anyway, I was pretty much pissed so I decided to find a workaround for it to prevent that such stuff happens in the future again.

At this point I decided to code a cloaker.

The funny thing is, at that time I didn´t even knew that this is called “cloaker”.
I also had absolutely ZERO knowledge of PHP or so, I just wanted to code a script or software that prevents me from getting into trouble for running normal campaigns.

I did some brainstorming and pretty fast it was clear for me that I need to find a way to redirect the reviewers from the trafficsource to somewhere else.

Then I started to do some research and collected ideas what I need to do.

Google, Stackoverflow and many small snippets from many other websites helped me to work on my project.

The cloaker is completely in PHP and the first versions were pretty basic but still did the job.

At first I only tracked IP addresses and put them on a blacklist and redirected all users with such IP addresses to a whitehat lander.

The longer I kept it running the better it worked because I had more and more data to analyse.

Then I tried to track everything from IPs, IP Ranges, ISP, locations, User Agents, technical data of the devices and much more.

I started to work with blacklists and whitelists.

I didn´t know how to create SQL databases so I had the script to write all values in CSV files that I then checked later and all values that I needed in the cloaker I put directly into the PHP file in arrays.

The whole cloaker basically is a PHP script with many different if/else statements going through them one after another.

When a condition was matched the user got redirected to wherever I wanted.

Only when a user went successful through all tests he got redirected to my real campaign.

It was by far not the best way to do it but I am also no coder at all and for me the only important thing was that it worked.

The script then created different CSV files based on the results, one file for successful users, one file for bad users from a blacklist, one file for new bad users.

A problem was that for each campaign I had to change the cloaker file separately, that was pretty annoying.

Later when I scaled the whole stuff I also worked on a better way to run it, you can read about it in one of the next parts.

Although the cloaker was pretty much customized for my very own needs it worked very good and still works but it´s rather limited to only some of my campaigns where I need it.

Nontheless I probably ran $XXX.XXX of traffic and millions of impressions through the script in all the years from different trafficsources and never had problems anymore and never got an account closed again.

And I ran some really shady and blackhat stuff in all the time.

The cloaker is still working but from 2009 to now the landscape changed and so did my work so I don´t really use it much anymore.

But I still have some campaigns running since 2012 or 2013 where I still use the cloaker but in a more advanced version.

And this is the topic for Part 2: Expanding The Operation