Earlier this week E-consultancy’s own Drama 2.0 discussed current click fraud rates with PPC ad programs.

As an active user of PPC marketing, I wanted to chime in with my strategy for dealing with the issue.

There are a lot of companies that offer services designed to help online advertisers detect and defeat click fraud but if you have some basic skills with PHP and MySQL (or other languages/databases), you may not need them.

A few years ago, I developed my own little application that I use to keep track of my clicks and I’d like to share some of the basic components with you.

The Database

Create a MySQL table using the following:

CREATE TABLE `click_log` (
  `click_id` int(10) unsigned NOT NULL auto_increment,
  `group_id` int(10) unsigned NOT NULL,
  `timestamp` int(10) unsigned NOT NULL,
  `date` int(10) unsigned NOT NULL,
  `ip` varchar(25) NOT NULL,
  `user_agent` varchar(200) NOT NULL,
  `referer` varchar(300) NOT NULL,
  PRIMARY KEY  (`click_id`)

This table stores the following important pieces of data:

The ad group from which the click came, the time of the click, the IP address of the clicker, the user agent of the clicker’s browser and the website that referred the click (if any).

The Script

When setting up your campaigns, you will want to use a script that tracks the click and then redirects the user to the proper page.

I’ve cut out of my application the core code that deals with the tracking:


 $conn = @db_connect();
 $gid = trim(htmlentities(strip_tags($_GET[‘gid’])));
 $timestamp = time();
 $date = date(“Ymd”, $timestamp);
 $referer = $_SERVER[‘HTTP_REFERER’];
 $user_agent = $_SERVER[‘HTTP_USER_AGENT’];
 $log = @mysql_query(“INSERT INTO click_log (group_id, timestamp, date, ip, referer, user_agent) VALUES (‘$gid’, ‘$timestamp’, ‘$date’, ‘$ip’, ‘$referer’, ‘$user_agent’)”);
 //Add logic for redirecting the user based on the group ID – $gid

 header(“Location: $url”);


Note: db_connect is a common function included in functions.inc.php that connects to the MySQL database

The script is very straightforward. It inserts all of the data we’ve collected about the click into the database and redirects the user to the desired page based on the group ID associated with the ad campaign.

What’s Next?

Once you’re collecting this data, there’s really no limit to what you can do with it. The front-end that I built allows me to analyze the data and provides visual representations of the clicks my campaigns have received. It also lets me manage my campaigns.

If you’re collecting data and closely monitoring your campaigns, you will notice patterns and when you see something out of the ordinary (increasing number of clicks from a specific campaign, lots clicks coming from a specific geographic region, etc.), you can take appropriate action to try to determine if this is likely to be fraudulent and most importantly, can take action to make modifications to your campaigns if it is.

If you want to take things even further, you can expand your application to compare click data to the data provided by the PPC services you use (like AdSense). You can also integrate with web analytics software to gain insight into which clicks might be fraudulent by tracking what a “user” does on your website after the click.

One important thing to note is the fact that some of the data we’re collecting, such as referer, can be forged. But this does not mean that our methodology is flawed.

Remember – eliminating click fraud altogether is impossible. The goal is to catch click fraud patterns early on so that your losses aren’t greater than they need to be.