PHANTOM MODE - The Absolute Guide to Hide Your use of MCL!

Full documentation of Mighty Content Locker. Everything You need to know about the script is in this forum!
Site Admin
User avatar
Posts: 310
Joined: Mon Jan 21, 2013 8:43 pm
Location: InnoCoders.com

PHANTOM MODE - The Absolute Guide to Hide Your use of MCL!

Postby innozemec » Tue Apr 23, 2013 7:15 pm

In this thread You will find all the different techniques that You can apply to absolutely hide Your MCL installation, stay under the radar at the CPA Networks and various methods that will improve Your overall effectiveness of MCL

If You are newbie in the online business or if You are newbie in using Content Lockers, We highly recommend You to take a good careful read on everything written here!

If You are experienced user, You can still find some pretty good and valuable information in here, as there are tips and tricks shared here by CPA marketing experts with over 10 years of experience and CPA network owners as well!

This thread gonna be long, due to the lots of techniques that can be applied, thats why each technique will be in its own separate post.


Disclaimer: All the information found within this thread is for informational and educational purposes only! Inno Coders can't be hold responsible and/or liable if the information shared in here causes damage in any way to You, third parties or anyone at all! Inno Coders can't be hold responsible if You get banned out of any CPA Networks if you apply/not apply any of the techniques explained in here. Again, this is for educational purposes only! Inno Coders do not urge anyone to apply/not apply any of the techniques explained in here!

By reading/sharing/applying/using any of the techniques shown within this thread You are solely responsible for Your own actions and the resulting consequences!



This is read only thread. If you have any questions or simply wanna discuss something about the techniques explained before, DO IT HERE ONLY!
Image


Site Admin
User avatar
Posts: 310
Joined: Mon Jan 21, 2013 8:43 pm
Location: InnoCoders.com

General Information about use of Content Lockers!

Postby innozemec » Tue Apr 23, 2013 7:30 pm

General Information about use of Content Lockers!


OK, as a start lets explain why You would need to hide your use of Content Lockers at first place!

There are generally two types of CPA Offers - incentivized and non-incentivized

Incentivized offers are ones that are OK to be promoted within content lockers. If You are promoting only such offers then You do not need to worry about hiding your use of Content Lockers at all! Nor to worry about being banned from a CPA Network, because of use of Content Lockers.

Non-Incentivized offers are the ones that should not be promoted within content lockers. However, many people prefer to take the risk and promote Non-incentivized offers within content lockers, because of the higher profits. And thats exactly where the issue of hiding Your Content Lockers from the eyes of the CPA Network and from anybody's eyes, arise!

There are various techniques and methodologies that could be applied to hide your use of MCL and Content Lockers. All or just some of these techniques can be applied depending on what exactly You are doing and the way You are operating Your business!
Image

Site Admin
User avatar
Posts: 310
Joined: Mon Jan 21, 2013 8:43 pm
Location: InnoCoders.com

INSTALLING MCL IN RANDOM DIRECTORY

Postby innozemec » Tue Apr 23, 2013 7:48 pm

INSTALLING MCL IN RANDOM DIRECTORY


The first step to hide your use MCL is not to install it in the default "mcl" directory as it comes out of the install package, but in some randomly named directory.

So, instead of having your MCL installed like this:
Code: Select all
http://www.yourdomain.com/mcl/


Your MCL install will look like this:
Code: Select all
http://www.yourdomain.com/some_absolutely_random_directory_name_here/


The best time for doing this is at installation time!

INSTALL TIME SETUP

Once you download the install package from our website and unpack it in your PC, simply rename the "mcl" directory to something random, and then proceed with the install by uploading it to your server.

POST-INSTALL TIME SETUP

If You decide to apply this technique on already installed MCL, be adviced that You will need to update all your Lockers Embed Code across all your web sites currently using Lockers.

Here's the exact procedure for doing it:

1. Go via FTP/SSH to your domain and simply rename the "mcl" directory to something random. For the purpose of this tutorial, lets rename it to qwertyuiop

2. Fire up your favorite browser and Visit Your MCL administration panel at the new URL Address, like:
Code: Select all
http://www.yourdomain.com/qwertyuiop/


3. Once inside the MCL administration panel, go to Settings->Configure and find the Script URL field and update its value to match the new MCL location, like:
Code: Select all
http://www.yourdomain.com/qwertyuiop/


4. You need to go and grab the Embed Code for each of Your Lockers and place it again on your websites, because the MCL URL address changed, so you need to update the Embed Codes as well.


Thats all for this technique.
Image

Site Admin
User avatar
Posts: 310
Joined: Mon Jan 21, 2013 8:43 pm
Location: InnoCoders.com

BLOCK ACCESS TO MCL

Postby innozemec » Tue Apr 23, 2013 8:00 pm

BLOCK ACCESS TO MCL


Additionally to installing MCL in a random directory, You may wish to block access to Your MCL script, so only You can access it.

Right now if someone visits your MCL install URL Address they will see the Administration Panel login screen and will identify You are using MCL.

MCL is configured in such a way that all the adiministration panel is handled by the index.php file and it can be easily locked without affecting any of the public files required for displaying the lockers. Only the index.php file is printing out content when visited directly, all rest files display absolutely blank content!

So, to lock your MCL, go to Setttings->Phantom Mode in the administration panel and copy the MCL Install Block Htaccess Code found there

It looks like this:
Code: Select all
# Phantom Mode - Blocks all access to the backend administration panel
# Simply replace 127.0.0.1 with Your IP Address
 #You can put as many lines like 'Allow from 127.0.0.1' to whitelist as many IP addresses as You like
<Files index.php>
Order deny,allow
Deny from all
Allow from 127.0.0.1
</Files>


The code You will find in MCL itself is directly embedded with the current IP address You are visiting the MCL administration panel.
So, You simply need to copy it and paste it into your .htaccess file found in the main MCL directory. Paste it either on very top or very bottom if you have another content in the htaccess file

You can add as many 'Allow from 127.0.0.1' lines as many IPs you wish to whitelist for access to MCL.

If You ever get locked out of MCL due to some reason, You can simply go via FTP/SSH and whitelist yourself with your new IP or simply comment out/remove the lock code.

This is all about this technique!
Image


Site Admin
User avatar
Posts: 310
Joined: Mon Jan 21, 2013 8:43 pm
Location: InnoCoders.com

MASKING YOUR MCL POSTBACK URL

Postby innozemec » Tue Apr 23, 2013 8:28 pm

MASKING YOUR MCL POSTBACK URL


This technique is needed only if You use Postback at Your Content Lockers!


You might want to mask Your MCL Postback URL, because an easy way for a CPA Network to identify You are using a Content Locker script is by looking at Your Postback URL you set at You CPA Network account.

The best solution for this case is to use an intermediatery script hosted at different location than your MCL! So the CPA network can only see that and in no way it can connect it to a Content Locker script of anykind!

So, here's how it work in details.

1. Go to MCL administration panel in Settings->Phantom Mode and copy the provided PHP code named External Postback Script Code

It looks like this:
Code: Select all
<?php

// SET HERE YOUR MCL POSTBACK URL WITHOUT THE POSTBACK SECRET KEY
// Example: http://www.somedomain.com/mcl/pb.php
$mclurl='YOUR_MCL_POSTBACK_URL_HERE';

// DO NO EDIT ANYTHING BELOW

$mclurl.='?'.http_build_query($_GET);

$ch=curl_init($mclurl);
curl_setopt($ch,CURLOPT_HEADER,false);
curl_setopt($ch,CURLOPT_TIMEOUT,30);
curl_setopt($ch,CURLOPT_RETURNTRANSFER,1);
curl_exec($ch);
curl_close($ch);
?>


If you copy the exact script code from MCL admin panel it is ready for use. If you copy it from here, you simply need to replace YOUR_MCL_POSTBACK_URL_HERE in it as per the instructions written there.

2. Open up your favorite editor and paste that code into it and save the file with some random name ending in .php extenstion. For the purpose of this tutorial lets name it qwertyuiop.php

3. Upload the created qwertyuiop.php file to any of your web sites. If You don't have other websites You can upload it on same domain as MCL is installed, but never place it in MCL directory itself. The best place to upload this file is at some good authority looking whitehat site.

Lets assume for the example of this tutorial You uploaded the qwertyuiop.php file to:
Code: Select all
http://www.yourdomain.com/qwertyuiop.php


4. Go back in Settings->Phantom Mode in MCL administration panel and in field External Postback Location put the URL address to the qwertyuiop.php file, in our example it is:
Code: Select all
http://www.yourdomain.com/qwertyuiop.php


That is necessary for taking advantage of the built-in detailed Postback Instructions available within MCL for the various CPA Networks. Once You enter your External Postback Location MCL will be able to provide You the exact code You need to place in the CPA Networks.

5. From now on, instead of placing your regular MCL Postback URL in the CPA Networks, You will be placing this new Postback URL.
In our example:
Code: Select all
http://www.yourdomain.com/qwertyuiop.php


If You did the things in paragraph #4 in this tutorial when using the built-in detailed Postback Instructions for the various CPA Networks found within MCL, MCL will include the new External Postback Location in the instructions.


So, at the end of the day what You did is creating an intermediary script, hosted at different place than MCL, which receives the Postback information from the CPA Networks and relays it to your regular MCL Postback URL. This way noone can identify in any way that you use Content Locker script. The intermediary script does not produce any output!

If/When being asked by the CPA Networks what is that Postback script you use, You can always tell them anything you like.. For example that it is custom coded script to track stats from various CPA Networks you use, for internal accounting and etc.. and etc..

Thats all for this technique!
Image

Site Admin
User avatar
Posts: 310
Joined: Mon Jan 21, 2013 8:43 pm
Location: InnoCoders.com

PROPERLY UTILIZING REFERER BLANKING

Postby innozemec » Tue Apr 23, 2013 8:52 pm

PROPERLY UTILIZING REFERER BLANKING


As You know MCL provides built-in Referer Blanking option, so that the CPA Networks are not able to see the web sites from which You send traffic to Your offers.

Many people misunderstand this option and/or believe it solves all their problems.

This tutorial will explain in details how that option can benefit you and how it should it be used the right way.

OK, as a start You need to understand that just using Referer Blanking is not going to put You 100% on the safe side!

Example: You have an account at some CPA Network which You don't promote elsewhere, but only through Your Content Lockers. When You enable Referer Blanking, all Your traffic will be without a Referer. So once someone from the CPA Network looks at your account he will see that your traffic and leads are coming only from Direct access (without a Referer). That definitely will rasie the red flag!

To safely use Referer Blanking You need to send traffic to the CPA Network from other websites/sources to dillute the numbers.

Here's an example to understand this: You have an account at that same CPA Network, but this time You promote their offers on several websites, not only through Your Content Lockers. So, once someone from the CPA network looks at Your account he will see traffic and leads from lots of websites, some Direct Access (without Referers).. and that won't look suspicious or raise a flag as thats how normal looking stats look like.

So, once again to properly utilize Referer Blanking, you should not rely just on it, but also You should find a way to send traffic from other websites/sources to dillute the numbers.

A better way is to deploy and use Referer Faking, than using Referer Blanking, but that requires more time and efforts. You can learn about Referer Faking in a tutorial below..
Image

Site Admin
User avatar
Posts: 310
Joined: Mon Jan 21, 2013 8:43 pm
Location: InnoCoders.com

GENERATING SUBIDS MCL'S STYLE

Postby innozemec » Tue Apr 23, 2013 9:40 pm

GENERATING SUBIDS MCL'S STYLE


This may be required only if You use Postback at Content Lockers or if You placed {subid} tag in the Offer URLs in MCL

Another way for a CPA Network to discover You use Content Lockers is by looking at Your stats and notice You send traffic with Subids with a repeated similar pattern. Or You are doing that just for particular part of Your traffic, while the rest is having no Subids or completely differently looking Subids, so they will ask You what is the source of those similar pattern Subids..

You may find it good to send traffic to Your offers from your regular websites using Subids made in MCL's style. That way all Your traffic will have same looking Subids and will not draw attention or raise a red flag.

To be on the safe side if You don't use Postback do not add {subid} tag in the Offers URLs in MCL, as Subids are only required when using Postback.

MCL uses a PHP function to generate random Subids for the offers, 20 characters in length, containing letters and numbers only.

Here's the exact PHP function used:
Code: Select all
// Usage example: $subid=gen_uid();

function gen_uid($len=20)
{
return substr(str_replace('.','',uniqid(rand(),true)),0,$len);
}


You can use that function in Your own applications and custom scripts.

Here's a ready script to use for automatically inserting Subid in the offer URL and redirecting to the offer. You can use the script on your websites to send traffic to the offers!

1. This is the script code:

Code: Select all
<?php
$offer_url=trim($_SERVER['QUERY_STRING']);

if(!empty($offer_url))
{
$offer_url=str_ireplace('{subid}',gen_uid(),$offer_url);
header('Location: '.$offer_url);
exit;
}

function gen_uid($len=20)
{
return substr(str_replace('.','',uniqid(rand(),true)),0,$len);
}
?>


2. Copy the script code found above, open up Your favorite editor and paste the code into it. Save the file with some name with a .php extention. For the purpose of this tutorial lets name it click.php

3. Upload the click.php file to any of your websites that supports PHP. For the purpose of this tutorial, lets assume You uploaded it to:
Code: Select all
http://www.yourdomain.com/click.php


4. For the purpose of this tutorial lets assume an Offer URL looks like this:
Code: Select all
http://www.offerdomain.com/offer.php?oid=1234&pid=1234&sid=AAA


In that Offer URL the sid=AAA part is the Subid part. Replace it to be like sid={subid}, so the Offer URL now looks like this:
Code: Select all
http://www.offerdomain.com/offer.php?oid=1234&pid=1234&sid={subid}


5. At any of your websites where You wish to place a link to that offer You, You make it pass through the script, so You place Your link like this:
Code: Select all
http://www.yourdomain.com/click.php?http://www.offerdomain.com/offer.php?oid=1234&pid=1234&sid={subid}


Now when someone clicks that link the click.php script will replace the {subid} tag with a randomly generated Subid in MCL's style and send the visitor to the Offer URL

So, basically what You need to do when using the script with various offers from different CPA Networks is to properly locate the Subid part in the original Offer URL and modify it by adding {subid} tag in it.

This way all Your traffic from all Your websites/sources will contain same looking Subids and won't draw any attention.

When someone from a CPA Network arrives at any of Your websites and clicks on a Offer banner or link, he will arrive at the Offer URL with a random Subid looking in MCL's style, so he won't get suspicious..

However, if for some reason someone from a CPA Network ever asks you why You have Subids for all your traffic or why your links on your sites go through that click.php script You can tell him anything you like.. for example, that You use that script to personally count the clicks going to the offers.. or to be able to track more detailed stats about your offer clicks and etc.. and etc.. just be creative!

Thats all for this technique..
Image

Indexification.com

Site Admin
User avatar
Posts: 310
Joined: Mon Jan 21, 2013 8:43 pm
Location: InnoCoders.com

REFERER FAKING

Postby innozemec » Tue Apr 23, 2013 9:59 pm

REFERER FAKING


The idea behind Referer Faking technique is that You send out traffic from Your Content Lockers to the Offers by completely hiding Your Content Lockers as source of the traffic, and faking it as if the clicks come from another website.

For applying this technique You need to have (or set up new) website that contains offer Ads and looks completely whitehat so whenever someone from a CPA Network visits and inspects it, it won't bring out any doubts and questions.

So, for implementing this technique the following steps are required as there's no direct and easy way to accomplish that!

1. You need to have completely whitehat and legit website or page on which you advertise the Offers You are going to promote through Your Content Lockers. You need to make the website look absolutely legit, so it won't raise any doubts or questions when someone from a CPA Network arrives to inspect it. You are going to use that website/page as Fake Referer

If you are using Postback unlocking at Your Content Lockers, it is highly advisable to apply the following additional techniques on the whitehat site:

MASKING YOUR MCL POSTBACK URL

GENERATING SUBIDS MCL'S STYLE

If You are using Time unlocking at Your Content Lockers, make sure You don't have {subid} tag in the Offers URL in MCL! If at the whitehat site You are using some kind of Subids tracking in the Offer links, make sure to add the same Subids to the Offers URL in MCL as well! That will make the clicks from the Content Lockers look the same as from the whitehat site!


2. The following PHP script code is doing the actual Referer faking.

Code: Select all
<?php
if(getenv('REQUEST_METHOD')=='POST' and isset($_POST['offerurl']))
{
$offer_url=trim($_POST['offerurl']);
$queryvars=array();

$tmp=parse_url($offer_url);

if(isset($tmp['query']))
 parse_str($tmp['query'],$queryvars);

if($offer_url)
{
echo '<!DOCTYPE html>
<html>
<head>
<meta name="robots" content="noindex, nofollow" />
</head>
<body>
<form method="GET" action="'.$offer_url.'">';

if(count($queryvars))
{
foreach($queryvars as $name=>$value)
 echo '<input type="hidden" name="'.$name.'" value="'.$value.'" />';
}

echo '</form>
<script>
window.document.forms[0].submit();
</script>
</body>
</html>
';
exit;
}
}
?>


You need to insert this PHP script code to the very top of Your whitehat page, before any other PHP or HTML code. Note that the page should end in .php extension so PHP code can be processed in it!

This script code will be executed only if a POST request method is used to access the whitehat page, as that will hide the fake referring mechanism if someone visits Your whitehat page the regular way in his browser. So, when someone from a CPA Network comes to your whitehat page for inspection he will not see absolutely anything about referer faking!

If You insert the script code for example in the very top of Your header.php file of your Wordpress theme, then all posts, pages, and absolutely any page of your blog can be used as Fake Referer!

For the purpose of this tutorial lets assume You put the script code into this page:

Code: Select all
http://www.mywhitehatdomain.com/legit_looking_whitehat_page.php


3. An intermediary script is necessary which receives two parameters - the Offer URL and the Fake Referer URL

This script is absolutely hidden and noone can see it, as it is just a redirect script, required for the purpose of making a POST request to the real Referer Faking script in order to be able to absolutely mask it.

Here's the script code.

Code: Select all
<?php
isset($_GET['referer']) ? $referer=trim($_GET['referer']) : $referer='';

if($referer)
{
parse_str(trim(getenv('QUERY_STRING')),$tmp);
unset($tmp['referer']);

$offer_url=trim($tmp['url']);
unset($tmp['url']);

if(count($tmp))
{
$temp=http_build_query($tmp);
$offer_url.='&'.urldecode($temp);
}

echo '<!DOCTYPE html>
<html>
<head>
<meta name="robots" content="noindex, nofollow" />
</head>
<body>
<form target="_parent" method="post" action="'.$referer.'">
<input type="hidden" name="offerurl" value="'.$offer_url.'" />
</form>
<script>
window.document.forms[0].submit();
</script>
</body>
</html>
';
}
?>


Simply open Your favorite editor, copy the code from above and paste it in there. Save the file with some name, ending in .php extension!

You can upload this file to any domain You wish! It can be on the MCL installation domain, it can be on your whitehat domain, it can be elsewhere...

As of version 1.4 MCL has this script code located in a file out.php in the main MCL installation directory. You can find its exact URL in MCL admin, in Settings->Phantom Mode, in section Referer Faking Intermediary URL

Here's an example:
http://yourdomain.com/mcl/out.php


So, for the purpose of this example lets say You saved the script code in a file named out.php and uploaded it to a site and its URL address is:
Code: Select all
http://www.somedomain.com/out.php


!!! Note: You can use this intermediary script with multiple Fake refererer whitehat sites. As said above, it is completely hidden and safe to use across many whitehat sites. You will see how little below..


4. So, You already set up everything You need about using the Referer Faking technique, now You simply need to make Your Offers URL in MCL to use the Referer Faking technique

For the purpose of this tutorial, lets assume Your normal Offer URL as you grabbed it from the CPA Network look like this:

Code: Select all
http://www.offerdomain.com/offer.php?oid=1234&pid=1234&sid=AAA


First thing You do, if You are using Postback unlocking at Your Lockers, you properly place the {subid} tag, so Your Offer URL looks like this:

Code: Select all
http://www.offerdomain.com/offer.php?oid=1234&pid=1234&sid={subid}


If You are using Timer unlocking at your Lockers, You remove any Subid definition from the URL, or if your whitehat uses some kind of Subids you simply use those to be the same!

Next You build your URL that You will insert in MCL as Offer URL. It is built by combining the Referer Faking Intermediary URL, Offer URL and Whitehat URL

So it looks like this using our examples from above:

Code: Select all
http://www.somedomain.com/out.php?url=http://www.offerdomain.com/offer.php?oid=1234&pid=1234&sid={subid}&referer=http://www.mywhitehatdomain.com/legit_looking_whitehat_page.php


So, Your Offers URL should look like that when You insert them to MCL to use across Your Lockers.

!!! Note: Referer Blanking option should be turned off when adding the Offer !!!

!!! Note: !!! Do not add/rewrite all Your offer URLs in the new way at once. First add 1-2 offers and go click on them at Your Locker to see if all works fine! At certain server setups the mod_security Apache module can cause problems, because it might not allow links like the example above - URLs to be contained within the URL query. So, when you click on a offer at Your content Locker or simply visit the link in your browser, if you don't arrive at the Offer page, but you get some Apache Error page saying "500 internal server error" , "403 Access Denied" or something like that you have a problem! Your options are - contact your host support to whitelist your domain where the out.php script is so that URLs can be contained in the URL query, or simply move the out.php script to another domain on another server where it will work.

If You wish to test if the Referer Faking works, We have set up a script that will show the Referer. It is located at:
Code: Select all
http://www.innocoders.com/products/mcl/reftest.php


So, once You setup your whitehat site and the intermediary sript, you can replace Your offer URL with our Referer test script like this:

Code: Select all
http://www.somedomain.com/out.php?url=http://www.innocoders.com/products/mcl/reftest.php&referer=http://www.mywhitehatdomain.com/legit_looking_whitehat_page.php


Either visit it from the Address bar of your browser, or add it as Offer in MCL and click on it at a Locker..



Well, thats all. The big work here is to create your whitehat page and setup the 2 scripts once. As of then everything is easy, as you need just to rewrite your Offers URL addresses.

Depending on the traffic and leads You send to your CPA Network, you may wish to create several different whitehat pages and make Your offers at random to use different whitehat pages as fake referer.

Well, thats all about this technique!
Image

Site Admin
User avatar
Posts: 310
Joined: Mon Jan 21, 2013 8:43 pm
Location: InnoCoders.com

PROPERLY UTILIZING CONVERSION CAPS TO STAY UNDER THE RADAR

Postby innozemec » Tue Apr 23, 2013 10:00 pm

PROPERLY UTILIZING CONVERSION CAPS TO STAY UNDER THE RADAR


As of v1.4 MCL provides You the unique ability to apply Conversion Caps that work absolutely automatic and keep Your offer conversions under the radar!

High paying offers are heavily monitored by the CPA Networks and people that send much leads to those offers are again constantly monitored! For that reason to stay under the radar You may wish to limit the number of leads You send to such offers for certain amount of time.

Thats exactly what the Conversion Caps in MCL do! They simply let You automatically control how many leads to be send to your offers for specified interval of time!

Conversion Caps can be found in MCL admin in Settings->Conversion Caps

Once You go there, You will see You have two options for applying caps - Clicks Caps and Completions Caps

Use the Completions Caps option only if You use Postback Unlock method at Your Lockers as this method works based on the Completions recorded for the offers!

Use the Clicks Caps option if You use Timer Unlock method at Your Lockers as MCL can't track Offer Completions that way. Alternatively You can use this option if You simply want to limit the clicks to each offer!
Image

Return to Knowledge Base (Read Only)

Who is online

Users browsing this forum: No registered users and 1 guest

Mighty Content Locker