Step-By-Step: How To Bot Test Your Campaign

Bots. We hates them, my Precious, we hates them forever.

If you’re not aware: almost all display traffic is plagued with bots, computer programs designed to click on your ads, pretend to be human, and get publishers more money by fraudulently inflating traffic figures.

For us, they’re a nightmare: we end up spending cash on worthless traffic. And some placements are 100% bot traffic – meaning you can optimise your campaign all you like, it’ll never convert.

But there are ways to spot them before you spend significant money. Here’s a guide to a simple bot detection technique, which allows you to detect bots by their click-through patterns.

That means you can eliminate very high bot placements before they cost you money.

What You’ll Need

  • A campaign that you want to test for bot traffic.You’ll also ideally need:
  • A tracker that can run more than one lander in a sequence in a campaign. FunnelFlux and Thrive can do this, and I think the latest version of Prosper may be able to as well.If you’re running a tracker that can’t handle a 2-step lander sequence, you can get around it by creating two campaigns. See below.

Step By Step

Step 1: Create The Bot Trap

Create a new HTML page from the following code:

<script type='text/javascript'>
function redir(){
<body onload="setTimeout(redir, 300);">

Replace “YOURTRACKERURL” with the CTA URL from your tracker that you’d normally use on a landing page.

Upload this page to your server and set it up in your tracker as a landing page.

Step 2: Add It To Your Campaign

Add this lander as the first step in whatever campaign you want to test.

For FunnelFlux, for example, you’d add it as the first node, with Action 1 from this bot detection lander linking to the “real” lander you’re using.

If you’re using a tracker that can’t run multiple lander steps in a campaign, create a new campaign with your bot detection lander as the landing page, and your “real” campaign as the offer page. Make sure to pass all tokens along appropriately so you don’t lose data!

Test your campaign link. It should send you to your “real” lander as usual, with a very small pause before that happens.

Make sure that you’re capturing placements in your tracker: you’ll need those to tell what’s bot traffic.

Step 3: Run Some Traffic

Set your campaign live on your chosen traffic source. Now watch your stats closely.

Unlike most AM techniques, this one should give you results very quickly if you’re getting significant traffic.

Watch your stats on a per-placement basis. You can determine whether a placement has bot traffic by watching what percentage of the traffic makes it past your bot detection lander. The CTR of the bot detection lander is equal to the percentage of that traffic which is not a bot

If your bot detection lander has a CTR of 0% for a particular placement, after a statistically significant number of clicks onto the bot detection lander (30-50 should do it), then all of that traffic is bot traffic. Block it immediately.

If it has a CTR of 100%, then all that traffic is probably human. That’s a good placement at least from a bot point of view.

Between those numbers, use a judgement call. If it’s 50% bots, just assume that the true price of that placement is doubled, because half the traffic’s fake. That doesn’t mean you can’t make it profitable, though!

I’d usually drop any placement with 80% or more bot traffic.

How This Works

Crude bots have two telltale flaws.

Firstly, they generally aren’t running a Javascript engine, just a simple HTML engine. That means they won’t get redirected by the Javascript code here, which otherwise redirects all visitors to your “real” landing page.

And secondly, they often close the page right after clicking through the ad. This page waits 300ms before redirecting the visitor. That’s faster than the average human reaction speed, so anything closing the page on the redirect probably isn’t human.

This detection method is crude, and far from foolproof. Some bots can interpret Javascript, and some will mimic human behaviour – this won’t catch them. But a lot of clickbots are really simple, and this will definitely catch them out.

I’ve never seen this technique catch human traffic by accident as a false positive, but it’s always a possibility. Let me know if you have that problem.

Ways To Extend

If you want to add in additional bot-capturing, here are a few ideas:

  • Add an invisible, clickable link, either in your main lander or the bot-catching lander. I’d recommend a link that’s almost but not quite the same color as the background – #fefefe if your background is white, for example. Anything that clicks through that is probably a bot. That’ll catch Javascript-capable bots too.
  • Have your lander redirect anyone who stays on it for 1 minute or more to a second URL. Very few humans will stay on your lander for a minute, so anything redirected is probably a bot. This is a somewhat more imprecise test.
  • Check your carrier logs too. If you’re getting traffic from Amazon, Digital Ocean or another hosting company, that’s probably not human.
  • More ideas for bot detection can be found. I particularly like, and must test, the one about tracking mouse X and Y coordinates.
  • There are various bot-detection services out there if you want to get really serious about your bot prevention. I’ve heard good things about although I’ve not used them myself.

I hope that was helpful! If you’re confused, have questions, or would like to suggest additional bot-detection techniques, let me know below!

This entry was posted in compaigns. Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *

Time limit is exhausted. Please reload CAPTCHA.