Send Us Your Message

Comments or questions are welcome.

* indicates required field

How To Block Fake Traffic In PHP

by / Tuesday, 08 December 2015 / Published in Blog Post, Developers, Masudul, traffic to your website
How To Block Fake Traffic In PHP

This blog post is very unusual for usual Internet Marketers. But if you are an online marketer with your own product or website then you must need to share this with your IT team. You need guaranteed website traffic to increase sales volume. Without targeted website traffic you will end up losing energy and money in the business. You are looking at ways of how to increase website traffic but little you know that, you could be a victim of web traffic generators. Visitors from autosurf websites are killing your web ranking. If you have an adSense account then google may ban your website.

I used to be a website developer with a Computer Science and Engineering (CSE) Degree. Although I have developed several web applications using .NET but php was/is my cup of tea. I never wanted a 9 to 5 job to trade my own time for living. An Engineering Degree made me smart enough to focus on building businesses online to earn Passive Income. In fact, doing a regular job (always a monthly fixed amount) is just only a way to make money for living. You can live an OKAY life but you will never get financial freedom.

Let’s get into the topic

How to block fake traffic in php

There is no definite solution for this problem. A robot can do everything that a human can. You can just make the job harder for it so that only a skilled programmer can by-pass it. I was crawling several websites from last few weeks. By doing that I have learned different methods to protect my blog from fake website traffic generators. One of them is below. You may try it for your website.

Session Per IP

As an example, 50 people from the same shared connection can not get simultaneously on your website. This case lock your pages until a Captcha is filled.
Create two tables : One for saving banned ips and another to save ip and sessions

create table if not exists sessions_per_ip (
  ip int unsigned,
  session_id varchar(32),
  creation timestamp default current_timestamp,
  primary key(ip, session_id)

create table if not exists banned_ips (
  ip int unsigned,
  creation timestamp default current_timestamp,
  primary key(ip)

Now write the script below…



    // Some configuration (small values for demo)
    $max_sessions = 5; // Allow simultaneously 5 sessions per ip
    $check_duration = 30; // 30 secs max lifetime of an ip on the sessions_per_ip table
    $lock_duration = 60; // time to lock your website for this ip if max_sessions is reached

    // Mysql connection
    $dbh = new PDO("mysql:host={$host};dbname={$base}", $user, $password);

    // Delete old entries in tables
    $query = "delete from sessions_per_ip where timestampdiff(second, creation, now()) > {$check_duration}";

    $query = "delete from banned_ips where timestampdiff(second, creation, now()) > {$lock_duration}";

    // Get useful info attached to your user...
    $ip = ip2long($_SERVER['REMOTE_ADDR']);
    $session_id = session_id();

    // Check if IP is already banned
    $banned = false;
    $count = $dbh->query("select count(*) from banned_ips where ip = '{$ip}'")->fetchColumn();
    if ($count > 0)
        $banned = true;
        // Count entries in our db for this ip
        $query = "select count(*)  from sessions_per_ip where ip = '{$ip}'";
        $count = $dbh->query($query)->fetchColumn();
        if ($count >= $max_sessions)
            // Lock website for this ip
            $query = "insert ignore into banned_ips ( ip ) values ( '{$ip}' )";
            $banned = true;

        // Insert a new entry on our db if user's session is not already recorded
        $query = "insert ignore into sessions_per_ip ( ip, session_id ) values ('{$ip}', '{$session_id}')";

    // At this point you have a $banned if your user is banned or not.
    // The following code will allow you to test it...

    // We do not display anything now because you'll play with sessions :
    // to make the demo more readable I prefer going step by step like
    // this.

    // Displays your current sessions
    echo "Your current sessions keys are : <br/>";
    $query = "select session_id from sessions_per_ip where ip = '{$ip}'";
    foreach ($dbh->query($query) as $row) {
        echo "{$row['session_id']}<br/>";

    // Display and handle a way to create new sessions
    echo str_repeat('<br/>', 2);
    echo '<a href="' . basename(__FILE__) . '?new=1">Create a new session / reload</a>';
    if (isset($_GET['new']))
        header("Location: " . basename(__FILE__));

    // Display if you're banned or not
    echo str_repeat('<br/>', 2);
    if ($banned)
        echo '<span style="color:red;">You are banned: wait 60secs to be unbanned... a captcha must be more friendly of course!</span>';
        echo '<br/>';
        echo '<img src="" />';
        echo '<span style="color:blue;">You are not banned!</span>';
        echo '<br/>';
        echo '<img src="" />';
catch (PDOException $e)
    /*echo*/ $e->getMessage();


Here what’s going on with above php script
# You are deleting too old entries from both tables at the beginning of your scrip
# Check the IP address of your user to learn if banned or not (set a flag to true)
# If not then count how many sessions for their IP
# Too many sessions? Add it in your banned table and set the flag.
# Add their IP on the sessions_per_ip table if it has not been added already

Courtesy credit to

Be the smartest to fool even the skilled programmers

The above code works really fine but when I discovered some websites like, I literally woke up from asleep. Pretty simple application. Here how it works

1. Submit Website
2. Watch others’ websites (Tricky part: I am explaining later)
3. They will watch yours

When you have different sessions and different IPs to visit your website automatically (without needing a human) then you can do very little things for your protection. You are hopeless when it comes to application like hitleap. You can block the URLs but in reality there are thousands of web applications like hitleap. So manually blocking the URLs will not work.

Here is one smart algorithm you can use to protect it. In your landing page use the above script but use a ‘POST’ $_SERVER[‘REQUEST_METHOD’] instead of ‘GET’.

To achieve it, use a hidden html form in your landing page with a button. The button will ultimately take the real visitors into your desire web page. When the visitor click the button only then count the visitor for your website. By applying this method you can easily fool the application like hitleap. Although there is a drawback but you have to compromise it if you need quality visitors in your website. The drawback is, not every real visitor will click the button. You can achieve a maximum level of conversion if you keep experimenting your landing page.

I am quite sure the above idea will help a lot of programmers to block visitors from autosurf and for online business owners this could be an eye opener.

Every now and then we buy traffic from agencies. Make sure you are not ending up receiving fake visitors. It is common question “how to increase web traffic” but to achieve it, to get more viewers do not waste your time, energy and money to false promise.

Share your thoughts!

LIKE WHAT YOU’VE READ? If so, please join our team. Come and hangout with over 3,129 Internet Marketers. Team members receive exclusive weekly live training and online business tips!

Let us know in the comment below…
# Does the topic how to increase traffic bother you?
# Do you have your own website or blog?
# Have you ever end up receiving fake website visitors?
…let us know!

Want to share this article on your blog?

Copy and pest the below code in anywhere on your blog or website and get a back-link to improve Search Engine Ranking.

<a href="" target="_blank">How To Block Fake Traffic In PHP from RevShare With Us blog</a>

One Response to “How To Block Fake Traffic In PHP”

  1. Sazia Afrin Eva says : Reply


Leave a Reply

Sign up to our newsletter!

TOP css.php