Diferent types of cloaking

Remember that cloaking is to hide change dynamically the web content for human user and robots, so you can show an HTML content to a bot and images or flash content to humans, we talk about in this post.

There are different types of cloaking

  • User.agent cloaking

    web sites that use this technique, identify the visit by the user agent field in the HTTP request, for example, you can identify a human visitor is you can see user browser information, bot's don't use internet browsers :-), with that easy php code you can identify the information of the user agent
    <?php
    echo $_SERVER['HTTP_USER_AGENT'];
    ?>
    • To identify a bot, you must use a code like this:

      if ( strstr( strtolower( $_SERVER['HTTP_USER_AGENT'] ), 'googlebot') )
          {
          // code to execute for bot's
          }

    Examples to use, remember that google checks will penalty you if they detect it.
    - Change image content to HTML content.
    - Redirect bots or humans to a different  pages.
    - etc...

  • IP based cloaking

    This different technique of cloaking is quick similar to the user agent but rather than check is the visitor is human or search engine bot, you can read the IP of your visit and change the behavior of your site, to detect the IP of your visitor in php you can use the next script:

    <?php 
    $ip = $_SERVER['REMOTE_ADDR'];
    ?>
    or
    <?php 
    $ip =  or $_SERVER['REMOTE_HOST']
    ?>

        Examples to use, this is not so bad as user-agent.
        - This is more common for geolocate sites, you can redirect your visitor to the correct language if   
           you can geo locate his IP.
        - You can apply IP filtering for develop testers, while you are developing a web site, maybe you    
           would like to avoid some controls in the ip that you are using.
        - You can identify the IP of your visit, search in your user database if is a returning visitor and you
           can show additional information based of the last visit information...
  • HTTP language header cloaking,

You can get this information using JavaScript or PHP, it is a property of the user loaded document, but not of its parent.

JavaScript example:

<script type='text/javascript'>
document.write(document.referrer);
</script>

PHP example:

<?php echo $_SERVER["HTTP_REFERER"]; ?>


        Other code  Example:

        <?php
            $langu = substr($_SERVER['HTTP_ACCEPT_LANGUAGE'], 0, 2);
            $acceptLang = ['de', 'es', 'en']; 
            $langu = in_array($langu, $acceptLang) ? $langu : 'jp';
            require_once "index{$langu }.php"; 
        ?>

        This header is a trick to use when while using the server has any option to determine the language         trough another way, like using specific URL and/or IP, that is chosen by an explicit decision of                 the user.

              • JavaScript cloaking

                It's not very different from that last examples explained before, remember that JavaScript is used as a client side, so after the server send all the http request and display the html to the user, you can apply there any JavaScript routines to  manipulate the content based on how your human visitor do in the website.

                For example you can redirect the user reading the client information using javascript, there you have more options but you are more vulnerable if the user have javascript block or hacks.
              <A HREF="YourAffiliateSiteUrl" onMouseOver="func_changeurl('v_code'); return true" onMouseOut="window.status=' '; return true">Link Title</a>
                      Whit that code, you can change your affiliates links once your human visitor click on it, you can do         the same using php and it's better and secure.



              Etiquetas: