Login · Register
Home About Blog

About Cloaking Referers

Cloaking referers in the sense on how we; ppc affiliates using them is to cloak/spoof/hide the incoming referering traffic to the networks we work with. In other words, as affiliates if you cloak your referer, you can hide from the network where your traffic is coming from. The reason you would want to do this is because if you do not cloak your incoming referers the network with whom you work with will know where all of your traffic is coming from.

If they know where all of your traffic is coming from, they will see the keywords your bidding on and the text advertisements you have written, they will also be able to see the landing pages your using. In other words, if you do not cloak your incoming referers the networks you work with will know everything about your campaign. This is a bad thing.

As affiliates we are getting paid to promote other peoples' products and services, if we reveal to them everything we are doing to generate traffic they no longer need us. In that they can simply shut us down and then start bidding on the keywords themselves, they can copy your landing pages and use them for their own needs because if you do not cloak your referers they will see everything your doing. Keep in mind that most networks promote their own offers internally, so if they see all your keywords don't be surprised if they start bidding on them theirselves. They too can make money off promoting offers via ppc, and this is why you want to cloak your referers, you don't want them to know where your traffic is coming from, just like you don't want other affiliates to know your keywords, likewise you don't want the network with whom you work with to have all of your keywords. So that is why we cloak, and I'm going to show how to do it here.

How Does Cloaking Referers Work

So know you know alittle bit about why we cloak our referers, let me share with you how it works. So again, basically whenever someone clicks on a link to another website for instance, that website which receives the new visitor can find out by using some PHP code, or some other type of code, where that visitor came from. So if you click through a link on our website to google.com for instance, google.com automatically can find that you came from Prosper202.com, they do this by checking your browser's http referer information. In other words, google.com can check where their visitors come from, so in order to difuse this we need to make it look like we came from a different website!

So this is how it works, now instead of clicking through a link straight to google you clicked on a link to example.com/redirect.php, and then on example.com/redirect.php it redirected to you google.com. Now what happens is google thinks you came from example.com/redirect.php, because that was the last landing page you landed on before goign to google. See we cloaked the referer, they can no longer tell you came from Prosper202.com, because you clicked on a link to example.com/redirect.php first, and then that page loaded on your browser, it then redirected you to google.com, so when google pulls the referer data it thinks you can from example.com/redirect.php instead of prosper202.com.

Now I know this might seem a little confusing so I will illustrate it below

  • Without Cloaking
  • Prosper202.com » Google.com
  • In the above example, google.com can tell Prosper202.com was the referer
  • With Cloaking
  • Prosper202.com » Example.com/redirect.php » Google.com
  • Notice now, you are going to google.com through example.com/redirect.php, google now thinks that you came from example.com/redirect.php, you have succesfully cloaked this referer. Google.com does not know now that you came from Prosper202.com, it thinks you came from Example.com/redirect.php.

So you see in the above examples, google.com now thinks your visitor came from example.com/redirect.php, bceause that is the last referer the visitor was at before coming to google.com. This is how cloaking the referer works.

How To Set It Up

You now know how cloaking the referers works, basically instead of directly linking to google.com, we link to another page, in this case, example.com/redirect.php instead, which then redirects the visitor to google.com.

So to set it up is quite simple, instead of making your links to google.com, make your links point to a different page that will redirect your visitors to google.com. So for instance, you could now link your visitors to mydomain.com/redirect.php, so then you would want to change all your outbound links to mydomain.com/redirect.php, and then we will redirect out to google.com instead. Below I will show you the code you need to place on mydomain.com/redirect.php to succesfully redirect a visitor out to google.com with cloaking.



    <!-- Replace http://google.com with whatever url you like !-->

        <meta name="robots" content="noindex">
        <meta http-equiv="refresh" content="1; url=http://google.com">
        <form name="form1" id="form1" method="get" action="http://google.com"></form>
        <script type="text/javascript">
        <div style="padding: 30px; text-align: center;">
            You are being automatically redirected to Google.<br/><br/>
            Page Stuck? <a href="http://google.com">Click Here</a>.


Now instead of hyperlinking directly to google.com any more, you change your links to your redirect.php file, which you can name whatever you want, and then it'll redirect the visitor with google.com; with google now unable to see the true referer source! On the google side it will appear as the visitor now came from redirect.php, but they really came from a different page, but because we cloaked the referer, google only sees redirect.php as the referer. You have now cloaked the referer succesfully.

Good Practice: You should always test everything after setting up a cloaked redirect to make sure your visitors go through properly.


  1. Pam on Jun 27, 2008 at 9:54am

    Is this what you're saying?

    mylandingpage --> prosper202tracking --> cloakedreferer.php --> merchant

    Too many redirects? Google QS?

  2. Wes Mahler on Jun 27, 2008 at 10:09am

    It may be Pam, thats generally why we like to switch over to: landing pages instead of using direct links.

    However, in the google QS it states as long as the DISPLAY URL on your ad, matches the final destination URL in your chase the >> merchant's url, we should be fine.

  3. JK Swopes on Jul 09, 2008 at 2:57am

    Hmmm, this is some good information. I had been using link cloaking to cloak my affiliate links, which, in essence creates an html redirect. Do all redirects/cloaking have the same effect? Or do you specifically need to use a php redirect?

  4. Wes Mahler on Jul 09, 2008 at 5:11am

    .html or .php works the same!

    Although be warned if your using Meta-Refresh, or Javascript window.location redirects, as they don't work for IE6, and IE7, in spoofing the referer.

  5. Dayne on Jul 17, 2008 at 8:35pm

    Why not use a php redirect instead? Server side -- no worries about their web clients compatibility.

    <? header("location:http://google.com"); ?>

  6. Wes Mahler on Jul 18, 2008 at 5:57pm

    Hi Dayne,

    Well we aren't just trying to redirect, we are trying to scrub the referer, using a php header redirect doesn't scrub/cloak the referer like we are talking about.

  7. Greg on Aug 14, 2008 at 6:29am

    What's the difference between using the code you provided above and the Cloaking option in Step #3 "Add A Campaign"

  8. Wes Mahler on Aug 14, 2008 at 1:03pm

    Hey Greg,

    The code above is some of the code used when you turn on CLOAKING with T202, so that is an example of how we do it partially.

  9. Wes (MasterlessSamurai.com) on Aug 25, 2008 at 1:44pm


    so basically this was simply for the purpose of explaining cloak referrers right. We really dont need to use the code above since T202 can auto cloak? or did i miss something?

  10. Wes Mahler on Aug 26, 2008 at 3:46am

    Yeah absolutely, it does it for you, more so an explanation.

  11. emily on Sep 28, 2008 at 10:08pm

    it will be obvious to the networks that the traffic is cloaked?

    Is there a way to make it not obvious, or look like it was really coming from a different page?

  12. Steven on Sep 29, 2008 at 4:53pm

    There is but then you would need a custom script for that separately.

  13. Maple on Oct 08, 2008 at 6:59am

    How to make it to redirect immediately, without showing "You are being automatically redirected to Google."

    Nice Job Wes !

  14. Steven on Oct 09, 2008 at 2:15am

    There really isn't a way to make something redirect instantly unless they got mega fast internet, and even then, chances are some loading will occur and it will show in the status bar.

  15. Wes Mahler on Oct 13, 2008 at 12:24pm

    Hey Maple, just go ahead and modify the HTML accordingly if you'd like to remove it or change it.

  16. Mikhail on Oct 22, 2008 at 5:48am

    Hi, Wes

    As I correctly understand from the comments this method only works with Mozilla Firefox?! But you likely know that 85% internet users use Internet Explorer(6 and 7v) and just about 14% - Firefox. So it's bad idea to use the cloaking method you mentioned. It doesn't work with Explorer at all. What's the best method to hide referers, keywords for ALL users? Thanks in advance.

  17. Wes Mahler on Oct 22, 2008 at 5:16pm

    Oh this method works for everything!

    the problem was on IE, that the meta-refreshes didn't block the referrer for all browser, it didn't block it on IE.

    This script should work for them all.

  18. pozeskoze on Feb 10, 2009 at 3:10pm

    hi..a bit old i know but i just installed trackin202 for the first time and just refreshing my memory about cloaking etc.

    so these may be dumb questions but:

    doesnt meta refresh simply clear the referrer so it's blank?i know its not always the case but if its only meta refresh how it gonna pass example.com/redirect.php as a referrer in the first place or there is some js involved or whatever?

    now if it passes the referrer like in your example, my network is going to see example.com/redirect.php as a referrer right? and if they check this site what happens?they are going to be redirected to their own site (because of the meta refresh?) or redirecting simply won't work unless the traffic is coming from specific source(like adwords,facebook etc. )is it how the thing is setup?


    by the way nice project that 202thing.good luck:)

  19. Trevor on Feb 23, 2009 at 11:51pm

    How is cloaking the referrer by setting up a "Landing Page: Outbound PHP Redirect Code:" in step of #6 Get LP Code different from enabling Cloaking "On by Default" in step #3 Aff Campaigns or switching Cloaking "On - Override Campaign Default" in step #7 Get Links?

    Will cloaking referrer with just a php redirect code (#6 Get LP Code) do the same job as enabling Cloaking in step #3 Aff Campaigns/ #7 Get Links?

    My affiliate page is not displaying when I enable cloaking in either (or both) step #3 & step #7. Contacted my hosting, Hostgator, to resolve "Forbidden

    You don't have permission to access /tracking202/redirect/cl2.php on this server." error page, but problem remains unsolved.

    Any help appreciated.

  20. Steven on Feb 24, 2009 at 12:15am

    There are a bunch of forum posts on the hostgator issue if you search the forum. You need to have them turn off mod_security.

  21. Trevor on Feb 24, 2009 at 8:56am

    Thanks Steve. I'll try sorting out mod_security with Hostgator again.

    Can you answer me this though... how is cloaking using "Landing Page: Outbound PHP Redirect Code:" (step #6 Get LP Code) different than enabling Cloaking "On by Default" in step #3 Aff Campaigns or switching Cloaking "On - Override Campaign Default" in step #7 Get Links??

  22. Steven on Feb 24, 2009 at 10:01am

    Hi Trevor,

    I'm not sure where you're seeing a cloaking option in step 6. Everything is base on step 3 and 7. That said, the step 7 link is the PPC to LP link and the LP to offer page is the outbound code. you can translate that however you want but it should all be cloak as long as you have cloaking on from step 3 and 7 enabled.

  23. dave on Mar 16, 2009 at 3:41pm

    I just seem confused with all this. I currently have prosper202 hosted on my server. I already created a tracking link and I have "Cloaking on by Default" set.

    What is the referer my affliliates are currently seeing using that tracking link?

  24. Wes MAhler on Mar 16, 2009 at 8:27pm

    Hi dave, if you have cloaking on by default

    the advertisers will see your p202 domain as the referer, instead of the acutal landing page.

  25. Vito on Mar 17, 2009 at 11:06am

    I understand in some CPA situations why a network might like to know where the traffic is from, but affiliate networks can kiss my ass. That is MY business intelligence. They already have a great deal in that they don't pay you a dime unless you make a sale - the risk is all on the affiliate and they want your metrics too? I don't think so!

    The only thing they need to know is how many sales you made. If you get bullied into anything further you're a dumbass and I should slap you upside the head.

    Moreover, if the affliate managers want to exercise leverage they THINK they have, I will be taking over their market too just for pissing me off.

  26. Aaron on Apr 21, 2009 at 1:36pm

    RIGHT ON VITO! Now thats what im talkin bout brother! You remember back in the good ol days when we could generate 500-1000 cleaned leads daily and bank? We actually ran the industry ourselves! NOW for the past several years its the same (for the most part) jack @$$3$ that are NOW RUNNING or HAVE SOMETHING TO do with the dagblasted Aff network! ARRRRRRG! I cant wait till aff summit in a couple months, I'm going to call out some cavity creeps that are WELLLLLL known mossers, CANT WAIT!!!!!!

    I needed to get that out lol... Take care fellas, God Bless!

    Aaron Young

    Lpgen.com / http://net-deals-online.com/smackdown-plugin/

  27. bob on May 12, 2009 at 9:39pm

    If your 202 domain is hosted on the same IP as your cloaked sites, wouldn't it be easy to look up other sites that share the IP address? If that's the case, is there a way to disguise this?

  28. joshmv on May 20, 2009 at 2:19am

    I think there is bob, but I use shared hosting so my LP's are on the same ip as a ton of other sites which helps to hide it a little bit.

  29. Heron on Jun 21, 2009 at 11:19pm

    bob, if you have whois privacy on your domain, the network can't tell ownership. safest route would be to use 2 dif hosts-- one for the tracker domain, one for the LP.

  30. beeman on Sep 19, 2009 at 3:44am


    To get 100% full proof on cloaking the referrer with "any" browser" can we do this?

    user -->> Domain1 proper202 (with cloaking) -->> Domain2 with php script you mention above -->>> Affiliate network

    Would this thus be a double metare fresh (DMR) and 100% cloak the referer no matter what browser they use?


  31. Xan on Jun 23, 2011 at 3:09pm

    I wonder if the script will work in conjunction of 12script's Power Redirector?

  32. back to college on Jul 12, 2011 at 12:46pm

    Q: I would like to know if I place a classified ad to get traffic to my landing page, and then the visitor click on an image / aff link on my landing page to go to the offer, Will the affiliate company see the visitor coming from my landing page, or from the classified ad 2 hops back? If they can see 2 hops back, then it would be necessary to have my landing page redirect. I'm just not sure if it is necessary or not if you have a landing page in between.

  33. skyline on Jul 15, 2011 at 11:07am

    So you guys saying this works on 99,8% percent without double meta refresh?

    landing page/click > url1 > url2 > offer

  34. J Wilson on Sep 11, 2011 at 1:30am

    I came to this page trying to figure out what the referrer was on my T202 visitors page, I was doing a campaign to seniors and half the referrers were asian porn sites! I thought there was a bug, but this is really useful.

    The above example would be easier to understand if you used Bing as the Referrer, probably be a good idea to use it too as Google would think links came from Bing (lol)!!

  35. Trigger on Sep 28, 2011 at 12:36am

    Hey Wes,

    Great product. I know I am a bit late in the day for this comment but, I guess my question is simply, will the SubID's and Keywords be passed? I already use CPA Redirector 4 to cloak my URL's and hide referrer. So which setup would be correct?

    PPC Campaign > CPA Redirector > Prosper > Merchant


    PPC Campaign > Prosper > CPA Redirector > Merchant?


  36. Ian on Dec 20, 2011 at 4:22pm

    Why will the redirect not work with URL's with a "?" in it?

    For example, it will not redirect to www.google.com?q=test but will instead only redirect to www.google.com


  37. colin jones on May 26, 2012 at 4:17am

    I read somewhere that a .php redirect is a better bet because google can't read a .php file is this correct and doers google like it?

  38. Dejan on Jul 07, 2012 at 3:04am

    I do not really see the point to this cloaking, although I might be wrong. When user clicks on the ad:

    1) ad calls the domain where Prosper202 is hosted, referrer = URL of the page with ad,

    2) Prosper202 than calls merchant's site, referrer = domain where Prosper202 is hosted,

    3) visitor arrives to a merchant's site, but referrer is still the domain where Prosper202 is hosted.

    If above is right, than there is no need for clacking, because merchant will only ever see the domain where Prosper202 was hosted.

    Right or Wrong?

  39. Tushar on Jul 12, 2013 at 9:07am

    If you are using any low speed server to host the prosper script then please dont use this option. It will speed down the redirection.

  40. Aaron on Oct 22, 2013 at 8:38pm

    Hello People,

    Quick question: is the cloaking nessesary when doing a direct linking campaign just using the [[subid]] and not the pixel code stuff?

  41. Teeth Whitening Kits on Mar 03, 2014 at 9:23am

    Just recently started doing PPC. Great info on cloaking. Thanks.

  42. Andy on Aug 24, 2014 at 7:46am


    one question please, if we set "Cloaking: Per Default ON" is this a double meta refresh?


    best regards

  43. quemando y gozando on Sep 14, 2014 at 2:59pm

    Oh this method works for everything!

    the problem was on IE, that the meta-refreshes didn't block the referrer for all browser, it didn't block it on IE.

Leave a Reply

Name (required)

Email (will not be published) (required)


What does 4 + 4 equal? (required spam filter)

Creative Commons License This work (Prosper202, Tracking202 and Export202) is licensed under a
Creative Commons Attribution-Noncommercial-Share Alike 3.0 Unported License.