HTTP request header: Origin

Maybe someone in this understood before me?

The goal is at the server level to distinguish clicks on a href, made by living people, from ajax and other tricky queries made by bots, spiders, or custom scripts in browsers.

Is it possible in General to assume that the presence of the Origin header is sufficient reason to believe the request is not exactly meets the criterion of "normal click on a normal link"?

The task is to monitor and prevent click-fraud banners.
October 8th 19 at 02:49
5 answers
October 8th 19 at 02:51
> Is it possible in General to assume that the presence of the Origin header is sufficient reason to believe the request is not exactly meets the criterion of "normal click on a normal link"?

No, you cannot. Bots doing exactly the same headers.

Dig in the direction of statistical analysis of a population of queries.
*flood of requests - Peyton9 commented on October 8th 19 at 02:54
I understand that a bot is smart enough to competently pretending to be a man.

The question is not "the traffic without origin — chitsy", and "the traffic in origin — dirty". - savanna.Kilback commented on October 8th 19 at 02:57
October 8th 19 at 02:53
To distinguish bots from humans can be used (as you have vaguely described the details of the tasks, write all at once): check support Cookie, Expires, Last-Modified, check support HTTPS, you can verify and correct execution of the JS/Flash-code, validation of the user-agents and the supported features, check download static resources, verification of information about local network interfaces using a Java applet, behavioral analysis (analysis of the recorded user actions: for example, the user must move the mouse or pointer focus to the link before clicking on it), statistical analysis (identification of trends), analysis of sources of requests (e.g., requests from China to the Russian site; requests the Ip from spam lists; requests with IP data centers; requests from computers with open ports, proxies) matching the customer information with the query parameters (for example, JavaScript visible Russian locale and Moscow time zone on the client, and a request comes in from a Chinese IP with a German locale setting in the headers = proxy + means the substitution of headers).

To prevent bypass of the system should periodically change the analyzed factors (to bots, adapted to the old set of factors gave himself).

The smart system takes into account all these factors, accumulating and analyzing them in accordance with the rule set. It is unlikely you will manage to do the same amount of work, what does such a command of Yandex advertising. But even such a system, I think, at desire it is possible to get around, if you understand how it works. And if for example to bring the case to a man like egorinsk and give him a lot of money.

Your proposed method is primitive and costs a few lines of code.
October 8th 19 at 02:55
it is naive to assume the presence / absence of the origin header a symptom of at least what.
October 8th 19 at 02:57
Assemble/build the statistics of clicks marked man/probably a bot... build a sign: write — clique, attributes — parameters of clicks (resource, time since the beginning of the session, with the previous clique, the presence of headers,..)

Then connect the mathematical apparatus for the analysis of the plate (can the neural network to train based on it).
October 8th 19 at 02:59
tokens can significantly complicate the lives of bots

Find more questions by tags BotsAJAXComputer networks