People replacing your Affiliate IDs with their own?

[turbolapp]

I've heard this mentioned here and there. I don't really understand what/how this happens? Will someone please explain in depth? and has this happened to you and what did you do?

 

[Spades]

You may be referring to cookie stuffing ... the most commonly used method is a 1x1 iframe with the site owners aff url in it. When the url is loaded (not visible to the visitor) the cookie is set with their aff id, thus, they receive credit for any actions taken by the visitor for however long the cookie lasts (most expire in 30 days.)

On the other hand, you may be talking about all the spyware progs out there that actually modify the most common cookies (ebay for example) and swap the existing aff id with the spyware companies id.

 

[turbolapp]

I'm talking about one affiliate out to get another one. Lets say a competitor gets nasty. Can they take your website and some how replace your affiliate link with theirs? Or am I just getting way to parnoid these days?

 

[kingfish]

They would have to have access to your servers to change the source files most likely

 

[Spades]

Without having access to your server either via username/pass or some type of exploit nobody can modify your files and swap affiliate ids.

Paranoias a bitch. :rasta:

 

[nachoninja]

unless they are a l33t hax0r

 

[aim]

Without having access to your server either via username/pass or some type of exploit nobody can modify your files and swap affiliate ids.

Paranoias a bitch. :rasta:

Oh yeah? (l33t hax0rz - figure out what's going on here...)

 

[BigWill]

spyware

 

[7figures]

Shady toolbars can and do swap out affiliates codes. Other spyware like Zango will pop up their own landing page on top of your own.

 

[mberman84]

people do it all the time. cookie stuffing is probably the worst. but other than that spyware is the only way

 

[bb_wolfe]

They would have to have access to your servers to change the source files most likely

50% correct.

If you're using any open source software, make sure to keep up to date with patches, same thing with servers.

Google 'SQL Injection' and 'phpbb' to find out some fun ways to exploit poorly scrubbed forms on websites.

Gaining access to a physical box isn't so much important as gaining access to teh database behind the software.