Featured Money Maker Of The Month:
Learn the techniques I used to make over $4,000,000 in affiliate commissions! Check out my Free Affiliate Marketing Guide and learn the "how to" for Facebook Ads, PPC Affiliate Marketing, PPV / CPV Affiliate Marketing, And Media Buying!
I had to post this because it's bugging me.
I've had a couple people comment (in reference to the original post) about how there is this great guide here or there about how to encrypt their keywords before sending them to the affiliate network SUB-ID.
Can I share a big huge secret with all of you?
Every guide I've seen doesn't do a bit of good at hiding your keywords.
Do you want to know why?
Think about how headers work in PHP and you'll realize that affiliate networks can still see your keywords used! Think about it for a second... Unless you add 1 vital step, your efforts are a waste.
This post isn't for most affiliates, just those encrypt their keywords and think they're safe. 
Jonathan is alluding to a META refresh, which nulls the referrer string (a header that is maintained by standard 30x redirects).
you can modify the referrer in php. no need to do a meta refresh.
iva, can you show me some working code of that. I’m pretty sure that is impossible.
You can just make an excel spread sheet and associate each keyword to a number then use the number as your subid
“You can just make an excel spread sheet and associate each keyword to a number then use the number as your subid”
nope, that won’t make a difference if you don’t have a landing page or at least a redirect page in between as they can still get your header info easily.
I think Tob is right. Merchants cannot see beyond the last referrer. But if your referrer is mylandingpage.com/?OVKEY=mykeyword, it doesn’t take much to figure out what the keyword is. So meta-redirect.
Iva – I know how to change the referrer when using something like Snoopy, but PHP cannot change the referrer of the user’s browser, unless you know a super-secret trick that I’ve never heard of before.
You dont need to meta redirect. You can do it with php much faster. Just takes a bit of searching how.
There’s a few ways of accomplishing this:
1) meta redirect as mentioned above
2) javascript redirect
3) https header redirect in php. ‘referer’s are not passed from https (SSL) urls
Gee, this would be a great article if Jonathon would actually provide a solution to this problem.
[...] there’s been some talk recently in some blogs on the interwebs regarding cloaking/masking/hiding HTTP REFERERs to protect your traffic [...]
adwordsaddict: I don’t wanna spam Jonathan’s comments but I posted a bit more details from my findings on my personal blog…
You could some how encrypt your keywords but honestly there’s no reason. Just as the tracking code I wrote the tutorial on my site takes it out the the url totally and replaces it with a number being passed so there’s no “encrypted url” there just a number.
As far as a referer. I don’t know how much you know about headers and how many tests you’ve actually ran but I’m sure it pales in comparison to myself and the group of people I know. I wrote a system to test the different redirects out there and the only ones that don’t pass referers consistently are https and meta’s. Javascript and header() will pass the referers. Https is an issue because of the warnings IE throws up so it’s next to useless. Meta’s are the ONLY way to go. I suggest doing a double refresh or waiting 2 seconds if you want to be 100% sure it’s gone. I detail all this in my PPC tracking script on my blog.
As far as you guys saying you can set the referer you don’t know what you’re talking about and need to go back to school. You can only set the referer of the requests your script makes such as requesting a webpage. You can not set the referer header in a users browser. Unless there’s some Javascript hole I don’t know about.
Mr. Volk please don’t write about things you haven’t tested because they’re just not true.
Well put smaxor.
I think there is only a small group of people that actually know how to manipulate the referrer header (myself included) and it is not safe in the hands of a newb.
Why can’t you just have your link to the offer be another page on your site where you feed the keyword id or encrypted string (whichever way you do it) and then on that page, it redirects to the offer page with the encrypted keyword appended to the query string? Does the referer header keep the original url even though you redirect from another page?