Landing Page Protection: How To Protect Your Landing Pages


In marketing you need every advantage you can get.

A landing page is one of those advantages.

But after spending hours creating the perfect landing page…

…you see your competitor has already ripped it..

What if a few lines of code could help you protect your hard work?

Post Bonus:  Download Landing Page Protection Code.

Now no landing page can be fully “rip” proof but you can make it a pain to try and steal your work.

Session Redirect

I have used this script quite a bit, to help lock down my landing pages. When a visitor goes to your site this script will set a session cookie then do a quick redirect. The visitor cannot see the key as the session is invisible to them. If they refresh the page they cannot see the landing page and get redirect to the secondary page. This is because when they refresh the key is no longer in the url string and the session gets unset. This also will break spy tools such as Whatrunswhere.

<pre class="brush: plain; collapse: true; light: false; title: ; toolbar: true; notranslate" title="">
<?php

session_start();

$self = "{$_SERVER['PHP_SELF']}?{$_SERVER['QUERY_STRING']}";

if(!empty($_GET['key']) &&  $_GET['key'] == "9288" )  {
    unset($_GET['key']);
    $qs = http_build_query($_GET);
    $self = "{$_SERVER['PHP_SELF']}?{$qs}";
    $_SESSION['key'] = 1;
    header("Location: $self") {.figure-img .img-fluid};
    exit;
} elseif (!isset($_SESSION['key'])) {
    header('Location: https://ppcmode.com');
    exit;
}

session_unset();
    session_destroy();
    session_write_close();
include("lander.php") {.figure-img .img-fluid};

To make the script show the correct page you have to append the url parameter key to the end. So for example https://ppcmode.com?key=9288 The key would be set and the correct landing page would load. The visitor however would only see: https://ppcmode.com in their browser.

Device Check

This script can be duped pretty easy, but it will keep newbs away from your pages. It checks the user agent of the visitor and will only allow the correct devices to load the page. In the below example all mobile devices are allowed to see the page, if a desktop visitor goes to the page however, they’re redirected to ppcmode.com The same thing can be done with redirect rules if you’re using a front-end tracker.

<pre class="brush: plain; collapse: true; light: false; title: ; toolbar: true; notranslate" title="">
<?php

if

function mobile() {
 $userAgent = strtolower($_SERVER['HTTP_USER_AGENT']);
 $accept = strtolower($_SERVER['HTTP_ACCEPT']);
 switch(true){
 case (isset($_SERVER['HTTP_X_WAP_PROFILE']) || isset($_SERVER['HTTP_PROFILE'])):
 return true;
 break;
 case (strpos($userAgent, 'ipad') !== false):
 return true;
 break;
 case (strpos($userAgent, 'ipod') !== false):
 return true;
 break;
 case (strpos($userAgent, 'iphone') !== false):
 return true;
 break;
 case (strpos($userAgent, 'android') !== false || strpos($userAgent, 'adr') !== false):
 return true;
 break;
 case (strpos($userAgent, 'blackberry') !== false || strpos($userAgent, 'playbook') !== false):
 return true;
 break;
 case (stripos($userAgent, 'windows phone') !== false || stripos($userAgent, 'IEMobile') !== false || stripos($userAgent, 'MSIEMobile') !== false || stripos($userAgent, 'Windows Mobile') !== false || stripos($userAgent, 'windows ce') !== false || stripos($userAgent, 'palmsource') !== false || (stripos($userAgent, 'ppc') !== false && stripos($userAgent, 'mac') === false && stripos($userAgent, 'x11') === false)):
 return true;
 break;
 case (isset($_SERVER['HTTP_DEVICE_STOCK_UA']) || isset($_SERVER['HTTP_X_OPERAMINI_PHONE_UA']));
 return true;
 break;
 case (strpos($userAgent, 'opera tablet') !== false || strpos($userAgent, 'opera mobi') !== false || stripos($userAgent, 'opera mini') !== false):
 return true;
 break;
 case (strpos($userAgent, 'opera') !== false):
 if (stripos($userAgent, 'x11') !== false || stripos($userAgent, 'zbov') !== false || isset($_SERVER['HTTP_X_EBO_UA'])) {
 return true;
 break;
 }
 case (strpos($userAgent, 'cfnetwork') !== false):
 return true;
 break;
 case ((strpos($accept,'text/vnd.wap.wml')>0)||(strpos($accept,'application/vnd.wap.xhtml+xml')>0));
 return true;
 break;
 }
}
<?php
} else {
 header( 'Location: https://ppcmode.com?' ) ;?>
 <?php
}
?>

If you’re not using PHP and would like to do the redirects in your .htaccess simply add:

<pre class="brush: plain; collapse: true; light: false; title: ; toolbar: true; notranslate" title="">
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{HTTP_USER_AGENT} "android|blackberry|googlebot-mobile|iemobile|ipad|iphone|ipod|opera mobile|palmos|webos" [NC]
RewriteRule ^$ https://ppcmode.com/mobile [L,R=302]
</IfModule>

Language Detection

Most landing page thieves are smart enough to mask their user agent for devices. They however almost never make their browser language. Because of this we can block anyone with a browser language that doesn’t match where we are running traffic. For example if we were running a campaign in France chances are their browser language would be fr so anyone with a user agent that doesn’t match that, is likely trying to steal your page or wouldn’t convert anyways. *Only use this if you’re really wanting to lock down your pages as you will have some click loss.

<pre class="brush: plain; collapse: true; light: false; title: ; toolbar: true; notranslate" title="">
<?php
$lang = substr($_SERVER['HTTP_ACCEPT_LANGUAGE'], 0, 2);
switch ($lang){
 case "fr":
 include("lander.php") {.figure-img .img-fluid};
 break;

 default:
 include("lander_2.php") {.figure-img .img-fluid};
 break;
}
?>

In the code above anyone with the proper language header would be sent to lander.php while anyone that didn’t would be sent to lander_2.php

Second Chance Back-Button

I’m sure many of you remember this script from my Landing Page Code post. But it is worth another mention. The scripts serves a duel purpose, it allows you to modify where the user goes if they click the back button. Plus makes it hard to see view source when they load your page on desktop. That is because whatever is in the intial.html file is what will show in the browser, which is not the same code as your landing page. So it helps quite a bit for those pesky thieves.

<pre class="brush: plain; collapse: true; light: false; title: ; toolbar: true; notranslate" title="">
<script type="text/javascript">
 window.history.pushState('other.html', 'Other Page', 'other.html');
 window.history.pushState('initial.html', 'Initial Page', 'initial.html');
</script>

<script type="text/javascript">
 window.addEventListener("popstate", function(e) {
    if(document.URL.indexOf("other.php") {.figure-img .img-fluid} >= 0){
    document.location.href = document.location;
    }
 });
</script>

Two files need to be added into the same directory as your landing page:
intial.html
other.html

These files can be named whatever you want just be sure to modify the code above.

In both the intial.html & other.html you need the following code:

<pre class="brush: plain; collapse: true; light: false; title: ; toolbar: true; notranslate" title="">

<meta http-equiv="refresh" content="0;url=http://BACK-BUTTON-OFFER.com" />

Now whenever the visitor clicks the back button they will be redirected to your next offer.

Warning this causes a loop for the user and no matter how much they click the back button they will never be able to leave…

…goes without saying that many traffic sources don’t allow this.

Direct your user to a second chance offer when they hit the back button with this script

Click To Tweet

I hope to hear some success stories with the use of this tricks.

Also, if you ever find a useful piece of code please share it in the comments below.

Every-time I find some useful code I will add it to this post.

When All Else Fails..

Like I mentioned earlier in this post, it’s impossible to stop your pages from being ripped. All of these codes will dramatically cut back on how quickly your creatives are ripped, but once you accept the fact that it’s possible. We can start to battle those who have already stole from us, by “borrowing” some of their traffic.

Take a look at a tool I made: Warden

If you have found another cool way to help protect your pages, please let me know. I’ve tried several scripts and so far these are by far my favorites. I personally have people who steal landing pages and unfortunately have had the majority of my creatives ripped at one time or another.

Blog Comments powered by Disqus.