How To Install Prosper202 On An SSL (HTTPS) Server
As I mentioned in my previous Prosper202 tutorial on the “10 Best Practices To Securing Your Prosper202 Installation“, I would eventually post a tutorial on how to get Prosper202 to play nice with an SSL server once I had finished some more testing.
We’ll I think I’ve figured it out.
Word of Caution: Before attempting any of the steps mentioned below, I HIGHLY recommend you setup a 2nd Prosper202 install from which to test on. Do not do this on a production installation.
Why user Prosper202 with SSL?
Without getting into too much of the “techno-babble”, SSL provides your sessions with encryption. This means that when you login to your Prosper202 account, your login information will be encrypted, instead of being sent to the server in clear text.
Also, you’ll have the sneaky advantage of totally blanking out your referrer, bwahahaha.
By default, Prosper202 can cloak your referrer when the cloaking options are turned on, but this still passes the domain of your Prosper202 install to your CPA network. They won’t see your landing pages of course, but they will still be able to see that all the traffic comes from domain “tracking.xyz.com” for example.
When using cloaking in conjunction with HTTPS tracking links, your referrer will be blanked, and your CPA network won’t have any idea where the traffic is coming from. Stealthly eh?
Here’s what you need to do:
1) Purchase and assign a dedicated SSL cert to your current Prosper202 domain
Some webhosts will provide an SSL cert with your hosting package. If they don’t, you’ll have to contact them directly and purchase one.2) Install Prosper202 on your HTTPS domain
Follow the normal Prosper202 Installation Guide.3) Modify your .htaccess to force the use of https port 443
(may vary depending upon your webhost)Options +FollowSymLinks
RewriteEngine on
RewriteCond %{SERVER_PORT} !^443$4) Modify References of HTTP to HTTPS
The easiest way to change all references to https is use a program like UltraEdit. Using the “Search, Find In Files” feature, you will need to open your local Prosper202 files, do a find and replace of “http://” with “https://”There are simply too many lines that needed to be changed to list every single file and line that you need to modify. Doing a find and replace will work, but you’ll need to modify a few references back to “http”.
References to the Extra Resources links in the sidebar, the footer, images, and the Prosper202 RSS feed will all not work unless you change their URLs back to “http”. Once again, fire up UltraEdit, then do another find and replace of the specific links needing to be changed.
For example, references to Prosper202.com would have been changed to https. To change them back, find and replace “https://prosper202.com” with “http://prosper202.com”. Do the same for references to Worldproxy202, Meetup202, etc. Modify links in the footer in the file “template.php”.
5) Upload and Overwrite Your Modded Prosper Files
Simply upload your changed files over the existing files on your server. If you are currently tracking a large volume of profitable campaigns with Prosper202, I suggest you do all of the recommended steps on a test server first. (downtime can be a bitch)6) Login To Your HTTPS Prosper202 Domain
If everything went as planned, you should be able to login to your newly secured Prosper202 installation (now with SSL encryption). You can verify your server’s SSL cert is working by clicking on the “gold padlock icon” within the status bar in Firefox. (See screenshot)Prosper202 SSL Cert Verification
7) Run a Test Campaign
I’d advise setting up and running a test campaign. Check that all looks normal, and that your sources, keywords, ads, etc are all properly tracking. Note that when generating your tracking links in step 7, you should now see “https://” in front of them.
Install the Firefox plugin “RefControl”
You can use RefControl to watch and/or change the referrer. Play with different settings to verify that links sent through HTTPS are showing “no referrer” in the statusbar. You can also log into your CPA network and see that the referrer is blanked (if they provide this too you).
HTTPS tests in Firefox have worked great. In IE7, the browser warns the user of a certificate error, which I am still looking into. Not sure if this is specific to my machine, or IE7.
But overall everything has worked great so far (besides the IE7 issue)… Please thoroughly test before running live campaigns. I take no responsibility if you break your server!
Questions? Shoot!
- Enjoy and happy cloaking!
Tagged with: cloak referrer • hide referrer • how to hide your referrer • https • prosper202 • prosper202 cloaking • prosper202 https • prosper202 secure server • prosper202 ssl • prosper202 tutorials • prosper202.com • refcontrol • referrer cloaking • ultraedit
Filed under: Blackhat • Prosper202 • Tips & Tricks • Tutorials
Like this post? Subscribe to my RSS feed and get loads more!
Possibly related posts
- Prosper202 Self-Hosted Apps: 10 Best Practices To Securing Your Prosper202 Installation
- How To Prevent Spy Bots From Snooping Around Your PPC Campaigns
- Improving Google Quality Score With Hidden Navigation
- Content Stuffing Your Landing Pages For A Little Extra Google Loving
- Adding New Traffic Source Icons To Prosper202
This is actually a really good idea, bro.
You give caution at the beginning, but it’s obvious you’ve tested this out in a live environment. How has it been working since then, or have you not had much time to test the SSL version out?
Either way, excellent idea!
Weird… my name just came up as Matthew. Ummm, OK? LOL
So far SSL has been working fine on the small tests that I’ve done. I haven’t yet tried a big campaign though. I need to still work out the IE issues, but not sure what can be done.
IE gives the user a warning when leaving an HTTPS site and entering a HTTP site..which of course diverts the traffic until the user intervenes. Not a deal breaker, but could certainly hurt conversions.
(I fixed your name by the way)
– Wes
Hi,
Thanks for the tips. The problem is, when click on the my direct link url to the offer, (ex, https://202.gosli.com/xxxxxx) FF required to confirm the certificate. Will this affect the conversion rates? since the it create more frictions….
-Martin
Martin that will stop all of your redirects, yes did you make sure you have the SSL installed properly?
@Martin: I had this problem with IE, but not with FF. The reason is because you’re going from your https install to non-https (your offer). Double check your certificate and be sure it is verified by a third party like Equifax.
I have a really weird issue. Whenever I add the LP code to the page. I get the following error in IE6
Internet Explorer Cannot open the Internet site http://site.com Operation Aborted
The Satus bar says: Opening Page res://c:\windows\system32\xpsp3res.dll/dnserror.htm…
I tried adding the javascript code without https:// & I took off the htaccess code to use https. I tried editing out the https in static/landing.php
and Im out of ideas what the root cause of the problem is…
Any updates on this in the last couple months? I’m working with an ecommerce site that can only do https. I’m hesistant to install an SSL after reading these problems with IE. I don’t want to mess up my non SSL p202 install.
Well…none that I am aware of. It’s an IE issue, not a Prosper issue. So until IE can work out their ActiveX problems…not sure if there is a solution.
Amazing I would love to speak with you – Can you please email me and let me know more about your sources?
Thanks for the SSL tip.
One issue:
you’re = you are
your = something that belongs to you
“you’re landing pages of course”
“Uhmm, no, I’m not. And neither am I a referrer nor a server.”
fixed. thanks funny guy.
Cool. Not to be nit-picky, but it still says “you’re referrer” (just above the box) and “you’re server” (last paragraph).
haha….improper grammar one of “Steve’s” pet peeves? j/k
I need to proof read more…fxed (really this time)
Haha, yeah I guess it is.
One of my favorite links to send to people (nothing to do with you) is:
http://www.should-have.com/
I’m hoping this mod will be included in a future version of Prosper202. This, along with support for multiple logins, will be great enhancements to p202 and allow it to continue to scale with its user’s success.
Hi thanks to this post I was able to get Prosper202 working fine on https.
After you do the initial global replace of http:// to https:// you also need to make a couple of other changes. Otherwise, when you try and enter a new landing page or new campaign, it won’t let you. These changes are below.
aff_campaigns.php
line 20
if ((substr($_POST['aff_campaign_url'],0,7) != ‘http://’) and (substr($_POST['aff_campaign_url'],0,8) != ‘https://’)){
$error['aff_campaign_url'] .= ‘Your Landing Page URL must start with http:// or https://’;
}
div>admin/theadminpassword123 (Drupal admin account)
landing_pages.php
line 25
if ((substr($_POST['landing_page_url'],0,7) != ‘http://’) and (substr($_POST['landing_page_url'],0,8) != ‘https://’)){
$error['landing_page_url'] .= ‘Your Landing Page URL must start with http:// or https://’;
}
I also had a question! When using https and cloaking together, the referrer is indeed blanked completely. I test this on FF 3.x, Chrome, Safari 4, and IE8. However, the back button still does not work. When you click back, the browser reloads the Tracking202/redirect/off.php page. This is the page that has the redirect so it just redirects again to the offer page.
Is there any way to make the back button functional? I have read that ads get disapproved by the major PPC engines when the user can’t click back properly. Should I worry about this or is there a workaround?
Thanks!
I love your posts! Please write more often if you can
Def some good info here – keep it coming
Hi Wes, If you have already set up a campaign with Adwords with the Link, Can you add SSL https cloaking mid way
under a campaign that’s already running ?
thanks!
the best way to do this without modifying your links in google is to do an .htaccess redirect to the SSL port 443. Just Google “.htaccess SSL” and you should find out how to do it.
Def some good info here – keep it coming
Do the math. ShoeMoney isn’t the only Internet Marketer being wealthy right now. Here’s two good examples of high Cost Per Action earnings: Bira earned $17,273.27 last month with 12,333 leads and 89,762 clicks. Originator earned $882.64 yesterday with 188 leads and 3,117 clicks. I read this blog and I know you’re marketers. Follow my URL link, consider the site, research, consider yourself lucky and sign up.