Using Google analytics I have started noticing some sort of spam/attack/bounce rate manipulation happening with one of my sites. Essentially, there are a large number of daily hits from the same user, searching for the same long tail keyword, that always immediately bounces out of the page. This has been going on for over a month. My question is this: is there any way to track this user/ip and block them from the site, or any other technique that I could use to keep this from affecting my bounce rate and messing with my analytics data?
Given that you tagged your question with Google Analytics, i assume that your question is directed to identifying this false traffic so you can prevent it from contaminating your web metrics--rather than how to actually stop the offending activity. In any event, my question is only directed to the former.
Rather than having to refer to your server activity logs, or adding a node to your production data flow, you can do this solely from within Google Analytics.
From the Analytics Settings Panel, click Filter Manager, then enter a name for this filter in the text box.
The filter field will be Hostname, and once you click this you'll see a textbox in which you enter a pattern for the hostname. so you would enter something like this:
^somedomain.com$
The benefits of this approach is that it will work based on information already made available to you in GA--the Hostname, which is an attribute of every pageview from the suspicious source.
Try blocking the IP with .htaccess http://www.javascriptkit.com/howto/htaccess5.shtml
Related
I'd like to use mturk to have 10 workers visit my website, log in with a test account, and enter some information on their profile. I don't want them to see each other's entries, so each worker should get login information for a different test account when they view the HIT.
This almost looks like what mturk's template feature is for -- I could upload a CSV with the information for each test account. But if I understand correctly, that will make 10 separate HITs, and allow one worker to do all 10 of them. Is there any way to have mturk put information that varies between workers into a single HIT?
Here are the solutions I'm currently aware of:
Use the CLI to automate creation of a bunch of different HITs. This would be a lot of work, and also make approving and retrieving the results cumbersome.
Direct workers to a survey website that's capable of doing what I want, and have them get the login information there.
Dynamically fill in part of the HIT using an AJAX request to an external website and database. That seems like crazy overkill for something so simple.
Are there other options?
Scenario
I am working on a web application assume it www.abc.com which having a profile for all users
www.abc.com/username
and all users have a dashboard for controlling their profiles
Requirement
i have one analytics profile for www.abc.com but my requirement is
a to show stats to all users on their dashboard
can i get this by google analytics API
Visits
demographics
all traffic source
and keywords
i have integrated reporting by API on one of my project but that is for the domain . i am not sure for my requirement.
Resource-guru.com, what you can do is to pull all the data with page path dimension included, and then simply filter the results if the username string is found in the page path.
As for the second part of your question - you can get:
visits (metric)
traffic sources as well as keywords (dimensions, but remember (not provided) might make this useless report)
you can NOT get demographics data via API.
Hope this helps.
You can use the API to do this but remember your going to have an issue with the fact that you can only make 10k requests per day per view (profile).
The Demographics report displays age and gender. Those dimensions can be found under the Audience - Dimensions & Metrics Reference
ga:visitorAgeBracket
ga:visitorGender
ga:interestOtherCategory
ga:interestAffinityCategory
Traffic Source is just really just a mix up of ga:sourceMedium , ga:campaign maybe a few others depending on what information you want to display.
You may have issues with Keywords because due to ssl and trying to keep user info private Google has stopped recording this sometimes you get (not provided). But you can get that information from webmaster tools. Its just hard to merge it with your GA data then.
Keyword: The keywords that visitors searched are usually captured in
the case of search engine referrals. This is true for both organic and
paid search. Note, however, that when SSL search is employed, Keyword
will have the value (not provided).
To strengthen the authentication mechanism (web), I would like to log a user fingerprint for every attempt and apply pattern recognition to distinguish malicious attempts. For example if the user always logs in from European computers and there is an attempt made from China, the user is blocked until the user confirms (via email, for example) to allow logins from China.
I have a very, very small knowledge of pattern recognition from a university course. However, I cannot recall enough to start developing this service. What I know is that you should look at these various features:
Browser agent string, resulting in:
Operating system
Browser vendor
IP address, resulting in:
Location
Time stamp of login
Number of (failed) attempts (within session, or total)
You search for patterns and any extraordinary attempt is marked because it does not follow the average pattern. You probably will apply a threshold, so if a user logs in at night or has a new PC, it still works.
There are also a few requirements: first, the check of an attempt must be made real-time. You cannot block access after 2 minutes if the credentials were OK but you found out later on the attempt could have been malicious. Furthermore, all our apps are written in PHP, but PHP is probably too slow for this. I prefer to use Python then, but subsequently there is also a binding to Python required.
So the question is: where to start? What is the best approach to accomplish this? I can log all data in a key storage like Redis or document based like Mongo. How would I design a service which allows to validate a new attempt with certain features against a bulk of known other attempts? And return whether the attempt matches the average within a timely fashion, say 250ms.
What you want to do is called anomaly detection- wikipedia is a good place to start. As a first stab, you might want to try clustering:
you will need a data set. The good news is clustering is unsupervised, so you will not have to mark up a ton of login attempts as regular or malicious.
For a given user, keep a history of their past N logins (big brother warning!) and features of those logins. The features you have listed are a good start, but you can think of more.
apply a clustering algorithm to estimate what the average login is like. For every new attempt you can calculate the distance from the average and decide if it look malicious or not.
As a side not, you can go a long way without learning. My intuition is the location of the login and the number of failed attempts will get you most of the way there. A simple if-else might be good enough.
I have implemented a tableView with a searchBar added to it. I want to call a service when user start typing the search keyword in the search bar. I know that I can call the service in the change event listener that will call the service.
I know that for every change in the search bar it is not good to call a service. So what is the efficient approach of using search bar when the search result is coming from a service call or what we can do to make the search efficient.
For example: the search functionality on Apple's App store
I did something like this for one of my test projects. I would check in my change event that at least 3 characters were entered before I would attempt a look-up. I have no idea why I went with 3, but it seemed like a decent number of characters for filtering my data. I would also set a flag that a network request was in progress. So if they entered 3 characters, you could kick off the search if no look-up was already in progress. If there was a network request in progress, you could setup a wait interval to keep checking if the request came back and kick off an additional request when it is. I would send back short lists of items, which for me was 25 so that my table appeared fast.
Though I didn't do this, you could track the interval of time between characters typed to make sure the user is finished typing. For the best interval you will need to experiment with what is reasonable for an average user. Get some feedback from typically non-power users on this.
I can see a potential issue where you are in the middle of a look-up, but the user is still typing. You might need to track those character updates and perhaps kick off an additional search for the updated character string. You might even check the character search string you sent at the time with the current characters in the input box and choose to abandon the list of look-up items you already received and just do another search.
You might want to show the list of items you did receive just so the user knows the app is working, but immediately send another request for look-up items automatically. A user might eventually start hammering keys and think the app is unresponsive if you don't show something in the table once in a while.
I'm looking for ideas on how to implement some type of fast login scenario for an application that will allow employees to quickly login.
I work with an organization that has employees rotate every 30 minutes to a different location. If there are 3 employees, then the first employee won't come back to the checkout station for an hour. The checkout station is a higher traffic area where different things are borrowed by customers. Right now they have a generic login, but the organization wants to track which employee checked out/in a borrowed item. The problem is when they rotate there are customers there many times and having them logoff and login either via a workstation login or an application login is too slow for customer service.
Any suggestions?
I think a fingerprint reader would work well for logging in users. Then, they wouldn't have to type anything to log in.
There are plenty of biometric SDKs online that should be able to help you with this. And, I think some commercial readers will do something similar already, so you wouldn't even need to write any code.
Here's an article on Microsoft's Upgraded Fingerprint Reader
Also, you can have them scan once to log in, and once they are logged in, they can scan again to get logged completely out of the system (instead of just locking the screen or forgetting to log out and walk away.)
Use an application-level login, but make it only based on typing in their employee ID. This will simply identify who they are, exchanging security for speed while not giving up identity. Using employee ID's for this is a good way of guaranteeing uniqueness. I've seen systems like this work in retail, and it's really fast. Employees get used to typing this number into the console.
I'm not sure if it's in your budget but this sounds like a good use for those little button 1-wire devices. Basically it's an electronic "key" that is about the size of a button and can be read very quickly.
So Employee A goes to the station, puts his button on the pad(takes like 2 seconds) and he's logged in. When he needs to leave he pushes one button to log out, then employee B can come and log in, etc etc.
a picture of the button: