PPCDefender - Mostly Harmless

I stumbled upon Willie Crawford’s blog and noticed a post about PPCDefender - a piece of software that is supposed to stop programs that try to spy on competitors PPC campaigns. Some notable examples of the “competition spy” variety are GCDetective and AdSpyPro.

I’m not impressed by PPCDefender. Software like AdSpyPro lets you find profitable keywords, ad copy and products. PPCDefender only makes a feeble attempt to protect one of these - the product, or more precisely the landing page. Someone using PPC spy software could still as easily discover your profitable keywords and ads.

PPCDefender is a simple PHP script that achieves some level of “protection” by only allowing visitors who came from Google to see the page. This is done by checking what URL they came from - the “referer” URL feature that most web browsers support. Repeat visitors will also be admitted because PPCDefender creates a cookie to identify them. An experienced programmer could easily spoof the referer URL (or the cookie) and make PPCDefender think the spy script is legitimate visitor. There are also other ways to defeat the “defender” but I won’t describe them here as it would get very technical soon.

And yes, the PPCDefender script is of course “encrypted” and anyone trying to overcome it would have to spend days reverse-engineering it, wouldn’t he? No, not really. The encryption (actually obfuscation) is trivial and it wouldn’t take more than half an hour for someone with enough PHP experience to crack it.

PPCDefender in it’s current form is only a temporary annoyance that the PPC spy programmers could solve in less than a day. The defenders author promises to keep up to date with competition spy software evolution and update PPCDefender as needed… we’ll see how that goes. I suspect he won’t have much success.

If you’re really paranoid…

If you really want to protect your AdWords ads from scripts like GCDetective you could change the Display URL and/or the Target URL for each ad frequently (at least once a day). I haven’t tried to reverse-engineer PPC spy software but I think it probably uses the URL(s) to identify each ad. PPC spies aim to find ads that run for a long time and if the URL changed often it would look like they are different ads every day. For an even more reliable protection you could slightly change the ad text, display URL, target URL and the product link on the landing page and identifiable portions of the page (like title, etc). This process can be automated with some effot but is it worth it?

I think for the anti-intelligence tools this will be a losing fight overall.

White Shadow :: Jun.26.2007 :: Reviews ::

6 Responses to “PPCDefender - Mostly Harmless”

  1. on 27 Jun 2007 at 8:241Willie Crawford

    I agree it’s largely a losing fight. I was merely passing along
    a temporarily, free solution to part of the problem… maybe so
    temporary that it’s not worth bothering with.

    I’ve played with both GCDetective and AdSpyPro incidentally.
    They are very powerful and if you just wanted to identify
    your competitors best performing AdWords ads, and then’
    just steal them (right down to the display url), and then
    outbid them on their own ads by a few pennies, they CERTAINLY
    give you the upper hand :-)

    Willie

  2. on 27 Jun 2007 at 11:322White Shadow

    It’s all good until (unless) these tools become so widespread that a large percentage of advertisers are using them. If most of the experienced advertisers relied on GCDetective/AdSpyPro there would be no good ads to spy on.

    While I think it’s unlikely that AdWords pros would turn into full-time “spies”, these tools are still going to make PPC even more competitive than it already is.

  3. on 27 Jun 2007 at 12:303Joerg Weishaupt

    It is correct that the initial version of PPC Defender is quite easy to break, but I wanted to get this out fast to secure my first mover status.

    Now with almost 2,000 downloads we have the necessary user base to roll out the next version which will be much more powerful. With the new version we will create a DNSBL system similar to those used to block open relays used by email spammers.

  4. on 27 Jun 2007 at 12:504White Shadow

    That might actually be a good idea as far as landing page/link protection goes.

    I guess you’re going to protect direct linking campaigns by offering an URL redirection service with built-in blacklist checks and similar, right?

    Good luck :)

  5. on 27 Jun 2007 at 19:505Joerg Weishaupt

    Exactly that’s what I intent to do :-)

  6. on 13 Jul 2008 at 18:066Terence

    I would be interested in PPC Defender, but for some reason the website won’t load. Is the project now defunct?

Trackback URI | Subscribe to the comments through RSS Feed

Leave a Reply