Tag Archives: geotargeting

AdRotate Geo temporarily shut down

Today I woke up to 22 emails that my website was offline-online-offline and so on. Turns out some users are once again abusing AdRotate Geo by sending millions of requests to my API.

AdRotate Geo serves around 3 million requests per day. And scales pretty well for small to medium sites. Currently there are a couple of hundred users subscribed to AdRotate Geo. But getting upwards of 40 million requests per hour is a bit too much for my servers.

So, DDoS then, again… But they’re all real AdRotate Pro users as far as I can see. Valid authentification keys and api access… After some digging it turns out that it was AdRotate Geo being hammered with traffic from a bunch of AdRotate Pro users sites. Millions of requests per site? Come on. That’s not real traffic. Can’t be… Or is it.

After a while I got fed up with it and shut AdRotate Geo down until further notice. Sorry for the inconvenience…

Please use ipstack instead. You can make a free account to get free lookups per month. Or, if you want the more accurate MaxMind GeoIP2 that’s of-course an option too – But not for free 🙂

If you have any questions of comments, please let me know below or via the contact form. Thanks.

I’ll try to figure out what to do with AdRotate Geo in the meantime 🙁

Are AdRotate Free and AdRotate Pro GDPR compatible?

TLDR;

Yes, Both AdRotate Pro and AdRotate Free are compatible with GDPR.
Just make sure you inform your audience what you’re doing and what’s going to happen when they access your website.

What GDPR is all about

GDPR stands for General Data Protection Regulation. Which is forced onto the world by the lovely governance of the European Union.

These regulations have been years in the making and started years ago with the dreaded and Cookie Regulations. Now they’ve taken it a few steps further to include any data that may be personally identifiable in a similar scheme.

In short, GDPR is yet another useless attempt to control data and seemingly protect the user.

How does AdRotate fit into this

People visiting your website will leave a trace, that trace is at the very least an IP address. But often involves a user account or some kind of record. Often cookies are thrown at visitors. There is session data. Servers collect logs that contain all kinds of information about visitors.

Here are 3 things AdRotate does with user data:

1. IP Addresses

AdRotate (Pro) stores IP addresses for up to 24 hours to track impressions and clicks. If the plugin is working properly this data is removed after 24 hours. These records are not easily accessible by end-users. Website administrators also have no direct access to this data. The cleanup is governed by wp-cron.

If you don’t want AdRotate (Pro) to store IP addresses at all. Turn off stats or use a 3rd party tracker. You can use Google Analytics or Piwik Analytics.

If you wish to not share the IP address to a 3rd party you should turn off Statistics.

2. Geo Targeting

If you use Geo Targeting each visitor will get a cookie that lasts up to a week, depending on your settings.
This cookie stores the approximate location of the visitor. This data is not stored on the server but the visitors IP address is sent to a Geo Lookup service.

Currently AdRotate Pro supports the following Geo Targeting services; AdRotate Geo (my own lookup service), MaxMind and ipstack.
If you use Cloudflare you can get the visitors country via that as well.

All services use the visitors IP Address to get the location information.

Do these services store the IP address? AdRotate Geo does NOT store the IP address. As for the others, I do not know.
Check their Terms of Service. Email their support staff to find out.

If you do not want to share the IP address to a 3rd party you should turn off Geo Targeting.

3. Statistics

As mentioned before, AdRotate (Pro) stores the visitors IP Address for a limited time. Other than that, statistics are anonymous and just dumb numbers.

So there you have it, both AdRotate Pro and AdRotate Free are compatible with GDPR.

Why GDPR is pointless

While the intentions of GDPR may be a good idea. It won’t work as long as free service businesses such as Facebook, Google and the like make it a business to sell your data. You are their product. Your data is their product.

Earlier this week I was presented with a load of convoluted questions and settings updates on Facebook, trying to convince me that personal data gathering is a good thing. They showcased it under the guise of security and defrauding accounts. It helps against spam and fake news and more such nonsense. And to make it more appealing to me, some other benefits like auto tagging and checking in if I let them store my data and track my movements.

The little survey they forced me to click through implied consent and I ended up clicking “yes” and “agree” a bunch of times because I don’t want my account impeded or limited if I don’t agree. No matter my decision, they’ll get what they want anyway.

Google has sent out similar notifications a few weeks ago, simply telling me what is going to happen, offering a security audit and a easy way to some new settings to review, but really I had no say in the matter at all.

Thus, the 2 larger companies in the world that these regulations are meant for are already covering themselves with recorded evidence of consent, rendering the regulations mostly useless. I imagine most people won’t even read or care about these settings and (unknowingly) give consent.

Most people are stupid that way.

AdRotate Pro 4.14 – GDPR compatibility

Advertiser management has had some small improvements and bug fixes. As well as some changes to accommodate the new GDPR nonsense.

Geo Targeting

A number of improvements to AdRotate Geo Targeting. FreegeoIP closed down again and is now ran by Ipstack. They have free and paid accounts. Check out their offerings if you want to continue to use FreegeoIP.

The FreegeoIP implementation is largely the same, but includes a few bugfixes and is renamed to Ipstack. Ipstack has free limited accounts. You’ll need an account to get a free License key to continue using their stuff.

GDPR

And to comply better with GDPR a small but neat change has been made to store impression trackers in session data rather than cookies. This data is anonymous (just a timestamp) but if it’s a cookie you need permission – Now it’s fine.

These cookies were to track impressions in dynamic groups. Some people mentioned there were too many cookies. And then I realised it’s faster and easier to store them in Session data.

Changes

  • [fix] Advertisers having control over their own permissions
  • [fix] AdRotate Geo not always using cookie when it should
  • [fix] Post Injection showing adverts in the wrong categories
  • [change] Migrate FreegeoIP to Ipstack (requires free account)
  • [change] Moved tracker for dynamic groups into Session Storage

Exploring the south of Negros Island

From time to time we drive around on Negros Island. Finding new roads, discovering how bad they sometimes are. It’s fun.