<b>Click fraud filters — the tracker-side rule set</b>

<b>Click fraud filters — the tracker-side rule set</b>

You can't optimize on poisoned data. Filter bot and junk clicks at the tracker before they enter your reports.

Rules to configure in your tracker:

— Block known datacenter IP ranges (AWS, GCP, OVH) on consumer-traffic campaigns — real users aren't in datacenters
— Filter clicks with no User-Agent or a known bot UA string
— Set a minimum time-on-prelander threshold; sub-1-second "visitors" are bots or misfires
— Flag duplicate click IDs from the same IP within seconds — a single user can't click 40 times
— Block proxy/VPN ranges only if the offer's GEO rules require it (some legit traffic uses VPN)
— Cap clicks per IP per hour and route excess to a junk stream you don't pay attention to

Handling:

— Don't delete filtered traffic — route it to a separate stream so you can audit your filter's false-positive rate
— Review filtered volume weekly; if it exceeds 20% of a source, the source is the problem, not your filter

Save this SOP. Run this before every launch.