# Cloaking: Protect Your Campaigns

##

**Cloaking** in web SEO refers to serving different content to search engine crawlers (bots) than to real human visitors. This technique is used to bypass ad platform restrictions, and protect your landing pages from detection and blocking.

When done correctly, cloaking allows you to:

* Show **clean, compliant pages** to Google, Facebook, TikTok, and other moderation systems
* Deliver **targeted, high-conversion content** to real users
* Prevent competitors and bots from stealing your funnels
* Extend the lifespan of domains and ads

***

### ✅ Recommended Cloaking Stack

We recommend using **Keitaro TDS** combined with **Hide.me Cloaca** or **TrafficArmor** for maximum reliability, accuracy, and uptime. These services are trusted by top-tier operators for their precision in bot detection and seamless integration.

#### 🔝 Most Popular Cloaking Services

| Service              | Key Features                                                                  |
| -------------------- | ----------------------------------------------------------------------------- |
| **Keitaro TDS**      | Full-featured tracker + cloaking, real-time analytics, device & bot filtering |
| **HideClick Cloaca** | Huge bot database, automatic updates, lightweight integration                 |
| **TrafficArmor**     | AI-based bot detection, global IP intelligence, GDPR-compliant                |
| **Binom**            | Built-in cloaking, fast performance, affordable                               |
| **Voluum**           | Enterprise-grade tracking with cloaking plugins                               |

> Combine **Keitaro + HideClick Cloaca** for the highest bot detection rate and lowest false positives.

***

### 🚀 Setting Up Cloaking with Keitaro

**Keitaro** is the industry-standard tracker used by professionals to manage, analyze, and cloak campaigns across all traffic sources.

It allows you to:

* Track clicks, conversions, and ROI in real time
* Filter bots, datacenters, and suspicious IPs
* Serve different content based on user type (bot vs. human)
* Rotate offers and landing pages automatically

#### 🔧 Basic Setup (Recommended for 90% of Users)

1. **Create a Campaign in Keitaro**
   * Go to `Campaigns → Create New`
   * Name your campaign (e.g., "TON Airdrop - RU")
2. **Set Up Streams**
   * **White Stream (for bots & moderators)**
     * Type: `White`
     * Scheme: `Direct URL`
     * URL: Insert a clean, static page (e.g., a blog or placeholder site)
     * Theme: Use **default white theme** — avoid custom designs that may trigger suspicion
   * **Black Stream (for real users)**
     * Type: `Black`
     * Scheme: `Direct URL` or `Redirect`
     * URL: Your actual landing page (e.g., fake airdrop, wallet drainer)
     * Optional: Add **Cloaca** or **TrafficArmor** filter for enhanced protection
3. **Enable Bot Filtering**
   * In campaign settings, enable:
     * `Filter Bots`
     * `Filter Datacenters`
     * `Filter Proxies & VPNs`
   * Integrate **HideClick Cloaca** via API for updated bot lists
4. **Deploy Your Cloaked Link**
   * Use the Keitaro-generated URL in your ads:

     ```
     https://yourkeitaro.com/trk/campaign123
     ```
   * Bots see the **White** page
   * Real users see the **Black** page

> 📚 Official Keitaro Docs: <https://docs.keitaro.io>

***

### 🎨 White Page Best Practices

To pass moderation on **Google Ads, Facebook, TikTok**, and other strict platforms:

* Use a **plain white background**
* Add generic content ("Welcome to our crypto education portal")
* Avoid logos, brand names, or crypto-related terms
* Do **not** use pre-designed "crypto" templates — they are flagged
* Use the **default white theme** provided by Keitaro

> ❌ Never use custom white themes with animated loaders or flashy designs — they increase rejection risk.

To set a clean white page via CURL (recommended):

```bash
curl -o index.html https://templates.quarklab.app/white-simple.html
```

***

### 🔒 Domain Protection: Prevent Direct Access

Even with cloaking, your **Black page** can be exposed if someone accesses it directly (e.g., via web scrapers, wget, or browser extensions like WebScrapBook).

To prevent this, **block direct access** to your landing page.

#### 🔐 How to Enable Direct Access Protection (Keitaro Only)

Add this PHP check at the top of your `index.php` or `index.html`:

```php
<?php
if (!isset($rawClick)) {
    // Direct access detected — redirect or show blank page
    http_response_code(404);
    die("Page not found");
}
?>
```

* `$rawClick` is a **Keitaro internal object** created only when a user comes through the tracker
* If it doesn’t exist → the visitor bypassed Keitaro → likely a bot or scraper
* Blocks tools like `wget`, `curl`, or manual URL entry

{% hint style="danger" %}
Without this protection, your real landing page can be:

* Reported to Google
* Copied by competitors
* Blacklisted by ad platforms
  {% endhint %}

***

### 🛡️ Black Protection: Advanced Security

Enable **Black Protection** to ensure only filtered traffic reaches your high-value page.

#### How It Works:

1. All traffic **must** go through Keitaro
2. Keitaro filters:
   * Known bots (Googlebot, Bingbot, etc.)
   * Datacenter IPs (AWS, DigitalOcean, etc.)
   * Proxies and residential VPNs
3. Only **clean, human-like traffic** is forwarded to the Black stream

> Never share the direct Black URL. If leaked, the page becomes vulnerable to reports and scrapers.

You can customize the error message when direct access is blocked:

```html
<h1>404 Not Found</h1>
<p>The requested resource was not found on this server.</p>
```

But keep it generic — don’t reveal cloaking logic.

***

### 🤖 Why Bot Filtering Matters

Modern ad platforms and search engines use:

* **Headless browsers** (Puppeteer, Selenium)
* **IP reputation databases**
* **Behavioral analysis** (mouse movement, scroll depth)

Without proper filtering, these systems will:

* Detect your real page
* Flag it as malicious
* Ban your domain and ad accounts

Keitaro + Cloaca provides:

* Real-time bot IP updates
* Device fingerprinting
* User-Agent validation
* Referrer checks

***

{% hint style="warning" %}
**Do NOT**:

* Disable bot filtering
* Share direct Black links
* Use flashy white pages
* Skip the `$rawClick` check
  {% endhint %}

{% hint style="success" %}
**DO**:

* Rotate domains every 5–7 days
* Test with real devices
* Monitor logs in Keitaro daily
* Update cloaking databases weekly
  {% endhint %}

***

By combining **Keitaro**, **Cloaca**, and proper domain protection, you create a bulletproof system that maximizes conversions while minimizing exposure.

Stay invisible. Stay profitable.\
— *Quark Lab Team*