I'm a happy KH customer and support has been great so far (although I've had a couple of not-so-great incidents from the support team). In any case, I trust my business to be hosted here at KH and look to have my business here at KH long term (i.e. many years). This is my first forum post and it is about an important issue I have with Incapsula' WAF, so I thought that posting my issue here would benefit others; here it goes.
I would like to use Incapsula on my sites because I am getting some heavy traffic to my sites and it is time to add another layer of protection with a WAF, and Incapsula's WAF looks like an excellent option. The problem? By using Incapsula, a visitor is "tagged" and logged in the server with the IP of the firewall (i.e. WAF) that the visitor must go through before visiting the site, meaning that even if you get thousands and thousands of real visitors (not just bots), they're all going to be having the temporary IP (or IP range) of the Incapsula firewall. And this is not good.
It is not good because some affiliate programs and Adsense (Google's advertising platform for us webmasters to make money via ads) will register all clicks on their advertising as though they're coming from the "same" IP. This means that there is a risk that the affiliate/Adsense sees you're committing "click fraud" and you'll be banned from the affiliate program. In fact, there have been quite a few bans in the past with CloudFlare (which offers a WAF like Incapsula), where many webmasters using Adsense where banned because of this "apparent" click fraud. Thus, CloudFlare developed a mod_cloudflare extension that returns the real IP of the visitor upon the visitor hitting the firewall and exiting it to visit a site. This is good, but Incapsula does NOT offer this. Incapsula have some outdated scripts from 2008 that don't even work or require a very technical background to use. Ergo, I would be kind of tied to this issue and risk several affiliate programs I am partnered with.
My question is, are any of you using (or have used) Incapsula? And if so, how have you gone about it? Do any of you use CloudFlare without the mod_cloudflare or have not used mod_cloudflare in the past while using CloudFlare? Did you find any changes in affiliate commissions or Adsense earnings? Were any of you banned or reported?
I have been researching for some days about this issue of having all your IPs being logged with the IP of the firewall, and it certainly points out to a risk with any affiliate or Adsense program being used.
I would appreciate any experience or input from fellow KH customers, webmasters and even the KH support team. As said, I thought of posting this question here because I am sure many fellow webmasters are using or will be using a WAF (e.g. Incapsula or CloudFlare) and may be running a risk if also being an affiliate partner or Adsense partner.
Looking forward to your replies!
Thanks
P.S. Please also look at my post below with the "alternative" solution I was offered by Incapsula. I would really appreciate a reply on this solution by KH support, please.
I would like to use Incapsula on my sites because I am getting some heavy traffic to my sites and it is time to add another layer of protection with a WAF, and Incapsula's WAF looks like an excellent option. The problem? By using Incapsula, a visitor is "tagged" and logged in the server with the IP of the firewall (i.e. WAF) that the visitor must go through before visiting the site, meaning that even if you get thousands and thousands of real visitors (not just bots), they're all going to be having the temporary IP (or IP range) of the Incapsula firewall. And this is not good.
It is not good because some affiliate programs and Adsense (Google's advertising platform for us webmasters to make money via ads) will register all clicks on their advertising as though they're coming from the "same" IP. This means that there is a risk that the affiliate/Adsense sees you're committing "click fraud" and you'll be banned from the affiliate program. In fact, there have been quite a few bans in the past with CloudFlare (which offers a WAF like Incapsula), where many webmasters using Adsense where banned because of this "apparent" click fraud. Thus, CloudFlare developed a mod_cloudflare extension that returns the real IP of the visitor upon the visitor hitting the firewall and exiting it to visit a site. This is good, but Incapsula does NOT offer this. Incapsula have some outdated scripts from 2008 that don't even work or require a very technical background to use. Ergo, I would be kind of tied to this issue and risk several affiliate programs I am partnered with.
My question is, are any of you using (or have used) Incapsula? And if so, how have you gone about it? Do any of you use CloudFlare without the mod_cloudflare or have not used mod_cloudflare in the past while using CloudFlare? Did you find any changes in affiliate commissions or Adsense earnings? Were any of you banned or reported?
I have been researching for some days about this issue of having all your IPs being logged with the IP of the firewall, and it certainly points out to a risk with any affiliate or Adsense program being used.
I would appreciate any experience or input from fellow KH customers, webmasters and even the KH support team. As said, I thought of posting this question here because I am sure many fellow webmasters are using or will be using a WAF (e.g. Incapsula or CloudFlare) and may be running a risk if also being an affiliate partner or Adsense partner.
Looking forward to your replies!
Thanks
P.S. Please also look at my post below with the "alternative" solution I was offered by Incapsula. I would really appreciate a reply on this solution by KH support, please.