How to set fraud rules to protect your ad spend automatically

If you're running affiliate campaigns through PropellerAds, EvaDav, RichAds, Taboola, MGID, or solo ads, you're paying for every click. The problem? A significant percentage of those clicks are worthless. Bots, datacenter IPs, click farms, and competitor fraud drain your budget before real users ever see your landing page. Setting up fraud rules affiliate tracking is the only way to stop this automatically—without babysitting your campaigns 24/7. Here's exactly how to configure those rules to protect your ad spend, using real thresholds and configurations that work in production.

What fraud rules should you set first?

Start with the highest-impact rules that catch the most fake traffic immediately. Based on analyzing millions of clicks across ad networks, these five rules block 80-90% of fraudulent activity before it touches your budget:

1. IP velocity limits — Block IPs that click more than X times in Y minutes
2. Datacenter IP blocking — Reject clicks from known cloud and hosting providers
3. Bot user agent detection — Block known bot and crawler user agents
4. Uniqueness conflict detection — Flag identical click signatures (same IP, UA, and timestamp)
5. Invalid referer blocking — Reject clicks with missing, spoofed, or non-traffic-source referers

Each rule requires a specific threshold. Run your campaigns for 24-48 hours with logging enabled, then analyze the data to set custom limits. Defaults work, but campaign-specific tuning doubles effectiveness.

How to configure IP velocity rules for affiliate campaigns

IP velocity fraud is when a single IP address generates clicks faster than a human possibly could. A real person might click your ad once every few minutes at best. A bot can click 50 times in 10 seconds.

Set your IP velocity limit to 3 clicks within 60 minutes for most campaigns. For high-traffic campaigns on Taboola or MGID, tighten to 2 clicks within 30 minutes. Solo ad traffic often sees IP velocity spikes from list rentals—set 1 click per 24 hours per IP to stay safe.

In Adtraxo, this is configured under Campaign Settings → Fraud Detection → IP Velocity. You set the maximum clicks and the time window. The system then automatically blocks any IP exceeding that threshold and stops tracking further clicks from that IP on that campaign.

Real example: A PropellerAds push campaign was generating 12,000 clicks/day with a 0.3% conversion rate. After setting IP velocity to 3 clicks/60 minutes, clicks dropped to 7,400/day, but conversions stayed the same. The conversion rate jumped to 0.5%. That's 4,600 fake clicks blocked per day—at $0.02 CPC, that's $92/day saved.

Why datacenter IP detection matters for fraud rules affiliate tracking

Datacenter IPs are IP addresses assigned to servers, cloud providers (AWS, Google Cloud, Azure), and hosting companies. Legitimate users never browse from these IPs—they're used by bots running on rented servers. Blocking them eliminates an entire category of fake traffic instantly.

Adtraxo's fraud detection includes a regularly updated database of known datacenter IP ranges. When a click arrives from a datacenter IP, it's flagged and blocked automatically. No configuration needed beyond enabling the rule—but you can customize the action (block, flag, or redirect to a honeypot page).

In a real campaign on EvaDav, datacenter IPs accounted for 22% of all clicks. After enabling datacenter IP blocking, the campaign's ROI went from -15% to +8% within 48 hours. The ad spend was still going to the same traffic source, but the fake clicks were filtered out before they could inflate the cost.

For more detail on why this matters, read Datacenter IP detection: why it matters for affiliate tracking.

Setting up bot user agent detection rules

User agents (UA strings) identify the browser and device making a request. Bots often use outdated, generic, or obviously fake UAs. Examples include "Python-urllib/3.9", "curl/7.68.0", "Go-http-client/2.0", or empty UA strings.

Create a rule that blocks clicks from any UA containing these patterns:

• python-requests
• curl/
• wget/
• Go-http-client
• Java/
• libwww-perl
• Empty or null user agent
• Known bot strings (Googlebot, Bingbot, but only if you're not targeting search traffic)

Adtraxo's fraud detection includes a pre-built suspicious UA list that updates automatically. You can also add custom UA patterns specific to your campaigns. For example, if you see a cluster of clicks from "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0)" on a mobile campaign, that's a red flag—that browser hasn't existed for years.

Read more about this signal in Suspicious user agents: the hidden fraud signal in your click data.

Uniqueness conflict: the silent fraud killer

Uniqueness conflict occurs when two or more clicks have the exact same combination of IP address, user agent, timestamp (to the second), and referer. This is mathematically impossible for real users—it indicates a bot sending duplicate requests.

Enable uniqueness conflict detection in Adtraxo with a threshold of 1 duplicate within 60 seconds. The system will block the second (and subsequent) identical clicks automatically. In high-volume campaigns, this rule alone can catch 5-10% of fake clicks.

Example: A RichAds campaign was getting 3,000 clicks/day with a 0.8% conversion rate. After enabling uniqueness conflict detection, 240 clicks were flagged as duplicates in the first 24 hours. The conversion rate rose to 0.9%—and $4.80/day in wasted spend was saved at $0.02 CPC.

Invalid referer blocking: stop spoofed traffic

Referers tell you where the click came from. Fraudsters often spoof referers to make bot traffic look like it came from your ad network. If a click's referer doesn't match your traffic source, or if the referer is missing entirely (and your traffic source always sends one), block it.

In Adtraxo, set up referer validation per campaign:

• For PropellerAds: block clicks without "propellerads.com" in the referer
• For Taboola: block clicks without "taboola.com"
• For solo ads: block clicks without the solo ad platform's domain

Set the rule to block clicks where the referer is empty, contains "null", or contains "direct" if your traffic source always sends a referer. This catches click injection and spoofed traffic that tries to bypass your tracking.

How to test your fraud rules before going live

Never enable fraud rules on a live campaign without testing first. Here's the process:

1. Set rules to "flag only" mode — In Adtraxo, configure each rule to log violations without blocking clicks. Run for 24 hours.
2. Analyze the fraud report — Check which rules triggered most often. Look at the How to read a fraud report and act on it guide for detailed interpretation.
3. Adjust thresholds — If IP velocity is flagging 50% of legitimate clicks, your threshold is too tight. Loosen it by increasing the time window or click limit.
4. Enable blocking gradually — Start with the rule that caught the most fake traffic first. Add one rule per day, monitoring conversion rates closely.
5. Review after 7 days — Check if conversion rates improved, CTR changed, or ROI increased. Tweak rules as needed.

This testing approach prevents false positives from destroying legitimate conversions. A well-tuned rule set should block 15-30% of clicks while maintaining or improving conversion rates.

Using AI to automate fraud rule optimization

Manually tuning fraud rules for every campaign is tedious. Adtraxo's AI Campaign Optimizer agent analyzes your click data in real time, identifies patterns of fraud, and adjusts rule thresholds automatically. It learns which IPs, UAs, and behavior patterns correlate with non-converting traffic and tightens rules accordingly.

The AI agent considers:

• Historical conversion data per traffic source
• Geo-specific fraud patterns (certain countries have higher bot rates)
• Device type (iOS vs Android vs desktop bot rates)
• Time-of-day fraud spikes

For example, if the AI detects that clicks from Indonesia on a Monday morning have a 90% bot rate, it automatically increases IP velocity and datacenter IP scrutiny for that segment. You don't have to write a single rule.

Common mistakes when setting fraud rules

Even experienced affiliates make these errors. Avoid them:

• Setting thresholds too tight — Blocking every IP that clicks twice in an hour kills real traffic from shared networks (offices, dorms, VPNs). Start loose and tighten gradually.
• Ignoring geo-specific rules — A rule that works for US traffic might block 50% of legitimate Indian traffic. Segment rules by country.
• Not whitelisting known good IPs — If you have a solo ad partner who uses a specific IP range, whitelist it to avoid false blocks.
• Forgetting to update rules — Bot patterns change monthly. Review your fraud rules and Adtraxo's built-in lists every 30 days.
• Relying on a single rule — No single rule catches everything. Use all five rules together for maximum protection.

For a complete overview of fraud types and detection methods, read The affiliate marketer's guide to click fraud detection and prevention.

How much can you save with automated fraud rules?

Based on Adtraxo user data across 500+ campaigns, automated fraud rules typically save:

• 15-25% of total ad spend from blocking fake clicks
• 30-50% improvement in conversion rate (since only real traffic is measured)
• 2-3x ROI increase on previously marginal campaigns

For a campaign spending $1,000/day, that's $150-$250 saved daily—or $4,500-$7,500 per month. The Adtraxo Pro plan costs $49/month. The math speaks for itself.

To calculate your own potential savings, run a campaign with Adtraxo's Free plan (10 links, 5k clicks/month) and enable all fraud rules in flag-only mode. After 7 days, check the fraud report to see exactly how many fake clicks you received and what they cost you.

Learn more about identifying fake traffic in How much of your affiliate traffic is fake? How to find out.

Frequently asked questions

Ready to stop wasting ad spend on fake clicks? Sign up for Adtraxo's Free plan today and start protecting your campaigns with automated fraud rules. Upgrade to Pro for unlimited links, clicks, and full fraud detection capabilities—all for $49/month.