Sponsor puts HTTPS problem on affiliate his desk

[Tjeezers]

Good morning, I am getting
this message :

Due to changes in Chrome and FireFox (read more here) we were required to make a change in all our linkcodes.

Some things to keep in mind:
You can use both http & https in your linkcode
Old linkcodes will be valid for another 2 months!
Using these new codes will improve your conversions with 10%

We're aware that this might give you some additional work however you'll see an improvement in conversions since Chrome and FireFox now show a proper secure page sign!

I am like " No Fucking way " and find some other resources where clearly is started it should be possible, after sending them a message with these comments I get a reply:

hey,

We've had long discussions with them and there's no possible way to do it. Unfortunately NATS is an outdated piece of software which will be obsolete in a couple of years.

Regards,

------

And now I have to find back many spots, and change a shitty link cause my sponsor claims NATS is not able to deal with this, which if they are right, all my sponsors will send me this message soon? Cause if they say they had a long talk, then this must be for all programs using NATS?

Love to hear what others have to say

[Tjeezers]

Sponsor reply:

Hey Harry,

Instead of seeing it as a problem you can also see it as a way to actually make money.

[Tjeezers]

Sponsor: ManicaMoney

Change your links, cause they can't. In 2 months your links are invalid, at least they can say they told you so.

these kind of practices they can do cause they blame NATS for this all.

[thommy]

hmmm - i really do not understand that from the technical site. WHY for hell has someone to change link codes ? you can use always // instead of http or https. that will cause any browser in the world to use the https-url in case the code is on an https site and http-url in case it is on an http site.

[Manfap]

Search and replace on the server. It's a 5 minute job for a tech.

[Denny]

I got that email too and changed the links (on two sites) so not sure what's the problem, it can be a bit time consuming if you need to change the links on a lot of sites though.

[XMaster]

Quote:

Originally Posted by thommy

hmmm - i really do not understand that from the technical site. WHY for hell has someone to change link codes ? you can use always // instead of http or https. that will cause any browser in the world to use the https-url in case the code is on an https site and http-url in case it is on an http site.

good point.

for instance, if you use //istri.it/?p=28&s=YOUR_ID&pp=1&v=0 you will be redirected to the httpS

[redwhiteandblue]

Just changed 5 links, not sure that it'll bring 10% better conversions as claimed though. The old links redirected to https so I don't get the need for new ones?

[j3rkules]

They should do a simple 301 redirect and there is no problem.

[thommy]

Quote:

Originally Posted by jerkules

They should do a simple 301 redirect and there is no problem.

i think you don´t get the case.

IF your site is https and a LINK on that shows to a http site there is a warning in the browser that there is a security problem.

if your page is NOT https you can link to https OR http without consequences and without any browser warning.

the smartest and easiest way for an affiliate programm to prevent that issue is to set up
the links in https AND http and link to //domainnamexyz.com instead of https: //domainnamexyz.com or http ://domainnamexyz.com

the browser than wil AUTOMATICLY connect to https if the link is on a secured site and to http if it is not.

so a redirect does not help at all.

[JOKER]

Quote:

Originally Posted by thommy

i think you don´t get the case.

IF your site is https and a LINK on that shows to a http site there is a warning in the browser that there is a security problem.

if your page is NOT https you can link to https OR http without consequences and without any browser warning.

the smartest and easiest way for an affiliate programm to prevent that issue is to set up
the links in https AND http and link to //domainnamexyz.com instead of https: //domainnamexyz.com or http ://domainnamexyz.com

the browser than wil AUTOMATICLY connect to https if the link is on a secured site and to http if it is not.

so a redirect does not help at all.

Hi Thommy,

You're talking iframes and frames here... (Unsecured Content / Mixed Content Warnings)

Simply linking to http:// from a https:// site does not trigger any warnings, AFAIK.

What ManicaMoney are referring to are the new warnings that are displayed on sites that gather user data such as logins if they are on a non-secure protocol.

And I have to agree that if MM wants to have all their sites that have forms SSL enabled the smartest thing to do would be 301 redirects that change the protocol from http to https but leave the link intact as it was.

They can keep pages that do not gather user-data (pages without forms on them like galleries for example) on http if they wanted to without any issues as well.

Just my worth

//Edit: I think this is what this is about

[suesheboy]

Quote:

Originally Posted by jerkules

They should do a simple 301 redirect and there is no problem.

so obvious to me as well

[yuu.design]

damn, what a head ache

[Barry-xlovecam]

Harry, Hard code websites //URL or use your own redirect mapping.

Xlovecam.com websites will honor either a http or https GET request indefinitely. No 301's are necessary. http and https use seperate server ports.

Configuring HTTPS servers

Code:

server {
  listen 80;
  listen 443 ssl;
  # force https-redirects
  if ($scheme = http) {
    return 301 https://$server_name$request_uri;
  }
}

2 ways to do it in Nginx

You can 'booger a-patchy' this way they are saying ...
https://httpd.apache.org/docs/2.4/bind.html

[robwod]

It's not that big of a deal. Just login to the server and do a simple find and replace. The basic syntax is:

Code:

grep -rl "oldstring" . |xargs sed -i -e 's/oldstring/newstring/'

And example might be:

Code:

grep -rl "http://affiliatelink.com/track/affiliatecode/" . |xargs sed -i -e 's/http:\/\/affiliatelink\.com\/track\/affiliatecode\//https:\/\/affiliatelink\.com\/track\/affiliatecode\/'

I just did that quickly so I may have missed an escaped character. You simply need to use the first example, and then escape any special characters, including periods and slashes.

[Barry-xlovecam]

Quote:

Originally Posted by robwod

It's not that big of a deal. Just login to the server and do a simple find and replace. The basic syntax is:

Code:

grep -rl "oldstring" . |xargs sed -i -e 's/oldstring/newstring/'

And example might be:

Code:

grep -rl "http://affiliatelink.com/track/affiliatecode/" . |xargs sed -i -e 's/http:\/\/affiliatelink\.com\/track\/affiliatecode\//https:\/\/affiliatelink\.com\/track\/affiliatecode\/'

I just did that quickly so I may have missed an escaped character. You simply need to use the first example, and then escape any special characters, including periods and slashes.

can't do that in cPanel or WHM

[robwod]

Barry: Ahh, good point. I don't use either one as they are too restrictive. Case in point

But one would assume a simple ticket to a host to perform such an operation should be easy enough.

[thommy]

Quote:

Originally Posted by JOKER

Hi Thommy,

You're talking iframes and frames here... (Unsecured Content / Mixed Content Warnings)

Simply linking to http:// from a https:// site does not trigger any warnings, AFAIK.

What ManicaMoney are referring to are the new warnings that are displayed on sites that gather user data such as logins if they are on a non-secure protocol.

And I have to agree that if MM wants to have all their sites that have forms SSL enabled the smartest thing to do would be 301 redirects that change the protocol from http to https but leave the link intact as it was.

They can keep pages that do not gather user-data (pages without forms on them like galleries for example) on http if they wanted to without any issues as well.

Just my worth

//Edit: I think this is what this is about

heyyyy I did not hear from you a long time - how is everything?

and SURE you are right as soon as we talk about a regular link (i explained it also wrong-so my fault)- but the "links" they talk about are infact scripts - means they have to get information about browser, geo and stuff like that. so usually they do not link just to a target but letting a script do the job.

in example an ad server would not know wich ad to place if there would not be a script on the page what collects all this data.
in that case it can be done with // in the start because the browser would automatically connect either to the https or the http version, depend what that site is where the script appears.

hope i did it correct now :-)

[rogueteens]

has anyone shown ManicaMoney this thread?

[Ferus]

OR - the sponsor could use Citrix Netscaler to URL rewrite
https://support.citrix.com/article/CTX121490

Would cost SO little to do, but sonsors would rather fuck over the affiliate and make the extra bucks.

[TheMaster]

so totally missed that one email they send

wondering how many affiliates also missed that email and how much traffic they have gotten for free in the past year

total rubbish, if they couldn't find a solution, they should fire their coders

[k0nr4d]

I don't see why they would even need to change links? You can just redirect http to https.

[thommy]

Quote:

Originally Posted by k0nr4d

I don't see why they would even need to change links? You can just redirect http to https.

unfortunately this problem is much bigger.

I have at the moment so many issues with https because many adevertisers, mediabuyers and even program owners are not really familiar with the change to https.

also some stupid security software are having issues.

here a few examples:

1. many changed their sites to https but still link somewhere in the site to some http source. sometimes only a pixel or even a font what is called with http instead of //

2. wrong server redirects for not existing sites. I was stepping into an issue here what nearly made me crazy to find out what is happening here. at the end I found the problem in a not existing favicon what did redirect the hard path to http.

3. not existing favicons can cause also wrong redirects if the server answers with a 404 redirect hardcoded on http.

and so on.....
the problem will come up in june when nearly every browser will block any non ssl source
or sources what are somewhow pointing or redirecting to a non secured source.

wait what will happen in and after june here when you see them all crying who did not inform themself about this new rules.

[TheMaster]

Quote:

Originally Posted by thommy

unfortunately this problem is much bigger.

I have at the moment so many issues with https because many adevertisers, mediabuyers and even program owners are not really familiar with the change to https.

but specific to Manica:
their NATS is still tracking all the clicks coming in, the stats still function like normal, you can break them down like in any other NATS run affiliate program (campaign, sites, referring url....) .... except they can no longer track the sales????

without that email (yes they didn't even post it in their news section in NATS), you would have no clue that your sales are no longer being tracked, except for your sales dropping to zero

[Kafka]

All the promos, like fhg are not https.

[bns666]

doesn't nats eat https and http links for breakfast with its super powers?

[thommy]

Quote:

Originally Posted by Kafka

All the promos, like fhg are not https.

they will be dead from july on.

https://www.searchenginejournal.com/...adline/236225/

this will bring us all a MUCH bigger problem as the latest google twist.

I don´t know how many servers have wrong redirect rules and how many websites are including fonts and scripts from http-ressources or use even simple 3rd party pixels.

[SCORE Ralph]

Quote:

Originally Posted by Manfap

Search and replace on the server. It's a 5 minute job for a tech.

I was going to say... It's 2018, you should be able to make simple find/replace server/db wide.

[Kafka]

Quote:

Originally Posted by thommy

they will be dead from july on.

https://www.searchenginejournal.com/...adline/236225/

this will bring us all a MUCH bigger problem as the latest google twist.

I don´t know how many servers have wrong redirect rules and how many websites are including fonts and scripts from http-ressources or use even simple 3rd party pixels.

Dead? Just a "not secure" warning. That's all. Pornsurfers don't care if a site is "not secure".

[Bladewire]

Quote:

Originally Posted by Kafka

Dead? Just a "not secure" warning. That's all. Pornsurfers don't care if a site is "not secure".

Google will make surfers care

[rowan]

Fuck Google. I've changed one of my sites over to HTTPS, and it was not fun. That was a site with a relatively simple linking structure, with about 3 external links, and it still took waiting for fixes from the programs to make everything work.

[thommy]

Quote:

Originally Posted by Kafka

Dead? Just a "not secure" warning. That's all. Pornsurfers don't care if a site is "not secure".

good luck for your revenues :-)

[Klen]

Quote:

Originally Posted by thommy

good luck for your revenues :-)

Firefox have same thing for years.

[rowan]

Quote:

Originally Posted by thommy

good luck for your revenues :-)

Sometimes switching prematurely can be an issue too. If you're using something like IFRAMEs or other inline content, and the programs haven't yet shifted over to HTTPS, there's going to be even more nasty security warnings. You really need to do (or have already done) an audit of all third party content before you make the switch to HTTPS, to make sure they can also support it. I assumed everything would be fine but it turned out that what was a clean site via HTTP suddenly had icons and warning dialogs when switched to HTTPS. As mentioned above I had to wait for a couple of programs to provide a fix before my site loaded cleanly again.

[venus]

tell them to put this in their htaccess..no need to thank me either...they can leave it as is or change the url..I am ok either way

RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://www.landofvenus.com/$1 [L,R=301]