I was experiencing the same weird things that others have reported in this thread. My CTR for one day last week was almost 50%.

This week, it appears whatever was going on has been fixed. Earnings and CTR are back where they were 2 weeks ago.

I'm noticing some AWS traffic coming through US proxies in my logs. Haven't determined intent yet but I'm looking at it. Not sure how .htaccess works but wondering if various blocking approaches outlined above deal with proxy traffic sufficiently or if further blocking is needed.

@webcentric
Check for 100% bounce on AWS. I have seen users who seem to have been able to set AWS as a proxy (one was Linux!) and was actually reading content.

If you have blocked the IP address then anyone using that as a proxy will be denied access. If the IP maps to a domain you have listed, then they will also be banned even if the IP doesn't specifically match other entries (by IP).

WDR

Thanks WDR

I'm seeing AWS IP's in the X_Forwarded_For header. The proxy is not an AWS IP. FYI, I don't use .htaccess (mainly because there are different options where my server's OS is concerned) so I'm really only asking the question for folks who are primarily on Linux boxes. So, again, just for people who may be new to this, does a deny statement (by IP) in .htaccess address only what's in the Remote_ADDR header or does it also address what might be found in the X_Forwarded_For header? Hope that makes sense.

Example REMOTE_ADDR and X_Forwarded_For

REMOTE_ADDR-----|X_FORWARDED_FOR
Proxy----------------|Amazon IP ----- Localhost
yyy.yyy.yyy.yyy----|xxx.xxx.xxx.xxx 127.0.0.1

This gives me the chills. Note that we're trying to block traffic from xxx.xxx.xxx.xxx

Is this someone remotely logged into a Linux box via ssh using the forwarding capabilities of x-windows?

WDR

@webcentric

SetEnvIF X-Forwarded-For "^xxx\.xxx\.xxx\.xxx!" denyip
Deny from env=denyip

Is this someone remotely logged into a Linux box via ssh using the forwarding capabilities of x-windows?

Have no idea. 127.0.0.1 is localhost for windows too. My guess is that this is an app being run on localhost (locally or remotely) that is dialing up a proxy before heading out to do it's dirty work. I run .NET apps all the time from localhost on my home box though not through proxies usually and they're strictly for managing my own stuff.

@levo Thanks for that. Again, I have no immediate use for this information but felt it was worth addressing in this thread as a simple Deny statement seemed to still leave a hole in the blocking strategy. Not everyone fully understands this stuff (including me) so just trying to flesh out the topic for those who encounter it in the future.

I'm guessing that SetEnvIF and Deny should be used in conjunction with one another (as above) for a more complete solution (blocking the offending IP whether it's in REMOTE_ADDR or X_FORWARDED_FOR). Is that correct?

10 days i'm testing this 'anti-aws htaccess code' and i went from 50-100 invalid clicks per day to just a few invalid clicks per day, it works!

My site gets click bombed every once in a while and AdSense corrects it on its own. AdSense will know you're not responsible. So don't even worry about it. As long as you don't click on your own ads you'll be fine.

One morning (5 am) I woke up to see that my site was earning $137.xx which was odd. Way too early for earnings like that. After about an hour it was corrected to the normal level. It's happened several times already.

AdSense will know you're not responsible. So don't even worry about it.

Ha, ha, ha.

Ha, ha, ha.

From that response I take you were blamed for the clicks on your site?

If so, then I stand corrected.

@DirtyHarry If you read through this thread (or maybe it's in the Earnings and Observations thread) Adsense does not correct all it's mistakes, where earnings reporting is concerned.

@netmeg Who knows, maybe G will remove that big chunk of revenue from your tax docs next year. Otherwise, that would amount to the filing of false information on a federal form and there's probably some kind of crime associated with that. Maybe the IRS can get their attention.

Back @DirtyHarry -- Also, when bots are hitting your site, they're consuming your resources, mucking up your logs and who knows what else. I think banning such pests makes more sense than leaving it all in the hands of Google.

Ok, pay attention because this is important.

It does not matter if you're to blame or not for your invalid traffic or invalid clicks.

Many many AdSense publishers have been kicked out because their sites presented a "risk to the advertisers."

They didn't necessarily do anything wrong - but for whatever reasons, their sites were attracting behavior that Google felt *might* cause problems for the advertisers, so out they went.

As I mentioned in the first page of this thread - the very fact that this particular spate of invalid clickitude was so widespread was actually a comfort to me; had it ONLY been me, I'd have probably been booted (well, had it only been me, I'd have taken all the ads off till I figured out if I could fix it, but the average person who didn't do that would probably be kicked out)

If I have a site that is targeted to Nebraska, and suddenly I get a bunch of sustained traffic from China that is clicking on all the ads - even if I didn't do anything to cause it, I'm still a risk to advertisers. I can't depend on Google to just remove the clicks; it's my problem more than theirs.

There is no "fair" here. Advertisers are protected to keep the whole ecosystem healthy.

So whatever you *can* control, you should.

From that response I take you were blamed for the clicks on your site?

No, at least not this time.

Business owners who do not worry about their business are soon out of business. I've been doing this for 15 years. Worry is partly why I am still here.

For those who are also blocking wowrack, here are two more CIDRs
208.115.111.64/28
208.115.113.80/28

The one I have already listed was 208.115.96.0/19

HTH
LW

For those who are also blocking wowrack, here are two more CIDRs

Thanks

Here's another one for you, ember... 216.244.64.0/19

It does not matter if you're to blame or not for your invalid traffic or invalid clicks.

This is important and should be a thread of it's own but it's been addressed more or less many times before.

The basic problem starts at the fundamental core of Google itself and it's operating philosophy where 3rd parties can damage your site and you're GUILTY of what they do. There's no way to discount those third parties (except disavow), whether they're sites or visitors causing the issue, but they give you no recourse for the damage caused to your site.

If your site has an issue you're dumped like a hot potato and become persona non gratis. Not only won't they tell you why your site was dumped, they tell you they won't discuss the matter further leaving you no way to plead your case.

Google always assumes, unless you're some big public brand, that your site was complicit with the actions either trying to advances your rankings or defraud advertiser and all convictions are the same: GUILTY!

If you manage to get a pardon from Google you're one lucky SOB.

All your hard work decimated with...

No Transparency
No Recourse
No Tribunal

GOOD LUCK!

If you want to prevent Adsense impressions from AWS IPs you can use the following (up-to-date) code.

Sorry, it's little long ;)

# PHP part

if (!isset($_SERVER['dcip'])) {
//your adsense code
}

# .htaccess part
SetEnvIf Remote_Addr ^72\.44\.(3[2-9]|[4-5][0-9]|6[0-3])\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))$ dcip
SetEnvIf Remote_Addr ^67\.202\.([0-9]|[1-5][0-9]|6[0-3])\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))$ dcip
SetEnvIf Remote_Addr ^75\.101\.(1(2[8-9]|[3-9][0-9])|2([0-4][0-9]|5[0-5]))\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))$ dcip
SetEnvIf Remote_Addr ^174\.129\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))$ dcip
SetEnvIf Remote_Addr ^204\.236\.(1(9[2-9])|2([0-4][0-9]|5[0-5]))\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))$ dcip
SetEnvIf Remote_Addr ^184\.73\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))$ dcip
SetEnvIf Remote_Addr ^184\.72\.(1(2[8-9]|[3-9][0-9])|2([0-4][0-9]|5[0-5]))\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))$ dcip
SetEnvIf Remote_Addr ^184\.72\.(6[4-9]|[7-9][0-9]|1([0-1][0-9]|2[0-7]))\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))$ dcip
SetEnvIf Remote_Addr ^50\.(1[6-7])\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))$ dcip
SetEnvIf Remote_Addr ^50\.19\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))$ dcip
SetEnvIf Remote_Addr ^107\.(2[0-3])\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))$ dcip
SetEnvIf Remote_Addr ^23\.(2[0-3])\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))$ dcip
SetEnvIf Remote_Addr ^54\.(2(4[2-3]))\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))$ dcip
SetEnvIf Remote_Addr ^54\.(2(3[4-5]))\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))$ dcip
SetEnvIf Remote_Addr ^54\.(2(3[6-7]))\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))$ dcip
SetEnvIf Remote_Addr ^54\.(2(2[4-5]))\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))$ dcip
SetEnvIf Remote_Addr ^54\.(2(2[6-7]))\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))$ dcip
SetEnvIf Remote_Addr ^54\.(2(0[8-9]))\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))$ dcip
SetEnvIf Remote_Addr ^54\.(2(1[0-1]))\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))$ dcip
SetEnvIf Remote_Addr ^54\.221\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))$ dcip
SetEnvIf Remote_Addr ^54\.(2(0[4-5]))\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))$ dcip
SetEnvIf Remote_Addr ^54\.(1(9[6-7]))\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))$ dcip
SetEnvIf Remote_Addr ^54\.198\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))$ dcip
SetEnvIf Remote_Addr ^54\.(8[0-7])\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))$ dcip
SetEnvIf Remote_Addr ^50\.112\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))$ dcip
SetEnvIf Remote_Addr ^54\.245\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))$ dcip
SetEnvIf Remote_Addr ^54\.244\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))$ dcip
SetEnvIf Remote_Addr ^54\.214\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))$ dcip
SetEnvIf Remote_Addr ^54\.(2(1[2-3]))\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))$ dcip
SetEnvIf Remote_Addr ^54\.218\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))$ dcip
SetEnvIf Remote_Addr ^54\.(2(0[0-1]))\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))$ dcip
SetEnvIf Remote_Addr ^54\.(2(0[2-3]))\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))$ dcip
SetEnvIf Remote_Addr ^54\.(1(8[4-9]|9[0-1]))\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))$ dcip
SetEnvIf Remote_Addr ^204\.236\.(1(2[8-9]|[3-8][0-9]|9[0-1]))\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))$ dcip
SetEnvIf Remote_Addr ^184\.72\.([0-9]|[1-5][0-9]|6[0-3])\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))$ dcip
SetEnvIf Remote_Addr ^50\.18\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))$ dcip
SetEnvIf Remote_Addr ^184\.169\.(1(2[8-9]|[3-9][0-9])|2([0-4][0-9]|5[0-5]))\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))$ dcip
SetEnvIf Remote_Addr ^54\.241\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))$ dcip
SetEnvIf Remote_Addr ^54\.215\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))$ dcip
SetEnvIf Remote_Addr ^54\.219\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))$ dcip
SetEnvIf Remote_Addr ^54\.193\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))$ dcip
SetEnvIf Remote_Addr ^54\.(1(7[6-7]))\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))$ dcip
SetEnvIf Remote_Addr ^54\.183\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))$ dcip
SetEnvIf Remote_Addr ^79\.125\.([0-9]|[1-9][0-9]|1([0-1][0-9]|2[0-7]))\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))$ dcip
SetEnvIf Remote_Addr ^46\.51\.(1(2[8-9]|[3-8][0-9]|9[0-1]))\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))$ dcip
SetEnvIf Remote_Addr ^46\.51\.(1(9[2-9])|2(0[0-7]))\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))$ dcip
SetEnvIf Remote_Addr ^46\.137\.([0-9]|[1-9][0-9]|1([0-1][0-9]|2[0-7]))\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))$ dcip
SetEnvIf Remote_Addr ^46\.137\.(1(2[8-9]|[3-8][0-9]|9[0-1]))\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))$ dcip
SetEnvIf Remote_Addr ^176\.34\.(1(2[8-9]|[3-9][0-9])|2([0-4][0-9]|5[0-5]))\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))$ dcip
SetEnvIf Remote_Addr ^176\.34\.(6[4-9]|[7-9][0-9]|1([0-1][0-9]|2[0-7]))\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))$ dcip
SetEnvIf Remote_Addr ^54\.247\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))$ dcip
SetEnvIf Remote_Addr ^54\.246\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))$ dcip
SetEnvIf Remote_Addr ^54\.228\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))$ dcip
SetEnvIf Remote_Addr ^54\.(2(1[6-7]))\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))$ dcip
SetEnvIf Remote_Addr ^54\.229\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))$ dcip
SetEnvIf Remote_Addr ^54\.220\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))$ dcip
SetEnvIf Remote_Addr ^54\.(1(9[4-5]))\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))$ dcip
SetEnvIf Remote_Addr ^54\.(7[2-5])\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))$ dcip
SetEnvIf Remote_Addr ^54\.(7[6-7])\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))$ dcip
SetEnvIf Remote_Addr ^54\.78\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))$ dcip
SetEnvIf Remote_Addr ^175\.41\.(1(2[8-9]|[3-8][0-9]|9[0-1]))\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))$ dcip
SetEnvIf Remote_Addr ^122\.248\.(1(9[2-9])|2([0-4][0-9]|5[0-5]))\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))$ dcip
SetEnvIf Remote_Addr ^46\.137\.(1(9[2-9])|2([0-4][0-9]|5[0-5]))\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))$ dcip
SetEnvIf Remote_Addr ^46\.51\.(2(1[6-9]|2[0-3]))\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))$ dcip
SetEnvIf Remote_Addr ^54\.251\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))$ dcip
SetEnvIf Remote_Addr ^54\.254\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))$ dcip
SetEnvIf Remote_Addr ^54\.255\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))$ dcip
SetEnvIf Remote_Addr ^54\.179\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))$ dcip
SetEnvIf Remote_Addr ^54\.252\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))$ dcip
SetEnvIf Remote_Addr ^54\.253\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))$ dcip
SetEnvIf Remote_Addr ^54\.206\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))$ dcip
SetEnvIf Remote_Addr ^54\.79\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))$ dcip
SetEnvIf Remote_Addr ^175\.41\.(1(9[2-9])|2([0-4][0-9]|5[0-5]))\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))$ dcip
SetEnvIf Remote_Addr ^46\.51\.(2(2[4-9]|[3-4][0-9]|5[0-5]))\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))$ dcip
SetEnvIf Remote_Addr ^176\.32\.(6[4-9]|[7-8][0-9]|9[0-5])\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))$ dcip
SetEnvIf Remote_Addr ^103\.4\.([8-9]|1[0-5])\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))$ dcip
SetEnvIf Remote_Addr ^176\.34\.([0-9]|[1-5][0-9]|6[0-3])\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))$ dcip
SetEnvIf Remote_Addr ^54\.(2(4[8-9]))\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))$ dcip
SetEnvIf Remote_Addr ^54\.250\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))$ dcip
SetEnvIf Remote_Addr ^54\.238\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))$ dcip
SetEnvIf Remote_Addr ^54\.199\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))$ dcip
SetEnvIf Remote_Addr ^54\.178\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))$ dcip
SetEnvIf Remote_Addr ^54\.95\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))$ dcip
SetEnvIf Remote_Addr ^177\.71\.(1(2[8-9]|[3-9][0-9])|2([0-4][0-9]|5[0-5]))\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))$ dcip
SetEnvIf Remote_Addr ^54\.232\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))$ dcip
SetEnvIf Remote_Addr ^54\.233\.([0-9]|[1-5][0-9]|6[0-3])\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))$ dcip
SetEnvIf Remote_Addr ^54\.207\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))$ dcip
SetEnvIf Remote_Addr ^96\.127\.([0-9]|[1-5][0-9]|6[0-3])\.([0-9]|[1-9][0-9]|1([0-9][0-9])|2([0-4][0-9]|5[0-5]))$ dcip

Yikes, got hit again today.

Anyone getting click bombed too today March 31?

Things look normal here, knock on wood.

My final takeaway from all this is that I need to take my earnings reports out of Google Analytics, and not the AdSense interface. There was about a $700 difference between my AdSense and my Analytics numbers for March (mostly due to a couple click explosion days that didn't get removed until the end of the month - and never showed up in Analytics) And once the numbers for March were finalized, the Analytics number was within three bucks of the actual finalized number.

So from now on, that's where I'm going for my reports.

When I look at the sites report, it shows my site with www. and my site without the www. What is that? It seems that the amount being deducted each month is equal to the amount listed for the non-www. site. The amount in analytics matches the amount for the www. site. So the clicks on the non-www. site seem to be phantom clicks?

Hi ember, I fear I am in the same boat with you. And since all my earnings for one site are reported without www. it seems the entire amount has been deducted and I have not earned anything for that site.

This is even though I had added the domain both with and without the www. to my authorized site list and owned site list.

This is a major loss. Have others experienced a similar issue?

First of all - redirect your site from one to the other. For SEO purposes. Or just to satisfy my OCD. But it can be a huge duplicate content issue if you don't.

Second of all - if you experienced invalid click activity on one of those versions of your site but not the other, you won't get paid for those clicks. But on the other hand, it might be easier to find them in your analytics or logfiles, and block the source of the traffic.

ok, thanks netmeg. Adding the redirect to my .htaccess file has caused my server's host to go down for 8 hours today. Just not my day.

Right now my site is redirected from www.example.com to example.com. I wanted it to be the other way around but for some reason it is not possible without crashing everything.

I just hope that the possibility ember raised, of not getting paid for non www clicks, does not turn out to be true because that would be a disaster of epic proportions come the end of April.

You should have your finalized numbers by now - that's what you will be paid.

YEs, I got the finalized numbers, and when my estimated earnings minus the finalized earnings = what I earned from that non www site I started to worry.

but that particular site should be much more active this month, which is why I am panicking about the earnings at the end of April.