Fall Sale! Code FALL2024 takes 25% OFF our Pro Plugins & Books »
Web Dev + WordPress + Security

Protect Your Site Against UserCash and Other Scumbags

In this brief article I explain the atrocity that is UserCash and then provide the JavaScript needed to protect your site.

What is UserCash?

UserCash is an online advertising program that uses redirects and frames to exploit your site with advertisements. UserCash customers link to target sites using rewritten URL’s generated via the UserCash “generator/compiler.” There are two types of these rewritten UserCash links:

  • Links that use frames to create banner-like ads above your pages
  • Links that use frames to deploy landing-page ads before your pages

As of now, all UserCash links assume the following generalized format:

http://1z2l3e4gt6y44k7wqld9.usercash.com

UserCash then pays 70 cents (or less) for every 9999 top-frame clicks or 70 cents for every 3999 landing-page clicks. Let’s just pause for a moment to contemplate the implications of this idiocy:

  • UserCash is paying people to exploit sites that may not belong to them.
  • UserCash advertisements are low-quality, unwanted cheap spam junk ads.
  • UserCash pays 70 cents for 9999 ads, or, 70 bucks for a million ads.
  • UserCash is littering the Web with their cheap garbage advertisements.
  • UserCash will pay people to put garbage ads on any site — even yours.
  • Even Google is susceptible to this type of advertising (see screenshot).

I find it remarkably sad that there are people who are eager to force scummy spam ads upon others just to make a quick buck. It is also utterly pathetic that people are willing to sell out their own sites with such a blatantly cheap advertising stunt. Nonetheless, rather than continuing with this rant, let’s focus on a way to protect our sites against UserCash and any other site that tries to frame our pages..

Protect your site against UserCash and other framing scumbags

Fortunately, preventing scumbags such as UserCash from placing ads on your site is relatively easy. Simply link to or place the following JavaScript in the <head> of your web pages:

<script type="text/javascript">
<!--//--><![CDATA[//><!--

// break out of frames @ https://perishablepress.com/press/2007/12/03/protect-your-site-against-usercash-and-other-scumbags/

if (top.location != self.location)
top.location = self.location;

//--><!]]>
</script>

With this code in place, your pages will automatically “break out” of any enclosing frames. Of course, this method requires that JavaScript be enabled on the visitor’s browser, which happens to be the case for a large majority. When JavaScript is available, this code is highly effective at breaking your pages out of frames. This trick was taken from my article, HTML Frames Notes Plus.

About the Author
Jeff Starr = Web Developer. Security Specialist. WordPress Buff.
Digging Into WordPress: Take your WordPress skills to the next level.

27 responses to “Protect Your Site Against UserCash and Other Scumbags”

  1. Ahhh, the irony of it all.. ;)

  2. This is really useful, thank you very much!!

    Some time ago I visited a blog, but in every post/page/link I tried to see, I was redirected to the usercash link, and my McAfee Site Advisor kept on popping up a warning all the time.

    Then I contacted the blog’s administrator and asked him why his blog was being redirected to usercash… I thought it could be a trojan infection on my pc, I got that terrible sticky Vundo/Virtumonde a few weeks ago.

    But he replied to me saying he was an usercash partner and he was earning money from the links…

    It totally turns the navigation a mess!! I really hate this stupid usercash.


    Your little light switch is very cool!! :D

  3. Yes, indeed, Lucy — I completely agree with you. It’s too bad there are so many mindless money whores ruining life for everyone else just to stuff their pocket holes. I could seriously rant on this topic for days, but I think you get where I am coming from.. ;)

    also, glad you like the light switch! :)

  4. HAHA
    http://8469840413425.usercash.com

  5. Nice try, scumbag! ;)

  6. Very nice tip Jeff.
    Are you implementing it through .htaccess now? I couldn’t find it in the source code…
    But I did find that warning about a Blackhole, and now I *really* want to go there!!! :-D

  7. Jeff Starr 2008/11/30 2:35 pm

    @Tony: I have this technique implemented through an external JavaScript file. I had disabled it for awhile due to usability issues with Google Reader and a certain Greasemonkey script, but thanks to morons like Bob (comment #16), I had no choice but to restore its functionality. And of course, you don’t want to follow that blackhole link!! ;)

  8. dennyhalim.com 2009/01/08 5:56 am

    you can also put base target="_top" within the head section and it always works. even with js disabled.

  9. Hi Denny, thanks for sharing that tip with us. It may just the trick I am looking for to workaround the JavaScript method interfering with certain Google-reader/Greasemonkey scripts. Looking forward to trying it out — thanks!

  10. I’m working on a forum and I came across the usercash site and I, honestly, didn’t understand the exact setup on how it works. The site itself is kind of vague, at least to my understanding. So I searched usercash.com on Google and your post came up. I’m very glad I I read it! Thank you for preventing a lot of trouble!

    Sam

  11. @Sam B: My pleasure — glad to be of service! :)

  12. Jawns Lover 2009/04/25 11:23 pm

    Well just because someone CAN try to use usercash on your doesn’t mean the whole concept is trashy. Irony is this is what usercash framed links use to ensure that none of the links is framed themselves.. and something I was looking to use so I can try & script my own usercash-like thing-a-majiggie

Comments are closed for this post. Something to add? Let me know.
Welcome
Perishable Press is operated by Jeff Starr, a professional web developer and book author with two decades of experience. Here you will find posts about web development, WordPress, security, and more »
BBQ Pro: The fastest firewall to protect your WordPress.
Thoughts
I disabled AI in Google search results. It was making me lazy.
Went out walking today and soaked up some sunshine. It felt good.
I have an original box/packaging for 2010 iMac if anyone wants it free let me know.
Always ask AI to cite its sources. Also: “The Web” is not a valid answer.
All free plugins updated and ready for WP 6.6 dropping next week. Pro plugin updates in the works also complete :)
99% of video thumbnail/previews are pure cringe. Goofy faces = Clickbait.
RIP ICQ
Newsletter
Get news, updates, deals & tips via email.
Email kept private. Easy unsubscribe anytime.