Skip to main content
All CollectionsPHP and Javascript Node ExamplesPHP Nodes
Protecting your lander from direct traffic
Protecting your lander from direct traffic

Using the FunnelFlux PHP Node to create a custom token and validate it on your lander header.

Zeno avatar
Written by Zeno
Updated over a week ago

FunnelFlux uses Action Link URLs to track user's activities. These are URLs belonging to FunnelFlux and produce our so-called redirect-based tracking.

To prevent users from directly accessing your lander or skipping the intended flow, you will need a PHP Node early in your funnel flow to create a token. This will then help your lander validate the traffic and ensure that the user came from your entrance link or FunnelFlux redirect link, not directly to the lander.

Step 1: Add a PHP node

Here is the code that you can use in that PHP node:


require_once 'PHPNodeHelpers.php';

// Password is required to protect your token.
$token_password = '[[token-password]]';
$token_password = empty($token_password) ? '1234' : $token_password;

// How long does your token to be valid; default is 24 hours.
$token_hours = '[[token-hours]]';

// Prevent the token from being used in a different funnel.
$funnel_id = '{funnel-id}';

$token_hours = empty($token_hours) ? 24 : $token_hours;
$set_time = strtotime("+$token_hours hours");

// Create token
$encrypted_token = openssl_encrypt(
        $set_time . '***' . $funnel_id,

// Append the token as an accumulated parameter
$accu = PHPNodeHelpers::loadAccumulatedParams();
        'token' => $encrypted_token


Note that the above code is intended to protect this lander only within this funnel -- so if traffic comes to the lander via a different funnel (or someone tries to change the funnel ID in URLs), the lander will not load.

By default, the token created is set to expire in 24 hours. 

You can change the token expiry by adding a custom token called token-hours in your funnel's Advanced Settings > custom tokens area:


To set your token password, add a custom token called token-password in that same custom tokens area. By default, the password is set to 1234 in the earlier code.


You can find the custom tokens area here:

Enable accumulated URL Params

Next, enable the accumulated URL parameters option on the lander that you want to protect, to allow the PHP Node to pass the generated token.

Simply double click the lander node in the funnel > toggle to enable.

Update your lander's code

Make sure that your lander supports PHP code. Here is the code that you will place in your lander header section before the <!DOCTYPE html> part:

$token_password = '1234';
$funnel_id = '##REPLACE##';

$token = NULL;
if ( !empty($_GET['token']) ) {
$decrypted_token = openssl_decrypt(

if (!empty($decrypted_token)) {
$token = explode("***", $decrypted_token);

if (
|| empty($token[1])
|| $token[1] != $funnel_id
|| $token[0] < time()
) {
echo 'Invalid Token';

Update this section of the code and replace the ##REPLACE## text with correct Funnel ID to match the funnel you're using, and your password that you have set in your funnel's Advance Settings.

$token_password = '1234';
$funnel_id = '##REPLACE##';

This is all you need to protect your lander from direct access. Make sure to use the FunnelFlux redirect link to use this feature. 

P.S. this code is designed to protect the lander within a specific funnel. If you would like to use this approach in multiple funnels, you can use the same password and just remove the funnel ID component used in the lander code, like so:

$funnel_id = '##REPLACE##';
|| $token[1] != $funnel_id

Did this answer your question?