From Google's Fact & Fiction (http://www.google.com/webmasters/facts.html) page:

Fact: There is almost nothing a competitor can do to harm your ranking or have your site removed from our index.

The Nigitrude Ultramarine SEO contest that SearchGuild promoted, proved in public, beyond any doubt, that anyone can harm your site in google, if they know how. In fact there are several ways (not just one) to accomplish this.

Just because something is written on a google page does NOT make it a fact.
I am sure that another public demonstration of this google “glitch”could be arranged, if people really wanted to see it. But to be honest, the fewer people that know how this is acomplished the better.

If google were to admit that their algo is flawed and just about any page can be hijacked or removed from their index by ANYONE, that knows how, I think would the end of google as the dominate SE, so they keep their mouth shut and keep hoping that they can fix these problems before they do become common knowledge...

lots0: Please post the link and message number that shows "beyond any doubt, that anyone can harm your site in google" as far as inbound links is concerned.

My statement was concerning your comment that "Some links are more valuable in a ranking sense than others, some can even hurt your ranking in google." Not about hyjacking pages.

Bob, sites are being hurt with redirect hijacking.

Come on, Google. Fix it!! (http://forums.searchenginewatch.com/showthread.php?t=2979)

Marcia: I may of missed the topic but weren't we discussing links and Googles action. My statement and I think Dave's was also (and so was Dave's quote from Googles page), that no inbound links can harm you as far as penalties from Google. Though this may not have been directly stated that was the context of the discuss. At least that is what I though we were discussing : )

The statement "Some links are more valuable in a ranking sense than others, some can even hurt your ranking in google" was took to me to mean you will get your rankings "hurt" by an action from Google. I even noted that I was not discussing the hijacking pages of which I am aware will hurt your Rankings : )

Chris_D: "Yes - I believe that RECIPROCAL links to a 'bad neighbourhood' - WILL harm your rankings. i.e. you link to them and they link to you. i.e. the linking strategy is under the webmaster's control as it is reciprocal - and it is the OUTBOUND link from your site to the bad neighbourhood which causes the problem." Of course it will. I don't think any one will disagee that doing a link with a banned site can't cause you problems.

It was not reciprocal links that was being discussed. It was links that you have no control over, inbound links.

I hope the mods don't mind...
here is the URL to the nigritude ultramarine contest thread,
http://www.searchguild.com/tpage10157-0.html

bob your going to have to review the entire thread, there is not just "one" post that proves of disproves, it is a series of posts. And in an effort to protect the innocent from the bad guys most of the details on how it was done have been edited.

If you don't believe me, PM a URL you own and you alone controll (I will verify that you own it) and I will make that URL disapear from the google index right before your eyes...

The statement "Some links are more valuable in a ranking sense than others, some can even hurt your ranking in google" was took to me to mean you will get your rankings "hurt" by an action from Google. Well thats not what I meant.
But if I were to be technically accurate and a little anal.... It can be a link from another page that “hijacks” your page.

lots0: Ya I misunderstood the meaning of your posted then and you misunderstand the meaning of mine. I have read about the hijacking of pages and don't doubt that at all. There is no doubt about it when you get a page hijacked it will hurt your ranking : )

Ya I misunderstood the meaning of your posted then and you misunderstand the meaning of my.
No problem, bob :-), I hope we are both on the same page now. :)

Lots0: Ya we are on the same page. Now long as that page doesn't get hijacked we will be ok : )

bobmuch OK, just so I understand, you DON'T want me to hijack the URL you just PM'ed me?

cuz its all set up and waiting for googlebot to show up...


*************
<added>
bob I got your PM, I have pulled everything back.

bobmuch OK, just so I understand, you DON'T want me to hijack the URL you just PM'ed me?

cuz its all set up and waiting for googlebot to show up...


*************
<added>
bob I got your PM, I have pulled everything back.

This made me laugh.

To those thinking of becoming SEW Forum members, don't let lots0 scare you. They are just pretend fighting. Our members get along like two peas in a pod. :)

Originally Posted by lots0
bobmuch OK, just so I understand, you DON'T want me to hijack the URL you just PM'ed me?

cuz its all set up and waiting for googlebot to show up...


*************
<added>
bob I got your PM, I have pulled everything back.
Bummer!

I was sitting on the edge of my chair in anticipation with my fists and teeth tightly clenched. It was getting as exciting as waiting to watch a rocket get launched!

Marcia: We are still going to do it. Just not my most important page on the site : ) Its just a PR3 page that I replace with a differnet page. Also Lots0 cost $1025US a hour so he will be taking donations via PayPal to do this.

We will let you know when it is done and will post the link.

After we have posted proof we will all call on Google, Mr Cutts and our faviour visitor GoogleGuy to come to the rescue and fix it.

Rustybrick,
My writing style my be a little aggressive, but bob and I were not fighting, in fact we were collaborating on a little project to demonstrate to bob the page hijacking process. Sorry if the posts seemed a little curt, but you should have been able to tell from the posts that there was also a conversation going on in PM. :-)

Bob changed his mind about the page to be used is all.

Scaring people is not my style, correcting false statements is.

Marcia,
Sorry for the disappointment, but hold your horses, we may still do it.
Judging from the PM’s I have received, there seems to be quite a bit of interest in this.

bobmuch,
if you still want to do this, pick a URL and PM again, but remember what I told you, the page will be gone and most likely the page will never recover in google. It also needs to be a page that ranks for any keyword or key phrase (non-competitive keyword is best for this test), so we can track/monitor the hijacking process.

If I am going to do this in public I want to gain some knowledge from it. I only have so many untraceable throwaway domains...

*************

Also Lots0 cost $1025US a hour so he will be taking donations via PayPal to do this. bob is joking about the donations.
No donations needed or wanted.

Lots0: Ok I have just pm you the page. I will not reveal the page for now but it has PR and is in the first page SERPs for a key phrase that gets over 1mil results on Google.

Ok bob I'll set it up first thing in the morning, I don't have the time right now.

It would have been best not to let anyone besides just us know the URL till after the hijack happened, just to avoid unwanted interference. But its a little late for that now, so I guess we can just muddle ahead and hope no one messes around with it.

?Rustybrick,
My writing style my be a little aggressive, but bob and I were not fighting, in fact we were collaborating on a little project to demonstrate to bob the page hijacking process. Sorry if the posts seemed a little curt, but you should have been able to tell from the posts that there was also a conversation going on in PM. :-)

I know you were not fighting, I was just trying to lighten up the thread.

Per requests, I've now split this thread off from Google Say Not Reporting All Backlinks (http://forums.searchenginewatch.com/showthread.php?t=2423).

Ok, it is all done.
We are now just waiting for googlebot to show up and index the hijacked page. With luck we should be able to post some results in 72 hours or less.

SIDE NOTE:
This is an experiment, intened to demonstrate, in public, a "glitch" in googles programing, No one is making any money on this (at least I am not) and all parties involved (except google) have agreed to this.

I will not hijack any page, for anyone, for any reason, or for any sum of money less than 1.5 Million USD... So quit PM'ing me, unless you have 1.5 Million USD you want to give me...

Besides, if you keep up with this thread, I will spell out the steps involved for everyone to read and everyone will be able to employ page hijacking themselves, if they wish, after this experiment has concluded.

I am doing this in an effort to get google to correct this problem of theirs. I figure that if everyone knows how to do this (even the bad guys) google will be forced to fix it.

lots0: "Besides, if you keep up with this thread, I will spell out the steps involved for everyone to read and everyone will be able to employ page hijacking themselves, if they wish, after this experiment has concluded."

Slow down cowboy. You don't want to spell it out to everyone. Lets make it happen and give GoogleGuy a change to drop in and give us the unofficial Google responce. Yahoo is rolling out a fix, Google can let us know what they are doing. At least give GoogleGuy a change to respond before you expose it.

Hey guys listen, if you want to play that's fine; it's one thing. But thinking about "challenging" anyone or trying to hold any company over a barrel is something else entirely, and I'd say it's really pushing the envelope.

Whether *any* member chooses to participate in any discussion or not is strictly up to them, it's their personal choice. And the fact that GoogleGuy will be treated with the same level of respect and courtesy that any other member in good standing can and should expect around here is very clear. No special targets, no exceptions.

Bob, I think you are going a bit over on this, It doesnt sound good at all, Especially challenging a very big company's algorithm by testing something against them is not good, They know what is your site play safe,

Also remember Googleguy is not just a monthly paid part time employee in Google, He is in one of the top positions in google(dont ask me who he is) dont expect him to answer your silly questions, He is here to answer only standard issues regarding google, Asking Google to fix something in their algorthim is like literally threatening them:) ,

powerofeyes: Well I don't think this issue fits in the "silly question" category. Personally I am not for exposing how it is done, I don't know how to do it, but I am interested to see it done. Personally I don't think asking them to fix some thing is threatening them.

Marcia: I don't think there was any disrespect in my orginal post, and if there was it surely was not meant to be. But I can see that the goodguy badguy 'fun' could be taken in a wrong way.

Bob, certainly not you or anyone in particular - this is getting altogether a little too over -aggressive and it's time for it all to calm down and get back on topic or just put the thread on hold until the results are in.

Personally I don't think asking them to fix some thing is threatening them.
Asking them to fix things that could be a glitch on their end is very simple if it's done the way they've laid out. Been there, done that myself last year about a silly glitch - easy-peasy.

Email to search-quality [at] google.com very clearly describing what it seems their problem may be and real live human beings at the other end take care of it.

lots0
Besides, if you keep up with this thread, I will spell out the steps involved for everyone to read and everyone will be able to employ page hijacking themselves, if they wish, after this experiment has concluded.

I am doing this in an effort to get google to correct this problem of theirs. I figure that if everyone knows how to do this (even the bad guys) google will be forced to fix it.

As a matter of fact, this very thing has already been specifically responded to with the precise instructions on what to do in this case:

http://forums.searchenginewatch.com/showthread.php?t=2979

GoogleGuy
If people want to send specifics (i.e. "site A appears to have duplicate pages from, or is doing a 301/302/whatever to site B, and Google is wrongly picking site A as canonical", with actual values for A and B), I'd be happy to hear them. Drop an email to webmaster [at] google.com with the keyword "canonicalpage" (all as one word) and I'll ask someone to collect the feedback and pass it on to an engineer. Being extra clear will help us with any feedback you send, e.g. "The correct site is somedomain.com, but if you do the query bla, you'll see that such-and-such.com shows up instead."

Marcia: I really don't see where the thread is gone off topic. The last time I checked the title was "Test Hijacking A Google Listing" so I don't see what the issue is. [I read that thread already.]

lots0 is going to hijack a page and I asked for comments from GoogleGuy where Google is at as far as fixing the problem. With all due respect I don't see how that is over aggressive, uncalm, over the barrow, challenging, special targeting, unrespectful or discourtesy.

lots0 is going to hijack a page and I asked for comments from GoogleGuy were Google is at as far as fixing the problem.
Bob, click on the link in the previous post and read GoogleGuy's comments about the problem.

This is one of the only times i'd advocate music on a website for atmosphere.

I vote the James Bond Theme:

or possiblly

The Benny Hill Theme Tune

:eek: :)

How do i hijack a page? Whose gonna teach me?

How do i hijack a page? Whose gonna teach me?
Nobody will be, here.

Of course, lots0 may be willing to give private lessons for $1,750USD per hour, but the place for offering or seeking services is over in those two forums in the Members Lounge. :D

If i join the members lounge do i get Free Hijacking lessons?

ROTFLMAO reggy - that's pretty funny mate heh...

How do i hijack a page? Whose gonna teach me?

Hopefully noone.

I really hope people understand the risks involved if you do experiments like this. Don't fight with the big guys unless you are very, very strong - and even then, be ready to loose. I trust lots0 knows what he is doing.

Ever heard of bad karma? In SEO bad karma is very real indeed :)

Not meaning to be too serious here, but it's probably worth stressing that the point of this thread isn't to teach how hijacking a page through redirects is a good thing for site owners to do. Instead, there are a lot of search marketers of all hat colors concerned that this appears to be a problem with Google. As Marcia's pointed out, GoogleGuy says that while he hears of reports of this as a big problem, no one gives him examples. So what this thread hopefully will do is provide a public example that harms no one and demonstrates for all whether there's indeed a problem that needs to be fixed or not.

As Marcia's pointed out, GoogleGuy says that while he hears of reports of this as a big problem, no one gives him examples.

I am not sure I am buying that :)
GogleGuy and the rest of the brilliant Google team of engineers should have no problem finding examples. Honestly, I would be very surprised if they have not seen this. Unless, that is, they they decided on this new strategy ...
http://www.aspencountry.com/aspen/assets/product_images/product_lib/31000-31999/31655.jpg

:D

ROTFLMFAO Mikkel! tooooo funny :cool:


You must spread some Reputation around before giving it to Mikkel deMib Svendsen again

I am not sure I am buying that :)
GogleGuy and the rest of the brilliant Google team of engineers should have no problem finding examples. Honestly, I would be very surprised if they have not seen this. Unless, that is, they they decided on this new strategy ...
:D

Well said, a picture tells it all.

I trust lots0 knows what he is doing.
What's scary is.... I don't have a clue. :eek:

Slow down cowboy... I am an old hippy, we always go slowwww. ;)

I am not sure I am buying that GogleGuy and the rest of the brilliant Google team of engineers should have no problem finding examples. Honestly, I would be very surprised if they have not seen this.Me too.

But, I can see where people, outside google, that knew of this problem might be a little hesitant to speak up. In the past google has, at times, been a little heavy handed in the way they "handle" things. You know one way for google to "handle" this problem would be to just ban or penalize all the domains involved... Mind you, I am not saying that is what google has done or will do, I am just saying it is a possibility.

As far as posting step by step instructions here;
This is an experiment , with no guarantee of success.
If this experiment is successful, then I believe that it is in everyone’s interest to see that the problem is corrected. If google is not getting examples of this glitch now, maybe publicly publishing step by step "how to" instructions will give their engineers some examples to study.

Thanks for quoting my earlier response asking for specific examples. Mikkel said "GogleGuy and the rest of the brilliant Google team of engineers should have no problem finding examples." But I just checked our user support queue for the keyword "canonicalpage" (which is the way I asked people to report problems to us in the other thread).

Total number of reports so far: none. I've offered to take feedback directly to the engineers who would check this out, but I need examples to take to them. I appreciate that bobmutch's sentiment of "After we have posted proof we will all call on Google, Mr Cutts and our faviour visitor GoogleGuy to come to the rescue and fix it" is exciting, but I've got my ears peeled for examples already. DaveN, you said you've seen 22 examples. Send a few to me--please! I've provided an anonymous, easy way to send feedback to Google, and I'm keeping an eye open. So far, no one has written in yet. :confused: I'm in a meeting right now and just argued that paying attention to this is important; please send me reports to work with.

GoogleGuy

GoogleGuy, I think you should look beyond what user submit to you :)

Not that many people knows about how this work, yet, and the ones that do might not have the best experience with reporting issues directly to Google. Most of the good folks I know of don't like to report other peoples websites - in general and many work in very competitive industries and don't want to call any special attention to what they do - so they won't use their own sites as examples.

So, I don't think you should expect to get to the bottom of this unless Google's engineers investigate this further on their own. The issue is just to sensitive to most of the SEOs you want help from to even tuch it.

This thread, however, might turn out helpfull and serve as a public example - if it works. Only time will tell... The only problem I see is, that if this experiment works it will also document to every webmaster that comes here and see it how it's done. Most of the folks I know that has been playing around with this know the limit and has not abused it (not much, at least :p ) but I m afraid that the general population of average webmasters won't behave the same way. So, this could eventually also turn out as a "hijackers cookbook" which I do not think many of us would like. I really do hope that Google engineers will be fast to close the loop before too much damage is done ...

I've provided an anonymous, easy way to send feedback to Google, and I'm keeping an eye open.
I have several examples, I could send.....

Googleguy, If someone were to send you some examples, would you be willing to guarantee that the domains in question will not be penalized or banned, as long as the examples show only inadvertent (non-deliberate) hijacks?

I wouldnt go there with anyone elses sites but your own lots0....

GoogleGuy,

Let me be blunt: You have what 50 phd's on staff and you cant spot some 302 naughtiness going on in your own results?

Come on mate, give us a break, we're not really that stupid.

apart from these recent threads there is an 8mile long one over at wmw that's been going for quite some time...

Nick

I wouldnt go there with anyone elses sites but your own lots0....I would never ever expose a client or a friend to that kind of risk and it is a risk...

I am sure that if googleguy is willing to give a guarantee, like the one I asked about in this thread, the google engineers will have more than enough examples to study.

lots0, I don't think your suggested guarantee from Google is realistic. They cannot guarantee you that a certain domain will never be penalized - if if it does, they most likely won't like to tell you why. So, the domain could be penalized but for something else and you would never be able to know for sure.

Anyway, thats just my personal feeling :)

My apologies lots0 I should have known :)

They cannot guarantee you that a certain domain will never be penalized - if if it does, they most likely won't like to tell you why. So, the domain could be penalized but for something else and you would never be able to know for sure.
would be pretty darn cool to own a domain that had a 100% sure guaranteed amnesty from the major search engines.

image the stuff you could do with a domain that would never be penalized no matter what.

Lots0: "If google is not getting examples of this glitch now, maybe publicly publishing step by step "how to" instructions will give their engineers some examples to study." I don't think statements like this are not warrented and to me their look to much like a threat. You may want to, how ever provide GoogleGuy a step by step howto for their engineers to study and provide them with the URL so they can monitor it happening. We have their attention and we have an example coming so lets all keep calm and upset them : )

Everyone: The purpose of this thread is not really to prove that it can be done as a number of high profile SEO exports have gone on record saying it is happening and even Yahoo has openly acknowledged it happnes. We believe them. This thread purpose is more to perhaps serve as a catalyst to bring attention to the problem and perhap provide an example to Google staff that they can look at.

Hey guys, I've DONE some testing, see http://www.webmasterworld.com/forum3/25638.htm starting around post #232. It's documented about as well as it can be under WMW rules. And my resources for testing were somewhat limited, but it looks to me as if Google is making some progress on these hijacks.

GoogleGuy welcomed the data I provided and the volunteers/victims benefited from their reports within a day or two.

Do some additional testing by all means! But IMHO, it's simply unreasonable to demand Google fix what may be a subtle programming problem without providing examples of the problem. Many of us have "forgotten" an anchor character in a regex while scripting at one time or another and spent hours tracking down how "that *&$#* result!" appeared in our data... I'm told it happens in "the BEST of families." ;)

To be fair, it's also unreasonable for Google to ask for examples from people who may be hurt in some way for giving them. It's kind of like asking a hacker to describe a security hole and give examples, all the while knowing that said hacker would be in big trouble if they are caught and therefore have a vested interest in keeping their mouths shut.

It's even worse if it was an accident and you still get punished.

The only way Google is realistically going to get these examples is by either someone "outing" someone they don't like but have a lot of information on, or by public demonstrations such as this one.

M$, a company that knows a lot about security issues (albeit mostly self-inflicted) has said several times that sometimes it's safer to NOT disclose a security breach - at least until a fix/patch has been made. Otherwise, the information goes from a small group of talented individuals who typically are fairly focused on what they are doing and gets transmitted to every script kiddy on the planet, who think nothing of random destruction just for the hell of it. It's a balancing act. A small amount of ongoing security issues vs a huge epidemic.

Of course, the BEST answer would be to not have the darn glitch in the first place!

I would ask the participants to avoid giving out enough info to arm the SEO equivilent of script kiddies and lamerz while at the same time demonstrating this issue well enough that disclosure is made.

Please use caution and common sense, and encourage others in the know to do the same. If you don't believe in "ethics" then at least consider using the same set of rules professional hackers use - ie don't feed script kiddies, and don't hand children loaded guns.

Ian

I don't think that is unreasonable to ask for a guarantee that the domains will not be banned or penalized because of THIS issue. I understand that other issues may still cause a ban or penalty and I never asked for a domain to NEVER be penalized/banned (would be nice though), I would just like to see some type of assurance on this issue.

Dave, I followed that entire thread at wmw. I think most anyone with a bit of web savvy could figure out the process of redirect 301\302 or meta refresh hijacks from reading that thread. Makes me kind of wonder why everyone is making such a big deal about posting step by step instructions.

Hey guys, I've DONE some testing,.......It's documented about as well as it can be under WMW rules

Thanks for that, Dave

It is hard evidence that Google were aware of this months ago.

This sort of thing has been discussed in the forums for a while now.

Sure the exact technique wasn't discussed, but enough information was given for me and my mates to work it out and we don't even have one PHD to our name, let alone 50.

When the poachers start telling the gamekeeper how to spot their traps, its time to sack the gamekeeper.

Googleguy, If someone were to send you some examples, would you be willing to guarantee that the domains in question will not be penalized or banned, as long as the examples show only inadvertent (non-deliberate) hijacks?

Sure, I'll promise that no spam-related action will be taken based on the reports. If months later, the domain comes up for review for an unrelated reason, then that's a different matter, but I'll instruct whoever collects the feedback to only use it to check out how we pick canonical pages.

Wow - I AM impressed. And stated publicly even <applause>

Thanks GG! You've been really helpful :)

Ian

GG - you truly are a gentleman!

No excuses now guys.

:)

Hat tip from Nick

Please use caution and common sense, and encourage others in the know to do the same. If you don't believe in "ethics" then at least consider using the same set of rules professional hackers use - ie don't feed script kiddies, and don't hand children loaded guns. Totally agree! It's a real shame that certain types in this Thread have no common sense and would likely believe that, handing a loaded gun to a kid is ok if the kid knew where the gun was anyway.

Dave, I followed that entire thread at wmw. I think most anyone with a bit of web savvy could figure out the process of redirect 301\302 or meta refresh hijacks from reading that thread. Makes me kind of wonder why everyone is making such a big deal about posting step by step instructions.
I don't have any problem with these type of instructions being posted. Dave, if you want to go into depth, feel free.

Here's the point. I've talked with Google on this subject and have been told they don't see it as a big problem, if much of one at all. If that's indeed the case, then posting the instructions do nothing. Put them up, so everyone has a clear idea of what the concern is, but we're all safe in the knowledge that in reality, Google says this isn't a problem. There is no loaded gun to worry about.

If it IS a problem, then posting the instructions still doesn't hurt anyone but the people who would ultimately misuse them. That's because if the technique works as described, then Google will have to come up with a solution to it in short order.

FYI, my understanding of the way it operates is that if you redirect a URL that you control to point at someone else's URL -- and if your URL is of a higher PR value than the URL you point at, then you can trick Google into thinking YOU have the original URL.

So say we have this situation:

Page A ranks tops for "cars" and has a PR value of 6

Page B is someone who copies Page A and gets indexed, so they appear as a mirror of that page. Google sees this but sticks with Page A because that page has a higher PR value than Page B.

Now Page B gains PR score of 7 somehow. They then redirect to Page A. Google sees this and decides that Page B must be the best URL to show. So the top listing gets replaced with Page Bs address.

Now, what good is this to Page B? After all, it's still pointing over to Page A. Well, the redirect stops, so that the traffic for this "cars" listing can be pointed elsewhere. And eventually, if Page B's content is different than Page A, Page A should pop back up. That's also why this doesn't appear to be a major problem for many people -- it seems to be a short term thing that's going to work more in cases of pages with low page rank values. Amazon is unlikely to get hijacked.

That's my understanding without digging through the notes I have from talking with Google and others about this. It's been in the works for me to do my own article on it. Others can feel free to dive in and correct me or enhance as appropriate.

And I'll say it again -- the point of the thread or posting steps is not to help people hijack pages but to determine if this really is a problem people need to worry about.

If so, then it will undoubtedly get corrected once we get some real examples of it out in the public. And the fact that GoogleGuy is going to help encourage people to at least provide more private examples is to be applauded. I for one would like to see the situation solved finally one way or another, rather than the months -- literally months -- people have been discussing it.

I've talked with Google on this subject and have been told they don't see it as a big problem, if much of one at all.

Easy for them to say. They are not running a directory and getting hysterical emails from website owners threatening legal action, DMCA stuff and calling you a crook.

Now I'm just trying to run a little hobby web directory but I'm getting lumped in with people who really do intend to hijack other people's sites. It is not a comfortable position to be in.

I've read through, what was once a 29+ page thread at WmW a few weeks ago and it seems to me that straight answers are darn hard to come by. In the meantime the months go by and we take the heat.

If Page B's content is different than Page A, Page A should pop back up ....


pffft ... you got to love a cloaked redirect thou don't you.

DaveN

Sorry, DaveN I have to spread my reps around before I give you more - but you certainly deserve my vote for the above post. We are definately getting closer to the full and true picture of this ... :)

Sure, I'll promise that no spam-related action will be taken based on the reports.

Atleast you people are genuine GoogleGuy, We took a site which was dropped from Yahoo index due to redirect issue from couple of our backlinks, For somedays our site was replaced with some site URL and then completely dropped out of yahoo index, This site is pretty clean and didnt have any unethical tactics used,

We mailed yahoo asking to include us back, i got the reply saying "our site was removed from their index since it didnt confront to their quality guidelines"

That was disaster, The site was one of the best in its industry and was pretty clean, The reply from yahoo Lady was really a stunning reply, She referred us to this page,

http://help.yahoo.com/help/us/ysearch/deletions/deletions-05.html

From that day we never send any complaints to search engines, A manual review for any site in search engine people's mind seem to be spam, It is like an Indian Traffic policeman, If you are caught in traffic( without violating any rules) No matter you have everything like RC book, Licence etc you have to bribe him, He will find something wrong in you or your vehicle, It is pretty sick :mad:

I do have quite a lot of examples that we have researched regarding this redirect issue, Unfortunately I cannot send you any reports since i dont want any of those sites to be subject to a manual review,

And Googleguy you are doing a great job, We webmasters are very much impressed by finding some answers from the Big G itself,

<thinks better of posting the snippet of code to do it even though there's more than enough information here and on WmW for practically anyone (including Google) to work out what people are on about.>

If the method is as described previously and in the WmW thread (can't be bothered to try it and re-invent the wheel myself) then the following points / questions would apply:

1. Surely it would only hijack a page. i.e. it would work on a page level so the PR of each page matters. i.e. I presume that it would be hard to hijack anything but the home page. Subsequently it's only a big effect for domains with a low pagerank.
2. It would appear to be little different to cloaking somebody's entire site. i.e. it's just another variation on an age old situation. Except with regular cloaking it would be easier to take over other pages.
3. The do-badder is always going to be the highest PR page with that particular set of content indexed. i.e the words: thumb, sore, out and stick come to mind when it gets reported.
4. Whilst it may be interesting in effect, in practice the opportunity cost is just silly as any kind of tactic.
5. If we can work it out from reading the thread then why on earth would Googleguy/Google want examples? Surely they could trot off and make their own if they really wanted them. Personally in terms of implementation I wouldn't have thought this was a programming problem (read as "bug" :) ) rather than a logical problem (read as "design").

Danny, as you admit you are not positive how this all works etc, why are you not concerned with details being posted? Shouldn't it be a case of, I don't want any details to this posted until I have a clear understanding of the effect it could have? After all, if there is slim chance that some poor mom & pop site could loose all income, do you really want to be known to have encouraged it?

>If we can work it out from reading the thread then why on earth would Googleguy/Google want examples?

My suspicion is there are (were?) multiple causes for these hijacks. I believe Google's handling of redirects in general was flawed for a very long time. Reducing the significance of page rank in the algo made "conventional redirects" a more viable method of hijack post Florida and made the problem more conspicuous. Some hijacks were deliberate but many seemed to be inadvertent and due to Google's flawed handling.

Message 8 in this thread (http://www.webmasterworld.com/forum3/23743.htm) provides some history and a "time line" of sorts. It's also what suggests to me that there are multiple causes. Although many of us may know how to implement a hijack, is any of us certain that their's is the only way to do it? My testing led me to conclude that Google has been handling conventional redirects more intelligently for the past month or two, but I'd like to see someone confirm that.

DaveN alludes to "cloaked redirects." That's another aspect to the problem that further muddies the issue IMHO. Cloaked redirects is simply the age old SEs vs cloakers battle of course. :) But IF hijacks are presently limited to cloaked redirects, I think most of the problem is resolved.

>if there is slim chance that some poor mom & pop site could loose all income

Bingo! This was behind many WMW threads and typically each thread opened the door for many additional victims. Don't wanna go there if we don't need to!

Danny, as you admit you are not positive how this all works etc, why are you not concerned with details being posted?
Because if it is a problem, then it needs to be corrected -- and we can't understand the problem well without a clear discussion of it.

After all, if there is slim chance that some poor mom & pop site could loose all income, do you really want to be known to have encouraged it?
That slim chance may already be out there, and that poor mom & pop may already be threatened. Or not. There is already plenty of information about in various forum threads on this in the past. It's no a secret to those who want do dig. It's no secret to those already doing it.

What is a secret is really how much a problem this may or may not be to people in general. Overall, shining a light on an indexing problem is not harmful. If there is a problem, it will get it fixed.

If there is a problem, it will get it fixed. ....... and there's the problem will it and how long , this problem has been around for at least 2 years now, but it's not until everyone starts doing it does it get fixed...

like the good old Google remove url trick , it wasn't till some removed apple and Microsoft that the problem got partially fixed ;) , I wonder if Google ever looked into how many sites there removed without owner knowing about it !!

DaveN

So, come on Dave, let's have it:

Blow it wide open....

Subsequently it's only a big effect for domains with a low pagerank.

Not really. At least for the recent test i did, i had a disposable domain with a PageRank = 0 which was able to get a PageRank = 5 from a "victim" site + all it backlinks (380). Unfortunately i've already fixed the situation by removing the redirect and now the disposable domain is back to where it was ; PageRank = 0 + 1 backlink.

Thanks
Riley

Interesting strategicrankings, though I think in that particular case the big question is did it damage the ranking of the "victim" site?

strategicrankings and again what would have happen if you cloaked the 302 and left it in place of SE to find and then start cloaking more 302 pages to other target sites .... just a thought

DaveN

The old remove url trick ....

http://services.google.com:8882/urlconsole/controller oops it a 404 now lol

DaveN

If a 302 is cloaked for google, this means that the victm sites urls point to you or that you just gain their stuff?

Cloaking only make a difference to what you (the users) can see. To Google it's all the same (as long as they don't know they are being cloaked).

So, cloaking sneaky tricks like this can help to prevent others from figuring out what you are doing. It basically just seperates what engines get to see and what everyone else can se.

Perfect cloaking is almost impossible to break into from the outside, so it's a very solid way to hide to the public whatever tricks you are pulling :)

I would guess that the majority of really hard core "spammers" and hijackers use cloaking ... not that I know any of them, off course :D

Yeah, you know i know that mikkel :) but my question was superb in it's haste and thus quite useles heh..

I mean the results - the results of that are that you gain all of the victim sites backlinks and pr right? and thus jump in the serps..?

Nick

Interesting strategicrankings, though I think in that particular case the big question is did it damage the ranking of the "victim" site?

No, it didn't Chris. The "victim" remained as is, no damage whatsoever.

And you know what ? When i experienced that situation, i told myself that
if some hackers succeeded in maintaining "stolen" PR & Backlinks then would start a real business of high PR pages out of nowhere.

If only there was a cache for PR & backlinks then it would have been easier for me to show you the example.

Thanks
Riley

Thanks strategicrankings, That makes sense with the way I understood it to work.

Because if it is a problem, then it needs to be corrected -- and we can't understand the problem well without a clear discussion of it. I don't agree, it's only Google that can fix the problem and they do not require the problem to be exposed on a public forum. The less that understand the problem the better.

That slim chance may already be out there, and that poor mom & pop may already be threatened. Or not. There is already plenty of information about in various forum threads on this in the past. It's no a secret to those who want do dig. It's no secret to those already doing it.Adding to the slim chance is only going to fatten up the chance. Also, if the info is already out there for all to see why are you encouraging it to be posted here? There is a slim chance I may get my car stolen when I park it, however, leaving the keys in the car when it's parked is not a solution. Going to a public forum and posting how one can hotwire and steal my car brand is not going to help either.

Well i *do* agree.

I've just made a valient attempt to slashdot it :cool:

Nick

Okay, I just have to ask (and I hope this isn't taken the wrong way)...

Why are known spammers all up in arms because this particular spam technique is still working? Shouldn't you be happy they haven't fixed the loophole yet? Or is it just because your spam sites are getting beaten by nastier spammers?

(And please, I'm not using the word "spammer" to incite a riot or make anyone mad. I know people like DaveN refer to themselves as spammers, and I just mean it in the same way. I don't really care for the "black hat" phrase, but you could substitute that one if you prefer.)

I just really have been wondering about this, but was afraid to ask!

I'll give you my take on it Jill, it's never happened to me, and i've never done it to anyone:

It's about common decency i think. Cutting the rug out from under a website by hijacking it is tantamount to "virtual piracy" and personally, i find it quite dispicable.

It is *not* the same as playing around with algos and breaking the "guidelines" to get your sites to rank. That's all part of the game in certain categories. This is wrong. It feels dirty and i think it is dirty. It's rotten tactic. Beating a competitor though knowlege of the algo and good old fashioned agressive link aquistiion is one thing, robbing somebody is quite another.

Nick

I just really have been wondering about this, but was afraid to ask!

Com'on, Jill. When did you start being afraid of asking anything? :D

I very much agree with your statement, Nick! It may come as a shock to some, but "spammers" (or black hats or whatever you want to call "them") have ethics and limits too. This is one of them.

In fact, the most advanced Black Hats I know are probably also the most ethical. The problem with this issue is that as more and more get to know about it spammers outside of the more advanced and ethical circles are going to start using this. Thats why it's so important that Google recognise the importance of it. If real examples like this thread attempts to be, full exposure of every detail involved or any other action will help getting it fixed then be it.

So how do you decide what's despicable, and what's just plain old spam?

Why is it okay to steal from the search engines, but not from other webmasters?

And aren't you also stealing from other webmasters with your brand of spam?
I'm having a hard time understanding why this particular brand of spam is so much worse than spam in general, I think.

I am glad that there are limits to what most spammers will do. And I think your feelings of this being a despicable technique perhaps might help you guys to understand more where some of us come from with our dislike of spam in general. Take your feelings about this type of spam, and apply it to all spam, and you then have...well...Doug! ;)

Nick W
It's about common decency i think. Cutting the rug out from under a website by hijacking it is tantamount to "virtual piracy" and personally, i find it quite dispicable.

It is *not* the same as playing around with algos and breaking the "guidelines" to get your sites to rank. That's all part of the game in certain categories. This is wrong. It feels dirty and i think it is dirty. It's rotten tactic. Beating a competitor though knowlege of the algo and good old fashioned agressive link aquistiion is one thing, robbing somebody is quite another.
Nick, that has to qualify by far as one of the all-time best statements I have ever seen posted on the black hat/white hat issue, if not *the* best - and one of the very finest I've ever read of your posts (other than your brilliant CSS stuff, of course).

So how do you decide what's despicable, and what's just plain old spam?

The same way you do, Jill. Did you ask permission from anyone to set your own ethical standards? You may have your sources or references to justify why you have chosen the limits you do but by the end of the day it's your own personal ethics. I have mine and you have yours.

And, even within the scope of what I personally think is ethically right I believe there are good reasons to go beyond that .. sometimes.

Right or wrong is never black and white!

Sometimes we need journalists that are ready to bend some rules
Sometimes we need civil servants that are ready to break the laws
Sometimes we need freedom fighters to get rid of evil dictators
Sometimes we need hackers to improve IT security
And, sometimes we need dark Black Hat SEO to imrpove search

>> Adding to the slim chance is only going to fatten up the chance.

Dave Hawley, I respect your opinion, but consider the other side:

What if some of your best producing sites were 'jacked?

Then, what if you saw that people like claus and Robert_Charlton had gone to great lengths to document and publicize redirect issues for the better part of a year. And, up until the month before the holidays, all through Google's house, not a creature was stirring, not even a mouse. Granted, veteran webmasters are buffered and diversified, but I feel sorry for the Mom & Pop players that lacked the resources to fully protect themselves before the Hammer fell.

This is how the thread might look from the other side:

- You would see that the only slim chance that is getting fatter, is the chance that this issue is finally going to get solved, once and for all, the right way.

- You would be preparing to carve out a mountain momument to the likes of lots0, bobmuch, DaveN, Danny... and call it Mt. Rankmore. Or at least offer them lots o' free beer.

- I guarantee you would NOT want to see this thread lose momentum. You would NOT want to see it die. You would NOT want to take a detour down the well-traveled memory lane of What is Spam, that will not add real $$$$ per day back to your bank account.

Don't get me wrong. If the mere hint of a case study coming down the pipe is enough to get the desired results, GREAT. I am sure we would all be relieved, no matter if we currently consider this thread a threat or an opportunity. But if this thread falters, things might have to get worse before they get better.

added:

Marcia started a great thread related to the 'spam' issue:
http://forums.searchenginewatch.com/showthread.php?t=3099

(Thanks Marcia!)

Sorry, but I fail to see how making (what is now not so widely known) public knowledge is going to help anybody accept those with bad intent. GoogleGuy has already requested emails of specific examples and has said he will do alll he can to ensure it get's fixed.

I found it amazing that Danny, after admitting he was not sure of the issue and it workings etc, encourages those who do know, to post a step-by-step intructions.

Although exteme, it's a bit like leaving loaded semi-automatic guns laying around in public to try and get gun laws tightened.

Why are known spammers all up in arms because this particular spam technique is still working? Shouldn't you be happy they haven't fixed the loophole yet? Or is it just because your spam sites are getting beaten by nastier spammers?

Jill when a whitehat corp offers you many 000's to go kill sites, you just know that people out there are going to do it..... like i said in sweden i have clients to protect and serve...


DaveN

Jill when a whitehat corp offers you many 000's to go kill sites, you just know that people out there are going to do it

Did you actually see the check? :)
I've also talked to several white hat corps that wanted to do this but they never actually dared to go ahead (I am not saying I would have accepted to get invlolved). Most where just too scared that it might be traced back to them and none of them wanted to end up on the front page of FT with this kind of "branding" :D

There was a post back in early November I believe at WmW that talked about a redirect using tracker2.php, and the way to find out if you had a page hijacked was to do a "allinurl:www.domain.com" and then search through those results for tracker2.php to find out if a site on your domain.com had been hijacked.

This isn't the post, but it refers to the same type incidence. http://www.webmasterworld.com/forum3/25638-31-10.htm

Before Las Vegas I had put this investigtion on hold. It seems now is a good time to pick it up again.

A site that I was suspicious had been hijacked did show up when using this method. Now, when I do a search at Google for

tracker2.php site:hijackingdomain.com

I see that there are 129,000 results. Using tracker2.php and the URLs look like this:

subdom.hijackingdomain.com/tracker2.php?url=http://www.rippeddomain.com

So, I'm not the only one this is happening to. The site doing this is a PR6 and is basically a tasteless link directory (just like a lot of sites I do, only mine have more class).

If this is not the same thing then how is it different. I don't need to out any victim sites by sending the above search string to G if this is the case, any site would be quite anonymous in the 129,000 pages this place has done this to.

Wow.

I'm surprised this is being discussed on WMW and in here. Google "knows" about this and are given many an example through email. I don't see "any" good reason why it has to be discussed in 'public" at all. I certainly would not wish to have every tom, dick, and jane reading and viewing, AND then testing... more testing,... implementing, etc, and then we have thousands more newly created spammers on the internet.

Not good.

I must say I agree with Jill on this totally. Lately, I've not agreed with her too often, but in this case... totally. I see absolutely zero difference in what some in this thread are calling "rob" or dispicable tactics as compared to the robbing of the search engines through "cheating" and the robbing of website owners in the same SERPS by the spamming through traditional means. It's simply another form of spam. I can't understand the mindset of people thinking it's perfectly fine to go against the se guidelines and cheat the system and website owners, AND risk client domains, etc, but it's not fine to do this redirect thing.

Is what these threads are referring to the same thing?

http://www.webmasterworld.com/forum3/25638-1-15.htm
and
http://www.webmasterworld.com/forum3/26468-2-10.htm (see msg 12)

This from Mikkel:
And, sometimes we need dark Black Hat SEO to imrpove search.
That statement caught my attention. :)

How does a black hat "improve search?" By who's standards? Is search improved because the se's say it is? Do the searchers say it is? Do "white hats" say it is? Who is actually saying that black hat seo improves search? Maybe it's only the black hats saying this.......

Funny thing is, fixing the site will improve the site and search. Fixing is easy.

The Nigitrude Ultramarine SEO contest that SearchGuild promoted, proved in public, beyond any doubt, that anyone can harm your site in google, if they know how. In fact there are several ways (not just one) to accomplish this.If Nigitrude Ultramarine proved anything, it proved how easy it is to get many so-called intelligent people to waste their time on a contrived, childish and pointless exercise.

It proved nothing - nothing - about Google. But it was fun to watch :D

If anyone wants to take this public, post it now.

Im bored stiff with threats and whispers, either have the balls to do something about this mess or close the thread and move on....

If anyone wants to take this public, post it now.

Im bored stiff with threats and whispers, either have the balls to do something about this mess or close the thread and move on....

MODERATION NOTE - We'll be looking at examples very closely on this topic - I've already removed a few examples just because they were general 'spam' tactics, not specific to the so-called 'hijacking' issue as far as I can tell. Because all sides seem to want examples, we'll leave this for now - but please be very careful with what you are posting.

"tracker2.php" returns 443,000 results many are just urls which show the villain and victim. Google needs reports of specific cases? Looks like someone is dragging their feet because there is no algorithmic fix beyond identifying the tracker2.php script and that is easily changed.

The test results are in:

Final result - google wins.

One of the pages involved was removed from google’s index. The removal of this page appears to me to be what I call a “hand” or “human” removal. Of course, the page that was removed was the page doing the hijacking, no great loss, this page was on a throwaway domain for just this reason.

bobmuch has stated to me that he would rather not be included in any further public testing at this time and has went off and is testing one method for himself. But I am sure he will speak for himself here shortly.

You all want to know how to do it?
Go get yourself just about any php based directory script, make sure the script does click tracking, install the script and submit all the pages you want to hijack into this php based directory (make sure the click tracking (302/301 re-directs are turned on) . *** Just what is a 302 or 301 redirect and how does it work? If you are able to figure out how one of these directories handles their 302 redirects on their click tracking pages (Hint: http responses.....) you could accomplish this page hijacking whenever you wanted by simply re-creating what the script is doing. ***

The hijacks will soon start appearing on your directory log files. No real harm done, if it stops there, the owner of the pages is still getting the traffic.

But a person with bad intent could wait till Page A’s URL is appearing in the google SERP instead of page B’s URL then simply remove the re-direct and put whatever content that was desired by the hijacker on Page A....

So your code could look like this:

<?php
if(is_bot()) {
header("Location: http://some-poor-bugger.com");
} else {
display_page();
}
?>

then when the page is sucked up, remove the 302?

Wouldnt that work only temporarily or would it hold until the 302 is removed?

But a person with bad intent could wait till Page A’s URL is appearing in the google SERP instead of page B’s URL then simply remove the re-direct and put whatever content that was desired by the hijacker on Page A.
yep. That's right. It can work in reverse as well. The SEO could tell the client (site that's redirected to) exactly what they are doing. They could do this while charging that client per click and hosting the many domains they use on their server. The exact same script can be used to hiijack without the site aware, or as a seo "tactic" for pay per click to the client "WITH" the website owner being aware of it.

Although, the owner I'm trying to "teach" about this had NO IDEA exactly how this all worked, and had no idea of the long term ramifications it might cause his own domain.

I posted that particular SEO using this tactic, but it was deleted. If anyone wants to know the "name" of the SEO, please PM me for. The name is posted at "other" places however. :)

Why are known spammers all up in arms because this particular spam technique is still working?
Pretty broad -- it's not just "spammers" upset about this. Here's what Dan Thies sent me back in September that's part of an article I've been working on about this:

What concerns me is that some phisher will use this bug to hijack listings for an online banking site etc. and redirect the search engine traffic
somewhere else, which could be done very easily by having the redirect
script detect the referrer.

How would you feel if you searched Google for "citibank online banking," got
a listing that looked okay (citibank.online-banking.info or whatever), and
ended up having your account information stolen? This will create a "CNN
moment," not good for Google or the industry.

Alan Perkins and I have recommended that search engines handle 302 redirects (or META refresh) as "temporary relocation of a resource" only within the same web host, and treat them as links otherwise. This isn't a perfect solution, because some URLs may be temporarily relocated to another domain, but it's not going to facilitate any crimes.

OK, it's not just a spam problem. Potentially, it's a security issue for searchers. Aside from Dan, Alan who's firmly on the white hat site is apparently concerned as well.

On the entire "posting examples that don't show hijacking but instead show spam and are maybe an endrun to do a public spam reporting on the forums," here's the solution I'm posting for this thread. If you want to show an actual example, run it bast the forum moderator, Elisabeth or me before posting it. If we think it's relevant, then we'll give you the go ahead to post.

Which leads me to spam reporting on the forums in general. We've discussed issues about this before. We're pretty close to a formal policy to add to our FAQs. Those interested can take a look and comment over here: SEW Forums & Spam Reporting Policy (http://forums.searchenginewatch.com/showthread.php?t=3116).

search engines handle 302 redirects (or META refresh) as "temporary relocation of a resource" only within the same web host

Tim had a great powerpoint on this at the "Search Engines and Webmasters" session in Vegas. See page 15:

http://www.ysearchblog.com/files/wmw2004/search-engines-and-webmasters.ppt

Not surprisingly, the solution does not involve PageRank. ;)

I'm curious - was the offending page removed before or after bobmutch sent Googleguy the URL of the page in question?

I, Brian: I never send him a PM as his PM didn't work. I tried but nothing when out. I did how ever post for about 12 hours enough information on this thread where some one could figure out what the page that was going to be hijacted was. Lots0 warned be by PM that was unwise as we could run into someone messing with the example. I edited the post right away removed the infromation.

While I am not going to take the position that Google hand removed the hijacker page I decided at that point I don't want to upset Google, got cold feet and bowed out of the test.

here is a thought i have a spider thats runs through Google checking for 302's ... should i make it open source or would that upset Google to much ??

I also have a script that checks refers links to my site to check for 302's then when i find one I 404 page if internal ( kills that page and their 302) then 302 them back what's good for the goose is good for the gander.

302 to homepage if the bandit is reachable let them know you will 302 every page in on there site until it's removed, if not reachable 302 from another site ;)

DaveN

While I am not going to take the position that Google hand removed the hijacker page...
No matter if the page was hand removed or not, it was removed from the google index. (I believe it was hand removed - but I have no evidence to support this belief).
But it is a fact, and I know that bobmuch can verify it, that before the test started the page was in google's index, then a few days after the beginning of the test it was no longer in the index. I am not going to make the URL public, but if you want to look at it, PM me, if I know you, I’ll respond.

Alan Perkins and I have recommended that search engines handle 302 redirects (or META refresh) as "temporary relocation of a resource" only within the same web host, and treat them as links otherwise. This isn't a perfect solution, because some URLs may be temporarily relocated to another domain, but it's not going to facilitate any crimes.I think this would be the first logical step for google take in ending this problem. I also believe that implementing a change like this would not be that difficult or time consuming for google.

Dave, please remember that the vast majority of these “hijacks” are not intentional. ;-)

You are right. I just emailed GoogleGuy with an example of a site I manage where using a 301 redirect from 2 other domain names to the main site totally removed the main site. The couple that own it are a retired couple and this is there income. For the last 2 months they have lsot 65% of their hits and 70% in sales.

I hope this is fixed very soon.

Ant

I had a page that was #2 in Y for a few months and then went to #1 for a few weeks. Suddenly it disappeared from the index.

The links on the first 20 pages of SERPs for the KW are virtually all leading to the same site.

I have a feeling that some hanky panky is going on here. How can you draw 20 pages of SERPs and push everybody else way down the list?

The links on the first 20 pages of SERPs for the KW are virtually all leading to the same site. ...How can you draw 20 pages of SERPs and push everybody else way down the list?
look at what your competitor is doing. you probably have better test data handy than most people do.

neckbone, that is another issue. This thread is about a test for hijacking a web page.

...and im still looking for the exact way to do this....?

Got it, thanks.

Do we have any victims of this reading this thread? You dont have to give examples, but if you could make yourself known and say what happened that would be cool...

I talked to an associate today and he showed me a clients site that has over 400 and of their important pages hijacted by a competitors site. When you go to the any of the pages from a Google search it takes you to, it does a redirect to the competitors site.

The interesting thing is they are concerned that they may get a ban if they show the site to Google because of the reports of this happening. The lawyers for the firm are now involved. While I am not at liberity to give any detail in public or private I thought I would post this to give some kind of an idea to the extent this is going on.

This is not an industry like adult or Rx either, but it is highly competitive and involves big money.

lost a few , took a few back ;)

DaveN

In response to Nick's appeal for more of those reading this forum..my title and summary no longer show for 200+ optimized pages...was my site hijacked or did the spider just get turned around.

upon further reading I did a inurl:www.mysite.com and found where, yes, clearly someone using my clients content. The results look like this :
keyword.someportal.com/cgi/www/jump.plx?adid=4523&url=www.mysite.com%2F.

Could someone set something to where my titles and summary won't show in Google? And if so would the above url somehow give additional proof as to the trickery?

I had no idea hijacking a site in Google could be done. Google needs to fix this bug.

Mod Note: Posts about hacked server and reinclusion problems separated into a separate topic:

Problem getting relisted after server hacked (http://forums.searchenginewatch.com/showthread.php?t=3219)

How then, can I tell if a site I run has been or is the subject of, hijacking?

What should I look for? What are the tell-tale signs?

How then, can I tell if a site I run has been or is the subject of, hijacking?

What should I look for? What are the tell-tale signs?

For example make an allintitle search for your home page <title> between quotes (ex. allintitle:"Unique Page Title") in Google, (provided you have grounds to believe that your <title> is unique). If you find another site other than yours having the same title then analyze the site's description to see if it is the same as yours. If you see similarities among these parameters try to analyze indepth and seek for expert advice.

McFox: Do like strategicrankings suggested but when you find your page in the search engine results go to the that page through the search engine results and make sure it is taking you to your domain and your page. If the page is hijacked it will take you to another site which has a copy of you page posted there. If the page takes you to your site then it has not been hijacked.

Check both Google and Yahoo this way as there has been reports of it happening in the indexs of both these Search Engines.

The reason people do this is for a numerous. A couple of the reasons are a) to keep people from going to your site and b) in hope of getting the credit of your inbound links and PR to their site.

Bobmutch and Strategicrankings -- thanks for the pointers. Much appreciated. :)

McF

I'm using a pretty famous site (PBS newshour). Searching for a sentence "To subscribe to Online NewsHour Select , a service that delivers highlights of this Web site to you via e-mail" I get at least three occasions that it has been "hijacked":
http://www.google.com/search?q=%22To+subscribe+to+Online+NewsHour+Select +,+a+service+that+delivers+highlights+of+this+Web+ site+to+you+via+e-mail%22&num=100&hl=en&lr=&c2coff=1&filter=0


or this:

http://www.google.com/search?q=%22Forums+for+discussing+specific+search+ engines+and+directories.+Please+keep+discussion+re levant+to+the+topic%22&num=100&hl=en&lr=&c2coff=1&filter=0

ThouShaltSeo: I don't see any hijacked pages in that search. I see a number of entries link www.newdirectory.com/go.php?u=www.pbs.org/newshour/ (http://www.newdirectory.com/go.php?u=www.pbs.org/newshour/)where pages are forwarded with a go.php script to phb.org but none that are hijacted. If you are talking about newdirectory.com's entries those are just directory entries that are redirected to where the news article is published. Here is a whole page of them http://www.newdirectory.com/breaking_news.php .

On your second link where people are redirecting to searchenginewatch.com it's the same thing.

I don't see any hijacked pages in either of those posts.

the entire page is cached but the URL is different.
Maybe the word is not hijacked but clearly can cause dupe problems on certain sites.


ThouShaltSeo: I don't see any hijacked pages in that search. I see a number of entries link www.newdirectory.com/go.php?u=www.pbs.org/newshour/ (http://www.newdirectory.com/go.php?u=www.pbs.org/newshour/)where pages are forwarded with a go.php script to phb.org but none that are hijacted. If you are talking about newdirectory.com's entries those are just directory entries that are redirected to where the news article is published. Here is a whole page of them http://www.newdirectory.com/breaking_news.php .

On your second link where people are redirecting to searchenginewatch.com it's the same thing.

I don't see any hijacked pages in either of those posts.

ThouShaltSeo: The cache and current page are different because the new pages are changing faster than the Googlebot is crawling them and they are bing cached. Some thing you get quite often on news sites that are not crawled as often as content changes. Nor do I see any problems with duplicate content other than the issue that Google is showing URLs with a go.php redirector to have the same content as the page that the go.php redirector is pointed to which is a normal occurance.

I have heard of this and it can be done. A first place listing can be banned from Google within 30 days. :eek:

If you have an IDENTICAL page on domain.com and someother-domain-with-diff-IP.com, why wouldn't it cause dupe problems? That's what those /go.php?http://www-domain-com do to you. As far as Google is concerned (right now anyway), one of those pages is a duplicate one.

Google needs to get the ball rolling on this...

ThouShaltSeo: The cache and current page are different because the new pages are changing faster than the Googlebot is crawling them and they are bing cached. Some thing you get quite often on news sites that are not crawled as often as content changes. Nor do I see any problems with duplicate content other than the issue that Google is showing URLs with a go.php redirector to have the same content as the page that the go.php redirector is pointed to which is a normal occurance.

ThouShaltSeo: Ok I will go along with that. So at the most what we have hear is a problem with duplicate pages. But no hijacking.

I didn't read all posts so may have missed this. Can someone point out the url GG referenced to send examples.

Got a bunch - most are independent site examples... one is real interesting as it involves a crosslink strategy where all sites of the cross have been hijack by a single domain... 'in Japan no less'.

I think you're looking for #19 at http://forums.searchenginewatch.com/showthread.php?t=2979

Thanks Dave

I guess it all depends how you define hijacking, either way you lose money since your page is drastically penalized:

hi·jack also high·jack ( P ) Pronunciation Key (hjk) Informal
tr.v. hi·jacked, hi·jack·ing, hi·jacks

To stop and rob (a vehicle in transit).
To steal (goods) from a vehicle in transit.
To seize control of (a moving vehicle) by use of force, especially in order to reach an alternate destination.

To steal from as if by hijacking.
To swindle or subject to extortion.

ThouShaltSeo: Ok I will go along with that. So at the most what we have hear is a problem with duplicate pages. But no hijacking.

ThouShaltSeo: I think this may define a new defination. Not of hijacking but of a lame post. I don't know if in my PR frenzy I have ever done has well at that. I am impressed. Postive rep to you! Liz leave me alone. It was a quality lame post :)

>>I don't know if in my PR frenzy I have ever done has well at that.

Different issue altogether, the PR frenzy. Maybe we'd best not go there right now. ;)

>>Not of hijacking but of a lame post.
>>It was a quality lame post :)

I don't see it as lame at all Bob. Rather, I see it spot on accurate, as being waylaid in transit - which is exactly what is happening.