Search Engine Watch Forums

AussieWebmaster · #1 11-09-2006

Seems there are some holes in the algo at Microsoft. Check out this little blog entry:
http://www.boogybonbon.com/2006/11/0...from-msn-live/

Brian M · #2 11-09-2006

Hi AussieWebmaster,

Very nice find, but now that it's public, I guess we can talk about it. It's not limited to MSN (although it shows up more quickly there). All the search engines have this problem with duplicate content caused by query strings, and yes, you can hack your competition off the page one SERPs using this technique, but I wouldn't want to be caught doing this by the search engines...

I had to fix a site by putting out 404s for every query string so we could track incoming PPC traffic, rather than the using the 301 approach recommended in this blog. That site is safe from these kinds of attacks, but a 404 creates its own set of problems.

The 404 is done to keep the engines from indexing PPC codes in query strings from other sites, but it is causing havoc with MSN's automated verification in adCenter, since the web site is seen as "unavailable" each time it looks for the destination URL.

I just wish there was a query string that was off-limits to the robots, such as ?track=

This would make things a lot simpler for us webmasters...

Brian M

AussieWebmaster · #3 11-10-2006

The whole canonical issue is in play here and yes all engines are subject to this play in some form.

tb1234 · #4 11-11-2006

I can add some more issues to remember for site security for the thrats like this generating spam pages:

1. Always check on on you 777 folders.
2. Add robots with the extension you are allowing. Suppose your site is in php the block other extensions like .aspx, .phtml etc via robots.

Many other things are also in consideration (like, proper paging in site.) but it depends on your site's infrasturcture.

Mine site has same problem but the mastermind has uploaded misc script in my 777 folder. 20000 pages had been generated but now i am a bit out of it...

AussieWebmaster · #5 11-11-2006

Quote:

Originally Posted by tb1234

I can add some more issues to remember for site security for the thrats like this generating spam pages:

1. Always check on on you 777 folders.
2. Add robots with the extension you are allowing. Suppose your site is in php the block other extensions like .aspx, .phtml etc via robots.

Many other things are also in consideration (like, proper paging in site.) but it depends on your site's infrasturcture.

Mine site has same problem but the mastermind has uploaded misc script in my 777 folder. 20000 pages had been generated but now i am a bit out of it...

Effective use of the robots.txt file is a smart move that everyone should follow.

HealthQuotes · #6 11-16-2006

Hi, this issue is a real eye opener.

My web site is an ASP.NET application, and in my code behind for my default.aspx page if the querystring items are not found then by default it displays the home page of my site.

After having read this article this default behavior scares me, does anyone have any ideas how I should handle this?

P.s. we are now completely gone from MSN Live, I've checked for bogus URLs but do not see any. I have a feeling its connected to our blog.

Brian M · #7 11-16-2006

Hi HealthQuotes,

As long as your re-direct to the home page is done via a 301 in the code behind, you should be safe from these attacks. You can see that by entering any URL with a query string in a server header checker and then follow the path in the server headers.

As for the drop from MSN that you mention in another thread - this is an early warning that you may also soon drop in the other search engines, so you need to correct that quickly. A quick glance at your examples shows a lot of duplication that will eventually cause problems, and it may be that you've finally crossed over the limit.

Please read up on duplicate content, and PM me if you need more help.

Brian M

AussieWebmaster · #8 11-16-2006

There is a good overview on double content in one of the write ups of PubCon sessions.
Just do a search.

HealthQuotes · #9 11-16-2006

Thanks for the input

Actually I don't use 301 redirects in my code behind, I have a Select statement, and I dynamically load user controls into a default.aspx page. This default.aspx page displays numerous "pages" via two querystring items (e.g. Page and Section variables), and loads the approriate user controls in the aspx page.

In the Else statement I just load the home.ascx user control, should I be using some sort of 301 redirect here?

As to the duplciate content, I've strived not to allow any ... I do not understand where you are seeing this Brian?

Here is a sample of my default.aspx page's code behind:

Case "BlueVisionExpressPlan"
Select Case Request("Page")
Case "Quote"
myBody = Page.LoadControl("BlueVisionExpressPlan/Quotes.ascx")
sPageTitle = "Express Plan Quotes"
Case "Home"
myBody = Page.LoadControl("BlueVisionExpressPlan/Home.ascx")
sPageTitle = "Express Plan from Blue Vision, Ontario Blue Cross"
Case "Else"
myBody = Page.LoadControl("BlueVisionExpressPlan/Home.ascx")
sPageTitle = "Express Plan from Blue Vision, Ontario Blue Cross"
End Select

Alchemweb · #10 11-17-2006

TB1234 said

Quote:

Add robots with the extension you are allowing. Suppose your site is in php the block other extensions like .aspx, .phtml etc via robots.

Do you mean robots.txt?
How do you block file extensions?

HealthQuotes · #11 11-17-2006

I don't know how the robots.txt file is associated with loading user controls into an ASP.NET default.aspx page?

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)