Welcome to WebmasterWorld Guest from 54.146.171.44

Message Too Old, No Replies

Help, Sites been duplicated, url spoofed

How do you stop a page jacking?

   
12:01 am on Jan 16, 2005 (gmt 0)

10+ Year Member



Hi,

I am really PO'd and worried right now.

Someone in China is duplicating my page and hundreds of others and spoofing the url like:-

www.mydomainname.theirdomainname.com/

Whats up with this?

I am about to email a bunch of sites he has done this to, but want to make sure this is not some legit thing, I don't understand (newbie)

I tried running a whois on the domain in question and can't get results

Please help,

Thanks
Scott

[edited by: trillianjedi at 10:09 am (utc) on Jan. 16, 2005]
[edit reason] TOS - no specifics or URL's please [/edit]

10:17 am on Jan 16, 2005 (gmt 0)

WebmasterWorld Senior Member trillianjedi is a WebmasterWorld Top Contributor of All Time 10+ Year Member



The first thing to do is to work out exactly what they're doing.

It sounds to me like a 302 page-jacking:-

[webmasterworld.com...]

Is this only taking effect in Google, or are you experiencing this in more than one search engine?

If the former, we'll move this thread over to google news, although I think you'll find your answers starting with the thread above.

TJ

10:43 am on Jan 16, 2005 (gmt 0)



start hijack duplicate his page as well ,thats the best way i believe.
11:29 am on Jan 16, 2005 (gmt 0)

WebmasterWorld Senior Member tropical_island is a WebmasterWorld Top Contributor of All Time 10+ Year Member



I just discovered from our weblogs that one of our interior pages is being hijacked by a site that is registered in Tonga (.to). When I did a Google search for the domain it came up with 82,000 results.

The url that is in the logs is something like ht tp://***.to/placename . When you click this link it takes you directly to a subsite (small B&B) on our main site. The url in the browser shows the above highjacker.

When I go back to the root domain ht tp://***.to I get a re-direct to a webhosting company. Can anybody steer me in the right direction?

12:03 pm on Jan 16, 2005 (gmt 0)



one other thing i have discover is that all of those <beep!> are using google adsense! What the <beep!> is G doing?

[edited by: trillianjedi at 12:49 pm (utc) on Jan. 16, 2005]
[edit reason] Let's not try to fool the swear filter ;-) [/edit]

4:46 pm on Jan 28, 2005 (gmt 0)

10+ Year Member



Hi Everyone,
Sorry I seagulled.

The site I am referring to, [domain] seems to be doing this to almost all sites.

Type in any major site name like paypal
and ad [domain] to the end

Or even more interesting
[famous site mirrored as a subdomain of the domain in question]

Someone suggested that, this [domain] was a phishing scam, or maybe just a way for Chinese to get unfiltered interenet access.

But Seeing the Whitehouse page makes me think its not for Chinese free speach.

[edited by: ciml at 7:48 pm (utc) on Jan. 28, 2005]

[edited by: Brett_Tabke at 3:59 am (utc) on Jan. 29, 2005]
[edit reason] As trillianjedi wrote already, no specifics please. [/edit]

6:16 pm on Jan 28, 2005 (gmt 0)

10+ Year Member



Saw this domain on an affiliate board discussion earlier this week.

They determined that it was 'a proxy server that filters out Flash', so regardless of what domain you enter it'll show as existing on their site.

The site itself mentions the filter, and if you have a Chinese speaking friend, it seems they'll confirm the content of the site.

The end recommendation was to ban the IP.

CodeJockey.

6:36 pm on Jan 28, 2005 (gmt 0)



Oh!

Interesting to say the very least, all 100+ of our sites are there...everything original and up-to-date, nothing removed, nothing added.

I've e-mailed their contacts however I reckon the only way to resolve it, if you want to stop it, is as CodeJockey says, ban their IP.

However they do have this at the bottom of their index page:

[their domain].com filters the function: You add in the back of existing websites [their domain] is visited, can filter FLASH above ,etc. , benefits your use. If you are a network station owner, do not hope your websites are filtered and visited , can apply to cancel .

Apache users can add their IP block to your .htaccess file like this,

Deny from [IP address]

Anyone else with info?

[edited by: ciml at 1:02 pm (utc) on Jan. 29, 2005]
[edit reason] No specifics please. [/edit]

6:38 pm on Jan 28, 2005 (gmt 0)



Google needs to block them, that's all. That can happen to every site .
6:54 pm on Jan 28, 2005 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member



Not only are they using adsense, but they also have the phrase 'Sponsored Links' above the ads, which is a 'Bozo -No-No'
7:36 pm on Jan 28, 2005 (gmt 0)

WebmasterWorld Senior Member zeus is a WebmasterWorld Top Contributor of All Time 10+ Year Member



I said a few month ago, that this hijacking and legal redirecting problem will be HUGE the next month, just wait we have not seen anything yet, the bad webmasters have found out that Google is not working right, so now they are using this glitch, they are legaly redirecting to you, but they steal your page be caus google cant see the difference between your original site and the redireting site.
7:55 pm on Jan 28, 2005 (gmt 0)

10+ Year Member



What you do is build a duplicate page and put nothing but pornographic pictures on the page. When I think about how this happened to me I did exactly that. I put some disgusting fetish pictures that had to do with people having poop fetishes on a few new pages that people were highjacking. Well to make a long story short they removed my highjacked page from their sites very quickly when they probably had people calling them to complain. All I did was keep the url the same and edit the pictures just for them and their audience to see. :>~

We can't seem to do anything about it so I took actions in to my own hands.

8:13 pm on Jan 28, 2005 (gmt 0)

WebmasterWorld Senior Member powdork is a WebmasterWorld Top Contributor of All Time 10+ Year Member



Just noticed my sites on there to. Time to break out the .htaccess.
9:17 pm on Jan 28, 2005 (gmt 0)



Interesting!

google.com is shown as HTTP/1.1 404 Object Not Found

google.co.uk is shown as normal as too is .de .it .fr etc

yahoo.com & yahoo.co.uk is shown as HTTP/1.1 404 Object Not Found

Who knows what?

11:09 pm on Jan 28, 2005 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member



'Sponsored Links' above the ads:

Google doesn't have a problem with this. It's one of their two suggestions if you want to emphasize their ads in any way (other being Advertisements:)

Many of these chinese proxies are supposed to strip out culturally or politically incorrect (to them) content.

1:51 am on Jan 29, 2005 (gmt 0)

10+ Year Member



Just add random content to all your pages and your pages cannot get a duplicate content penalty because your pages change every time googlebot visit's.

Even if a hijacker gets your page, it will be different when google comes to your page again.

1:53 am on Jan 29, 2005 (gmt 0)

WebmasterWorld Senior Member crobb305 is a WebmasterWorld Top Contributor of All Time 10+ Year Member



I had the same problem, not only with hundreds of redirects, but also with those Chinese urls in the form of www.mysite.com.blah.com

The following worked for me to get all redirect urls removed from Google. Works only for Google as no other search engine has a removal tool to my knowledge.

1). Open account in Google url removal tool
2). Temporarily set your robots metatag to "noindex" on the page that is getting the redirect
3). Enter the Google url removal tool
4). In another browser window, Google search inurl:yourdomain.com to help find redirects to your site.
5). Enter each undesirable redirect url into the Google url removal tool. [Some redirect urls are legit and may bring you good traffic]
6). Change your metatag back to "index"

The removal tool will check for "noindex" in your metatag. This is just to safeguard against competetors removing your urls you intend to be indexed. This works because the Google removal tool checks the metatag of the final destination. So, this is a good way to get redirects that you do not want indexed in Google removed.

Chris

2:14 am on Jan 29, 2005 (gmt 0)

10+ Year Member



Is anyone noticing that googlebot is spidering very old pages that are not on your sites anymore?

I am getting pages spidered that have not been there for at least a year now?

Yahoo slurp is doing the same thing. Spidering very old pages that have been gone for a long time?

2:39 am on Jan 29, 2005 (gmt 0)

WebmasterWorld Senior Member crobb305 is a WebmasterWorld Top Contributor of All Time 10+ Year Member



They may be trying to clean the index up by spidering old urls to see if they still exist. I sent 35 old/404 urls to Google removal tool because Google had failed to remove them. They are now gone, thanks to my proactive measures. You have to be proactive in the war against hijacking/redirects/out-dated urls these days to stay on top of the game.
2:56 am on Jan 29, 2005 (gmt 0)

10+ Year Member



It must be a huge operation keeping a large scale search engine up and running well.

I give them 2 thumbs up for their effort. But sure wish they would do something about the hijacking problem.

3:57 am on Jan 29, 2005 (gmt 0)

WebmasterWorld Senior Member crobb305 is a WebmasterWorld Top Contributor of All Time 10+ Year Member



I now check the inurl search EVERYDAY to see if new redirects have appeared. Found 2 more today, just since yesterday. They are now gone :)

C

4:01 am on Jan 29, 2005 (gmt 0)

WebmasterWorld Administrator brett_tabke is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month



Been sleeping?

This happens about once every couple of months. This is atleast the 5th time in the last two years. All they do is run a proxy service for an ISP in Bejing.

It is always the same chinese crew and Google is well aware of them.

What is new this time is that they are starting to rip pages via the Yahoo and MSN cached pages. So, they don't even visit your site to get your sites code.

I'm within a hairs breath of banning the entire tld .CN entirely.

4:28 am on Jan 29, 2005 (gmt 0)



I tried banning the IP listed in this thread. it didn't work. What else is left to do?

I wish Google would step in...they could solve this in a minute.

6:22 am on Jan 29, 2005 (gmt 0)

10+ Year Member



Are they talking about the same people here...?

[webmasterworld.com...]

6:32 am on Jan 29, 2005 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member



Yup, same outfit. -Larry
6:44 am on Jan 29, 2005 (gmt 0)

10+ Year Member



Well, content sites are the target of site thieves. These content theives have no shame, only greed.

You could occassionaly try to visit copyscape & detect sites who duplicate your site pages.

To prove you existed before them, you can try archive.org.

More suggestions will be welcome since this prob seems to be growing...

(Requesting mod to permit urls posted above since they are helpful- thanks)

6:47 am on Jan 29, 2005 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member



Hello MLH: Very interesting indeed, but I'm confused here ..

"All I did was keep the url the same and edit the pictures just for them and their audience to see."

I do a nice image swap here, using new filenames for original image in original page
and swapping something fun in for original image filename.

Is that what you are doing, or something else?
Suppose they swipe your .html page? Then what?
I'm not about to change filenames for web pages .. that would be a _real_ mess.
Can you fill me in? Thanks - Larry

8:59 am on Jan 29, 2005 (gmt 0)

WebmasterWorld Administrator anallawalla is a WebmasterWorld Top Contributor of All Time 10+ Year Member



Many of these chinese proxies are supposed to strip out culturally or politically incorrect (to them) content.

If a suitable political sentence (old timers will remember the NSA fodder taglines in newsgroups) will hide one's site from .cn viewers, then it is worth adding...

9:15 am on Jan 29, 2005 (gmt 0)

10+ Year Member



search google inurl: for spoofers .com name
9870 sites in indexed

All major sites are spoofed.
It seems if you are on page one of Google, they probably spoofed your site.

How would you block all IP's from China?
I don't do any business there and don't want to.

I guess the only option is through .htaccess , right?
Anyone know another way?
.htaccess won't seem to work on my site.

3:21 pm on Jan 29, 2005 (gmt 0)



"If they had removed specific contact and copyright pages with their own details I would be very concerned. "

the contact and copyright info are the least of your worries if Google, Y! and MSN index both yoursite*[their domain].com and yoursite*com.

Where is Google on this? hellooooo? Anybody home? Do you guys even care anymore? 302 hijackings been going on for months and this. Yahoo fixed them both!

[edited by: ciml at 4:18 pm (utc) on Jan. 29, 2005]
[edit reason] Examplified [/edit]

This 54 message thread spans 2 pages: 54