Welcome to WebmasterWorld Guest from 220.127.116.11
Many unethical webmasters and site owners are already creating thousands of TEMPLATED (ready to go) SKYSCRAPER sites fed by affiliate companies immense databases. These companies that have your website info within their databases feed your page snippets, without your permission, to vast numbers of the skyscraper sites. A carefully adjusted variant php based redirection script that causes a 302 redirect to your site, and included in the script an affiliate click checker, goes to work. What is very sneaky is the randomly generated meta refresh page that can only be detected via the use of a good header interrogation tool.
Googlebot and MSMBOT follow these php scripts to either an internal sub-domain containing the 302 redirect or serverside and “BANG” down goes your site if it has a pagerank below the offending site. Your index page is crippled because googlebot and msnbot now consider your home page at best a supplemental page of the offending site. The offending sites URL that contains your URL is indexed as belonging to the offending site. The offending site knows that google does not reveal all links pointing to your site, takes a couple of months to update, and thus an INURL:YOURSITE.COM will not be of much help to trace for a long time. Note that these scripts apply your URL mostly stripped or without the WWW. Making detection harder. This also causes googlebot to generate another URL listing for your site that can be seen as duplicate content. A 301 redirect resolves at least the short URL problem so aleviating google from deciding which of the two URL's of your site to index higher, more often the higher linked pagerank.
Your only hope is that your pagerank is higher than the offending site. This alone is no guarantee because the offending site would have targeted many higher pagerank sites within its system on the off chance that it strips at least one of the targets. This is further applied by hundreds of other hidden 301 permanent redirects to pagerank 7 or above sites, again in the hope of stripping a high pagerank site. This would then empower their scripts to highjack more efficiently. Sadly supposedly ethical big name affiliates are involved in this scam, they know it is going on and google adwords is probably the main target of revenue. Though I am sure only google do not approve of their adsense program to be used in such manner.
Many such offending sites have no e-mail contact and hidden WHOIS and no telephone number. Even if you were to contact them, you will find in most cases that the owner or webmaster cannot remove your links at their site because the feeds are by affiliate databases.
There is no point in contacting GOOGLE or MSN because this problem has been around for at least 9 months, only now it is escalating at an alarming rate. All pagerank sites of 5 or below are susceptible, if your site is 3 or 4 then be very alarmed. A skyscraper site only need create child page linking to get pagerank 4 or 5 without the need to strip other sites.
Caution, trying to exclude via robots text will not help because these scripts are nearly able to convert daily.
Trying to remove a link through google that looks like
new.searc**verywhere.co.uk/goto.php?path=yoursite.com%2F will result in your entire website being removed from google’s index for an indefinite period time, at least 90 days and you cannot get re-indexed within this timeline.
I am working on an automated 302 REBOUND SCRIPT to trace and counteract an offending site. This script will spider and detect all pages including sub-domains within an offending site and blast all of its pages, including dynamic pages with a 302 or 301 redirect. Hopefully it will detect the feeding database and blast it with as many 302 redirects as it contains URLS. So in essence a programme in perpetual motion creating millions of 302 redirects so long as it stays on. As every page is a unique URL, the script will hopefully continue to create and bombard a site that generates dynamically generated pages that possesses php, asp, cigi redirecting scripts. A SKYSCRAPER site that is fed can have its server totally occupied by a single efficient spider that continually requests pages in split seconds continually throughout the day and week.
If the repeatedly spidered site is depleted of its bandwidth, it may then be possible to remove it via googles URL removal tool. You only need a few seconds of 404 or a 403 regarding the offending site for google’s url console to detect what it needs. Either the site or the damaging link.
I hope I have been informative and to help anybody that has a hijacked site who’s natural revenue has been unfairly treated. Also note that your site may never gain its rank even after the removal of the offending links. Talking to offending site owners often result in their denial that they are causing problems and say that they are only counting outbound clicks. And they seam reluctant to remove your links....Yeah, pull the other one.
[edited by: Brett_Tabke at 9:49 pm (utc) on Mar. 16, 2005]
We must abide to the etiquette Brett and Claus respectively commend.
This in its self is a testament that it is wrong to target a site for bombardment with 302 redirects.
It is a thing that plays on the conscience. We know of the dire consequences my tentatively proposed action against an innocent site could have. So we feel guilty and it is against our principles to deliberately point 302 redirects to another site. But doing so in the thousands a day by the blackhats and big affiliate companies does seem to bring about a feeling of anger.
We are in a catch 22 situation. Damned if you do, Damned if you don’t.
However, like I mentioned in an earlier post. I subjected a big affiliate company with a threat that I had prepared them as my target for 302 bombardment. They threatened me with legal action, it was my method that they were afraid of that caused them to remove their 302 redirects to my sites.
I am convinced and without in no shadow of a doubt that many sites are in oblivion in google because of redirects. I respect all comments in this thread, I also understand the dilemma that many sites are in.
...can destroy something that a couple of years ago (the internet) use to be the best infodata we ever had in the planet.I can see people going back to the librarie very soon.
Hmmm....I doubt that very much. Considering every other story is about the RISING influence of the internet (in politics, research, etc.) Like any other new medium, it has problems to deal with, which I have no doubt will be solved eventually thorugh technical means.
Having said my site is back it seems specific to data centres. From my home PC I can find my site yet when I get to my office, no sign?!
My nerves can't take it!
Then stop looking every 5 minutes. Wait a month, and have another look.
i say again and i want answers maybe from goooogleguy
Don't hold our breath...rest assured, as google is now a publicly traded company, each and every public comment is vetted through their PR machine. I doubt we'll EVER hear another comment of google having technical problems having to do with the quality of their search. How would you like ot be the guy that caused your friends net worth to drop 6 or 7 digits because you responded to complaints on a message board?
We must abide to the etiquette Brett and Claus respectively commend."
I *very respectfully* disagree, Japanese. Perhaps this is the wrong forum to discuss "call to action", but IMHO, something needs to *demonstrate* the problem or Google can simply keep denying the extent of the problem.
If a site it brought down it can apparently be restored just at the big site mentioned earlier was "rolled back".
"This in its self is a testament that it is wrong to target a site for bombardment with 302 redirects."
It is the opinion of 2 people, one of whom might be protecting himself legally with TOS. It is best done in more private discussions.
"We are in a catch 22 situation. Damned if you do, Damned if you don’t."
Might I suggest that we are stuck in an ongoing predicament waiting for hackers to destroy our sites if we do nothing. If we do something to demonstrate the problem we will have taken the first step in approaching a solution .. or a mitigation.
The targetted site must be called by telephone to agree that we blast them with 302 redirects controlled via scripts of our choosing, either CGI, GOP-PHP etc and will be configured to have undesirable affects regarding the targeted site. The 302 method will be no different from any other 302 redirect. It will provide serverside info for googlebot with a different url to the target site but pointing to their location in our attempts to create duplicate contents of their most important pages in the google index of results. We will attempt to cause the site duplicate content penalty in google and to bring about the websites demise in results.
The site must be a commercial site that pays a few wages and that a reasonably big expenditure had been invested in that site. They must not protect their site by excluding robots and their pages must allow all robots. They are not allowed to make modifications to protect their network by using .htaccess to deny robots. Their websites must be left vulnerable to our attack. They are not allowed to cheat by denying robots access in any way.
They must agree to be bombarded 6 levels deep of their entire spiderable pages and network. Our aim will be to bring about unpredictable and adverse effects to their website by our minapulation abilities of googlebot and msnbot. Once we have achieved at least one duplicate page in the results of google our onslaught of 302 serverside redirects aimed and configured to disrupt their internet visibility, we will cease the experiment and that we would have been satisfied of the effectiveness of our ability to bring their website to its knees.
They must also agree that after the attack they may never regain their ranking in google and that we cannot be held responsible for any damages of any sort.
They must agree in a manner that does not make us liable for any legal action against us.
They should accept this offer because I see no reason that they should not. They are already accepting the exact same as above so it would be very unreasonable of them to deny us the opportunity to enact the process of bringing down their website.
If they refuse, put pressure on them to explain ON WHAT GROUNDS do they refuse. We have every right to try and do what we want and it really is none of their business.
Persist by contacting another similar site until you find a suitable volunteer. But like I suggested, do net accept a refusal easily, what right do they have to deny us this opportunity to excersise our ability to bring their websites to its knees. They have the reasurance also from google that nobody can affact their ranking.
TEY INFORMED ME 10 MINUTES LATER BY TELEPHONE
Warning me that my voice was recorded and my earlier e-mail containg my proposal had been passed on to their in house lawyer.
Believe you me......They blocked my IP to their network, Moved over to my other computer and I started spidering their html pages, after I got them I called them back demanding that I be allowed to pass as many 302 to them as my server could handle.
I relented because I was threatened with legal action if I processed a single 302 against them.
Boy, this thread has been popping up pretty consistently for the past several years. I was heavily involved with the last very long thread at [webmasterworld.com...] which was about this very thing.
Finally got my sites back. How you ask? I threatened the offenders with everything I could. Threatened to contact every one of the sites in the offending directory. Threatened to post the offenders on all forums that would allow it. Threatened to dedicate a site specifically to bring attention to what they were doing. Threatened to report them to G, Y and A,B,C too... etc. etc. etc.
Finally got all their links removed and my sites are back to their original positions.
Like DaveAtIFG said, this has been going on since '98. It comes up here everytime someone gets ticked enough not to leave it alone. That is pretty much what I did.
As for the G engineers knowing of the problem... They know. My sites were submitted to them as actual examples. Not sure why it wasn't fixed. It would seem an easy fix, but then again, I am not a G engineer nor do I know what is involved.
I got a stickey recently from someone who wanted to know of one of the directories that had hijacked one of my sites. Guess what? The site is gone. No longer there. This directory originally had thousands of sites listed with links that all used the hijack hack. Not sure if they were found out and moved or if they just went out of business. Too bad :-)
One thing to note,though (and I found this out the hard way), do not think that if you are hijacked that the offenders have done this deliberately. Here is where you can get in trouble. There seems to be some off-the-shelf type or downloadable code for directory builders that utilize php that have an apparent problem with this. The links seem to be automatically built this way, unbeknownst to whoever is using these codes. So before you flame or defame, please make sure it was deliberate before you end up with egg on your face. That happened to me.
Anyway, keep up the fight people. Just thought I would chime in and give my 2 cents worth.
The site must be a commercial site that pays a few wages and that a reasonably big expenditure had been invested in that site.
great some poor people lose their jobs and/or investment!
They must also agree that after the attack they may never regain their ranking in google and that we cannot be held responsible for any damages of any sort.
lose their jobs permanently!´
They should accept this offer because I see no reason that they should not.
You have made some great posts, I agree with most of what you say in your other posts but this is maybe going a bit far.
you cannot seriously expect a company to let you bankrupt them just to prove a point.
I know all this is frustrating (not to mention monetary loss) but IMHO killing off some poor company's website is going over the top.
try and find a way to bring G to its knees instead of some innocent company.
if you are talking about hijacking a site that is doing it to YOU then I totally agree.
just my thoughts
[edited by: diddlydazz at 5:36 pm (utc) on Mar. 11, 2005]
There seems to be some off-the-shelf type or downloadable code for directory builders that utilize php that have an apparent problem with this. The links seem to be automatically built this way, unbeknownst to whoever is using these codes.
webdude, my client is in the market for a dir script… can you or someone else list these offending scripts so unknowing webmasters can asses their situation & those purchasing scripts are aware of this issue? Or are these deliberate script modifications to knowingly exploit the 302 loopholes?
[edited by: soquinn at 6:04 pm (utc) on Mar. 11, 2005]
You are 100% correct. It is against my principle to knowingly do it in cold blood. But the post just explains what could possibly be at stake.
Many sites are going down and the only difference is that they have had no warning. Imagine the lady that approached me a couple of months ago. She used to sell dolls at her website, avarage 10 a week times £10.00 profit on each. Small income from adwords..... All now gone, her site dropped from number 8 in her top keyword to total oblivion. I warned the offending sites that managed 2 go=php based scripts to cause duplicate content of her index page to deactivate their links so that I used the google URL-CONSOLE... They promptly removed the links. I did not mention that I knew about one of them also had a meta refresh to her index page. I then contacted the webmaster and warned him that a dos script was pointing at his site and he had 5 minutes to prove to me that nothing at his site contained the the lady's URL. I told him to check his raw logs and he would see his entire html pages had already been spidered. He then removed the meta refresh.
I ask you, they guy removed the redirect but had to be warned again to remove the meta refresh. The lady's site is still in oblivion. What person outside SEO capability would have known what to do. Her site was totally at the mercy of the sites causing her redirects. I admit, she reciprocated links with them. That makes their trick even dirtier.
Perhaps we may think of a way to bring this thread to google's attention.