Welcome to WebmasterWorld Guest from 23.20.238.193

Message Too Old, No Replies

302 Redirects continues to be an issue

     
6:23 pm on Feb 27, 2005 (gmt 0)

10+ Year Member



recent related threads:
[webmasterworld.com...]
[webmasterworld.com...]
[webmasterworld.com...]



It is now 100% certain that any site can destroy low to midrange pagerank sites by causing googlebot to snap up a 302 redirect via scripts such as php, asp and cgi etc supported by an unseen randomly generated meta refresh page pointing to an unsuspecting site. The encroaching site in many cases actually write your websites location URL with a 302 redirect inside their server. This is flagrant violation of copyright and manipulation of search engine robots and geared to exploit and destroy websites and to artificially inflate ranking of the offending sites.

Many unethical webmasters and site owners are already creating thousands of TEMPLATED (ready to go) SKYSCRAPER sites fed by affiliate companies immense databases. These companies that have your website info within their databases feed your page snippets, without your permission, to vast numbers of the skyscraper sites. A carefully adjusted variant php based redirection script that causes a 302 redirect to your site, and included in the script an affiliate click checker, goes to work. What is very sneaky is the randomly generated meta refresh page that can only be detected via the use of a good header interrogation tool.

Googlebot and MSMBOT follow these php scripts to either an internal sub-domain containing the 302 redirect or serverside and “BANG” down goes your site if it has a pagerank below the offending site. Your index page is crippled because googlebot and msnbot now consider your home page at best a supplemental page of the offending site. The offending sites URL that contains your URL is indexed as belonging to the offending site. The offending site knows that google does not reveal all links pointing to your site, takes a couple of months to update, and thus an INURL:YOURSITE.COM will not be of much help to trace for a long time. Note that these scripts apply your URL mostly stripped or without the WWW. Making detection harder. This also causes googlebot to generate another URL listing for your site that can be seen as duplicate content. A 301 redirect resolves at least the short URL problem so aleviating google from deciding which of the two URL's of your site to index higher, more often the higher linked pagerank.

Your only hope is that your pagerank is higher than the offending site. This alone is no guarantee because the offending site would have targeted many higher pagerank sites within its system on the off chance that it strips at least one of the targets. This is further applied by hundreds of other hidden 301 permanent redirects to pagerank 7 or above sites, again in the hope of stripping a high pagerank site. This would then empower their scripts to highjack more efficiently. Sadly supposedly ethical big name affiliates are involved in this scam, they know it is going on and google adwords is probably the main target of revenue. Though I am sure only google do not approve of their adsense program to be used in such manner.

Many such offending sites have no e-mail contact and hidden WHOIS and no telephone number. Even if you were to contact them, you will find in most cases that the owner or webmaster cannot remove your links at their site because the feeds are by affiliate databases.

There is no point in contacting GOOGLE or MSN because this problem has been around for at least 9 months, only now it is escalating at an alarming rate. All pagerank sites of 5 or below are susceptible, if your site is 3 or 4 then be very alarmed. A skyscraper site only need create child page linking to get pagerank 4 or 5 without the need to strip other sites.

Caution, trying to exclude via robots text will not help because these scripts are nearly able to convert daily.

Trying to remove a link through google that looks like
new.searc**verywhere.co.uk/goto.php?path=yoursite.com%2F will result in your entire website being removed from google’s index for an indefinite period time, at least 90 days and you cannot get re-indexed within this timeline.

I am working on an automated 302 REBOUND SCRIPT to trace and counteract an offending site. This script will spider and detect all pages including sub-domains within an offending site and blast all of its pages, including dynamic pages with a 302 or 301 redirect. Hopefully it will detect the feeding database and blast it with as many 302 redirects as it contains URLS. So in essence a programme in perpetual motion creating millions of 302 redirects so long as it stays on. As every page is a unique URL, the script will hopefully continue to create and bombard a site that generates dynamically generated pages that possesses php, asp, cigi redirecting scripts. A SKYSCRAPER site that is fed can have its server totally occupied by a single efficient spider that continually requests pages in split seconds continually throughout the day and week.

If the repeatedly spidered site is depleted of its bandwidth, it may then be possible to remove it via googles URL removal tool. You only need a few seconds of 404 or a 403 regarding the offending site for google’s url console to detect what it needs. Either the site or the damaging link.

I hope I have been informative and to help anybody that has a hijacked site who’s natural revenue has been unfairly treated. Also note that your site may never gain its rank even after the removal of the offending links. Talking to offending site owners often result in their denial that they are causing problems and say that they are only counting outbound clicks. And they seam reluctant to remove your links....Yeah, pull the other one.

[edited by: Brett_Tabke at 9:49 pm (utc) on Mar. 16, 2005]

11:11 pm on Mar 16, 2005 (gmt 0)

10+ Year Member



This has been going on for over a week. It's mentioned a while back in this thread and here:
[webmasterworld.com...]
12:05 am on Mar 17, 2005 (gmt 0)

WebmasterWorld Senior Member zeus is a WebmasterWorld Top Contributor of All Time 10+ Year Member



surfgatino - I have also noticed some changes the last eeks time, as I see it the redirecting links are all still there, BUT my page does get a little google visits. I does not look like any solution, so Im still planing to use 302 as a seo tool if its that what they want, did I tell you made for fun a scraper site it took 10 min for 100pages, a week later it was fully indexed and googlebot loves it, sad sad.
12:15 am on Mar 17, 2005 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member



I think the GoogleGuy showed up.
12:17 am on Mar 17, 2005 (gmt 0)

WebmasterWorld Senior Member zeus is a WebmasterWorld Top Contributor of All Time 10+ Year Member



he can not reply to such problem its just to serious a topic, he first need permission I think, because this googlejacking could have a effect on the stock.
12:27 am on Mar 17, 2005 (gmt 0)

WebmasterWorld Senior Member crobb305 is a WebmasterWorld Top Contributor of All Time 10+ Year Member



Yep, Zeus, you are right. Time to create scraper sites. Keep us posted on how well you do. Sad to say that Google isn't valuing original content anymore.

C

12:42 am on Mar 17, 2005 (gmt 0)

WebmasterWorld Senior Member zeus is a WebmasterWorld Top Contributor of All Time 10+ Year Member



Thanks Crobb, but Im just testing, so I have put the site on hold, because I hate to create such kind of sites, but we have to face the music, no SE can expect a webmaster to wait 6-12 month and hope for a google fix on the googlejacking, we also have to make a living and if google wants pages like that OK then I will create such sites, its like when we found out that google likes links, now they like webmasters to create 302 redirecting and scraper site, I know how this sounds, but what can we do?, Im sitting at the computer 16 hours a day and look at stats/solutions/new options and small layout changes, but changes to the site is a risky thing because its not there the problem is + I also had to skip the trip to my first webmaster conference in Las Vegas, because it happend nov.3 2004
1:09 am on Mar 17, 2005 (gmt 0)

10+ Year Member



Something Im confused between 301 Redirect / 302 FOUND(I didnt read the whole thread), is that for an attack to be an attack it has to be of the form:

header("Status: 301 Moved Permanently");
header("Location: [victims-site.com");...]

But there are a lot of people
just reporting sites with 302 FOUND - which is different. Does it still have an effect or should I gather that the 302 means that the victims site is not removed from google but starts to rank lower than it?

1:16 am on Mar 17, 2005 (gmt 0)

WebmasterWorld Senior Member zeus is a WebmasterWorld Top Contributor of All Time 10+ Year Member



the redirects in google are spidered by googlebot, but googlebot can NOT handle such redirects so it creates a site that looks like the sites its redirecting to, then you get hit by a dublicate filter.
2:11 am on Mar 17, 2005 (gmt 0)

10+ Year Member



Here's a site that's scraping my site as well as others, causing 302 duplicate content problems:

<edit>

Where/who at Google do I report this to?

[edited by: Brett_Tabke at 2:20 am (utc) on Mar. 17, 2005]
[edit reason] No specifics please. [/edit]

3:00 am on Mar 17, 2005 (gmt 0)

10+ Year Member



www.< example >.com

What a wonderful website the above is.

The guy actually specializes in the hijacking of other websites.

He uses adsense in his tactical pages and cashes in on clickbank as well.

For the webmaster gurus here, the challenge is obvious. Unearthing this guy and the server/host he is using provides a new dimension in the hijacking of website.

This guy is one or the worlds best and he is streets ahead of google and msn.

Do not be surprized if one of your sites that is hijacked by him. He is an expert in php and javascript, far beyond the ability of anybody in google and msn.

THE HIJACKER EXTRAORDINAIRE

[edited by: ciml at 10:20 am (utc) on Mar. 17, 2005]
[edit reason] No specific accusations on WebmasterWorld, [/edit]

3:23 am on Mar 17, 2005 (gmt 0)

WebmasterWorld Senior Member crobb305 is a WebmasterWorld Top Contributor of All Time 10+ Year Member



IT HAS BEEN GREAT DISCUSSING THE 302
This is my last post.

Thanks for starting this thread. It is nearly 700 posts long. Hopefully it has captured the attention of some folks at Google, though I am not holding my breath. They have known about this issue for over a year and many many sites are still MIA. They will never be able to solve the problem algorithmically until they admit there is a problem.

Chris

4:22 am on Mar 17, 2005 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member



Yeah thanx Japanese I learned a lot from you.

Now I need to wonder - especially after looking at those e-books wether I should just delete my website and start scraping cash - throw in the towel so to speak.
Either that or sit here spending hours and hours providing content for others to cash in on.

Nope - I believe in integrity and truth - why throw away integrity for all the cash on earth? I may be broke but I sleep well every night. Esp after writing content for hours and hours.

4:59 am on Mar 17, 2005 (gmt 0)

WebmasterWorld Senior Member crobb305 is a WebmasterWorld Top Contributor of All Time 10+ Year Member



Yes, very interesting to see the issue making into Google news. One of the articles indexed in Google news makes a very interesting estimation...that it will take less than a year for the Google search engine to become so inundated by this problem that the engine itself will become virtually useless.

C

6:17 am on Mar 17, 2005 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member



RewriteRule ^example\.html$ h**p://www.example.com/example.html [R=301,L] 

what bout doing this to each and every page?

this way your server will never return a 200 always a 301 you can set up a .htaccess in each directory for the files in that directory.

6:25 am on Mar 17, 2005 (gmt 0)

10+ Year Member



Am I understanding this correctly, that you don't have to be first-person affected by this, that your site can be sucked under by 302 sites that all jumped to higher SERPs than you? So, this explains why so many have seen huge drops?
6:37 am on Mar 17, 2005 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member



I'll tell it in the way I explained it to my wife :
"Someone linked my site in a funny way and google is <messed> up!" :)

[edited by: ciml at 10:21 am (utc) on Mar. 17, 2005]
[edit reason] Language. [/edit]

7:26 am on Mar 17, 2005 (gmt 0)



cool. I'll try to tell that to my landlord when he wants his rent check :)

"Someone linked my site in a funny way and google is <messed> up!"

[edited by: ciml at 10:24 am (utc) on Mar. 17, 2005]
[edit reason] Language. [/edit]

8:38 am on Mar 17, 2005 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member



Japanese, and others, don't take a post edit personal. The TOS of this board states that in a lot of cases we simply can't put URLs in our posts. It's making things difficult sometimes, but it also serves to protect members from other members, so it's not bad. (Although you probably wouldn't do it, some stuff that some people might post could be deliberately wrong and only aimed at hurting the competition)

Anyway, Japanese, i hope you will reconsider and continue to post about this, just without the specific URLs. I can see that a lot of people have found your posts very informative, and information as well as increased awareness about this topic is badly needed, as the problem is all around.

>> RewriteRule ^example\.html$ h**p://www.example.com/example.html [R=301,L]

Reid, i posted something very close to that earlier. Unfortunately it will throw your server into a loop.

>> Something Im confused between 301 Redirect / 302 FOUND

kila_m, if you don't want to read the whole thread, do at least read my post #54 [webmasterworld.com] as that one will spell it out nicely for you. It's all about 302s, not 301s.

Also, if you want to help spread awareness, feel free to republish that specific post on another site as per post #279 [webmasterworld.com] - you don't even have to mention my name.

9:44 am on Mar 17, 2005 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member



Just noticed this:

>> Server:·Apache/1.3.33

I have a server running the same Apache version. However, that one puts this out as page content with the 302 (Apache 2.0 output is very similar):

----------------------------
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<HTML><HEAD>
<TITLE>302 Found</TITLE>
</HEAD><BODY>
<H1>Found</H1>
The document has moved <A HREF="http://www.example.com/folder/file.html">here</A>.<P>
</BODY></HTML>
----------------------------

I.e. not this:

----------------------------
<meta http-equiv="refresh" content="0;url=http://www.example.com/folder/file.html">
----------------------------

I think the servers putting out the above in stead might just make the problem worse, as i have also seen hijacks being performed by meta refresh alone. (without 302, just the meta)

I also think the above is non-standard, at least it does not conform to the RFC which requires a hyperlink to be output on the page.

Added: I have just double-checked a few cases. You don't need to hack the Apache server to both send a 302 and a meta refresh in order to make a hijack. Just using one of them will do the trick.



By the way, some examples i knew about (using the 302 only) have now disappeared from Google. Anybody else seeing improvement?

Others are still there - it's only some that have gone, so it could be a coincidence. There are still lots of meta hijacks to be found. This is the exact same issue, it's only the method that's different.

[edited by: claus at 10:11 am (utc) on Mar. 17, 2005]

9:58 am on Mar 17, 2005 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member



Clause I'm wondering - since the homepage is almost always the target of 302 redirects from the vast majority of directories and from automated link tracking scripts how this might act.

RewriteRule ^www\.example\.com$ h**p://www.example.com/index.html [R=301,L]

If the request is for w*w.example.com it would get a 301 redirect to h**p://w*w.example.com/index.html which would then return a 200 OK.

I'm not sure how this is done normally by the server but would this override it and stick the 301 in there?

10:12 am on Mar 17, 2005 (gmt 0)

WebmasterWorld Senior Member kaled is a WebmasterWorld Top Contributor of All Time 10+ Year Member



Is it possible that Google's impotence in this matter is due to the problem not lying in the algos, but is a result of sabotage? With hundreds of thousands of lines to check, it could be difficult to find if it is well hidden. Especially, if the source code of a critical module had gotten lost.

In any case, sabotage is a concept joe public can understand, so maybe that would be the best way to spin this story into the news.

Kaled.

10:12 am on Mar 17, 2005 (gmt 0)

10+ Year Member



More exposure for the hijacking problem -- an article on The Inquirer:
[theinquirer.net...]

(sorry if this has already been posted)

10:29 am on Mar 17, 2005 (gmt 0)

WebmasterWorld Senior Member ciml is a WebmasterWorld Top Contributor of All Time 10+ Year Member



Reid, Google doesn't fetch /index.html any more.
11:13 am on Mar 17, 2005 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member



Reid, Google doesn't fetch /index.html any more.

Well thats perfect then, when google requests h**p://w*w.example.com then it could be redirected (via 301) to index.html
The only way to combat an incoming 302 (user_agent should use referring URL for future reference) is to feed it a 301 (user_agent should use supplied URL for future reference).
11:24 am on Mar 17, 2005 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member



The only question remaining is can a mod rewrite override the server automatically giving it index.html?
11:56 am on Mar 17, 2005 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member



here is how googlebot fetches the index.html on mysite

"GET / HTTP/1.0" 200 7987 "-" "Googlebot/2.1 (+http://www.google.com/bot.html)"

so what Im thinking is if I rewrite "/" to /index.html with a 301 then it will fetch /index.html and get a 200 OK That protects my homepage from 302 redirects.

I'd like to hear your thoughts on this.

12:04 pm on Mar 17, 2005 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member



what we really need to see is if someone has a page that was hijacked - look at the cached date on that page and then go look at your referer logs (with my site it fetched it about 8 hours before the time on the cached date) and see how it fetched it through the 302 redirect.
Notice on this example in my last post the referer string is "-" see if it's any different. Unfortunately my raw log files don't go back far enough for me to check the Nov 1st cache google has on my hijacked page.
12:26 pm on Mar 17, 2005 (gmt 0)

10+ Year Member



i have a pr6 home page which doesnt seem to be hijacked yet. but the cache is from feb 28th, seeing this for alot of sites around me. Odd thing is this websites cache was always very recent. Could this be a sign of a hijack coming?

however some internal pages have a recent cache

12:34 pm on Mar 17, 2005 (gmt 0)

10+ Year Member



Has anybody tried to file a DMCA with Google concerning a page hijacking. It should fall under the scope of the DMCA even though it is a redirect.

[google.com...]

They even say there they will remove access to comply with the act and if enough people file DMCA's they will have to sit up and take notice of the extent of the problem

12:35 pm on Mar 17, 2005 (gmt 0)

WebmasterWorld Senior Member zeus is a WebmasterWorld Top Contributor of All Time 10+ Year Member



Reid Im not the big log master, but I use urchin and I have noticed that a hijacker, which will not reply, has a cache that says Nov.3 and that day my site went down on google serps.
This 713 message thread spans 24 pages: 713
 

Featured Threads

Hot Threads This Week

Hot Threads This Month