Welcome to WebmasterWorld Guest from 50.19.190.144

Message Too Old, No Replies

Solutions to 302 Hijacking

     
8:48 pm on Mar 11, 2005 (gmt 0)

Full Member

10+ Year Member

joined:Sept 25, 2003
posts:308
votes: 0


I haven't fallen victim to this scam yet, but I'd rather prevent this than react to it. So I'm enlisting WebmasterWorld's help in coming up with a hopefully only temporary solution. Here's one idea I've had. Maybe we can improve upon it or come up with a better one.

  1. When someone visits a page on your site, you detect whether the referrer is from an outside website. (Yes, I know that the referrer is not guaranteed correct, but it's all I've got.)
  2. You check this referrer against a list of trusted referrers, whether from a database or text file or other means.
  3. Optional: Check the server headers of the referrer for a 302 redirect.
  4. If the referer is yet untrusted (and a 302), you log the referer and display a meta tag on the page, such as

    <META NAME="GOOGLEBOT" CONTENT="NOINDEX">

    This way other SE's will still index you.
  5. Then you look through your referrer log on a regular basis to see if you can trust any of the your new referrers
3:06 pm on Mar 12, 2005 (gmt 0)

Senior Member

WebmasterWorld Senior Member ciml is a WebmasterWorld Top Contributor of All Time 10+ Year Member

joined:June 22, 2001
posts:3805
votes: 2


That is a nice idea chadmg, but Googlebot doesn't send the 'referer'.

Also, if there happened to be a redirect to your home page, along with many other links, then you wouldn't want to instruct the robot to de-list that page,

4:15 pm on Mar 12, 2005 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:Apr 3, 2001
posts:1609
votes: 0


I posted this earlier in the long thread but it may have gotten lost in the noise.

I did this to one ripper:

it is two steps, you need their IP, htaccess and php:

RewriteEngine on
RewriteCond %{REMOTE_ADDR} ^111\.111\.111\.111$
RewriteCond %{REQUEST_URI}!^/redirect\.php$ [NC]
RewriteRule ^(.*) /redirect.php [R]

That will send requests from their IP to your redirect.php file that contains:

<?php
header("Location: [where*you*send*them.com...]
exit;
?>

That will send the request coming from their IP to lala land so when doofusbot requests h*tp://www.example.com/gotosite.asp?ccxxyyourstuff.com it gets www.where*you*send*them.com/whatever.html, I would recco a few destinations, but that is up to you (bad neihborhoods come to mind).

It takes a few weeks for the interlopers cache of your stuff to disappear.

5:48 pm on Mar 12, 2005 (gmt 0)

Junior Member

10+ Year Member

joined:May 14, 2003
posts:171
votes: 0


OK, so now is there a way to automatically detect if someone is trying to do this to you? Maybe someone smarter than me could put an open-source package together that was written in PHP, and ran on a crontab and checked once a week or so for sites that are doing this, then could automatically notify the webmaster to add the appropriate rewrite rule to htaccess. That would be awesome.

--Mark

5:31 pm on Mar 13, 2005 (gmt 0)

New User

10+ Year Member

joined:Mar 7, 2005
posts:7
votes: 0


I was actually able to successfully get the fool who hijacked my site to remove the link.

Does anybody know how long it takes to recover from such a hit?

Has anyone been able to recover any of their rankings?

7:04 pm on Mar 13, 2005 (gmt 0)

Senior Member

WebmasterWorld Senior Member bigdave is a WebmasterWorld Top Contributor of All Time 10+ Year Member

joined:Nov 19, 2002
posts:3454
votes: 0


Has anyone tried moving their URL and putting in a 301 on the address that has been hijacked?
8:17 pm on Mar 13, 2005 (gmt 0)

Full Member

10+ Year Member

joined:Jan 10, 2005
posts:236
votes: 0


None of this will work. Googlebot does not "follow" a link from the other page to yours; and it doesn't matter one whit whether you stop other people from doing so. All that matters is Googlebot. Nothing else.
3:24 am on Mar 14, 2005 (gmt 0)

Full Member

10+ Year Member

joined:Apr 25, 2003
posts:204
votes: 0


Hmmm ... I am trying to do this, but once I add the lines to my .htaccess file, my entire site becomes unviewable (eg - server returns 403 errors for all pages. I have the correct IP of the jacker ... WHat could be happening?

The following line appears in my error log:

Options FollowSymLinks or SymLinksIfOwnerMatch is off which implies that RewriteRule directive is forbidden: /home/virtual/site1/fst/var/www/html/

3:49 am on Mar 14, 2005 (gmt 0)

New User

10+ Year Member

joined:Feb 16, 2005
posts:18
votes: 0


I believe that chadmg's idea may work. In this case when Google follows that questionable redirect, it gets the meta tag "<META NAME="GOOGLEBOT" CONTENT="NOINDEX"> ". When it follows other links, it doesn not get this meta tag. The question is - can it hurt your position in Google (the fact that sometimes it gets "NOINDEX" and sometimes not)?

Olga

3:55 am on Mar 14, 2005 (gmt 0)

Full Member

10+ Year Member

joined:Apr 25, 2003
posts:204
votes: 0


Figured out that I had to add the Options +FollowSymLinks line in htaccess. But it is still not working for some reason. Just not returning 403 errors anymore.
4:37 am on Mar 14, 2005 (gmt 0)

Full Member

10+ Year Member

joined:Oct 9, 2002
posts:245
votes: 0


The two solutions offered in this thread may work in other scenarios, but not in the case of page jacking (301 > 302 from non cachable pages with meta refresh). The redirect pages are not the referrer nor are they the REMOTE_ADDR.
10:20 am on Mar 14, 2005 (gmt 0)

Senior Member

WebmasterWorld Senior Member ciml is a WebmasterWorld Top Contributor of All Time 10+ Year Member

joined:June 22, 2001
posts:3805
votes: 2


Googlebot does not send the 'referer'.
3:23 pm on Mar 15, 2005 (gmt 0)

Full Member

10+ Year Member

joined:Sept 25, 2003
posts:308
votes: 0


Alright, I must have been very tired to forget that Googlebot does not have a referer.

Does anyone who has had this happen to them know what happens when you take the page that is 302 redirected to and do a 301 redirect to another page? Does this have any effect on fixing the problem after you've been hijacked?

5:38 am on Mar 17, 2005 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:Sept 16, 2004
posts:693
votes: 0


RewriteRule ^example\.html$ h**p://www.example.net/example.html [R=301,L]

what bout doing this to each and every page?

edit in - this way your server will never return a 200 always a 301 you can set up a .htaccess in each directory for the files in that directory.

7:40 am on Mar 17, 2005 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:Sept 16, 2004
posts:693
votes: 0


cmon guys we need a solution NOW!

there are e-books 'how to make $'s on the internet right away' 'how to become rich instantly' 'the secret to making money on the internet' these are all about how to build a scraper site and hijack google with 302's.

There is SEO sofware "instant results" it is automated 302 hijacking software. People are buying it up. We can't wait for Google or MSN to fix it, we need a bulletproof solution right now.

Any guru's out there? How would googlebot respond to no 200's just 301's every page every time?

8:40 am on Mar 17, 2005 (gmt 0)

Senior Member

WebmasterWorld Senior Member bigdave is a WebmasterWorld Top Contributor of All Time 10+ Year Member

joined:Nov 19, 2002
posts:3454
votes: 0


cmon guys we need a solution NOW!

If you need a solution (I certainly don't) then try doing some experimentation on your own site. I can't do anything because I don't have the problem.

How would googlebot respond to no 200's just 301's every page every time?

Uh, you have to eventually give it a 200. Setting up an infinite loop of 301s ain't going to help your ranking, traffic or conversions.

Take one of your pages that is having problems with this. Change the name of the file, and set up a RedirectPermanent and tell us what happens.

9:01 am on Mar 17, 2005 (gmt 0)

Full Member

10+ Year Member

joined:Apr 7, 2002
posts:339
votes: 0


Can't we have the TOS rule lifted just this once and compile a list of all the known hijackers. Surely this is for the greater good...
8:09 am on Mar 18, 2005 (gmt 0)

Junior Member

10+ Year Member

joined:Apr 30, 2002
posts:45
votes: 0


John316, an excellent idea. I love it. Is it possible to just leave out the the second mod_rewrite condition and the rewrite it offsite [R=301,L] to their homepage. Doesn't have to be with PHP does it?
11:50 pm on Mar 18, 2005 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:June 4, 2002
posts:1785
votes: 2



Can't we have the TOS rule lifted just this once and compile a list of all the known hijackers. Surely this is for the greater good.

They would be sued by every one of them (which is the reason for the TOS) and besides it would use up all of WebmasterWorld's bandwidth just for that one thread.

12:14 am on Mar 19, 2005 (gmt 0)

Full Member

10+ Year Member

joined:Dec 13, 2002
posts:245
votes: 0


cmon guys we need a solution NOW!

I know this might sound off the wall but...

What would it take for Google to simply set up a system where a special 'spider' verifies whether or not pages (which are suspected as hijackers and have been submitted thru a form by the hijackee) are indeed using a 302 or whatever clever script they've got to steel the content from another site?

Once the hijacker is detected the domain could be put on a black list or forever banned preferably.

The form might include both the hijacker as well as the hijackee so as to facilitate verification.

4:06 am on Mar 19, 2005 (gmt 0)

Junior Member

10+ Year Member

joined:Apr 30, 2002
posts:45
votes: 0


Lorel: If you want the info, (other than vague wha-wha about who did it) you can go elsewhere to pick up on a little of that. I posted a similar inquiry for a new thread earlier this evening that was automatically machine-diabled (put on hold) and still is. Probably I triggered a Lawyer-related stopword, but I donít know how to dance around them. Maybe they donít have so many Laywers*)&%* in Germany. Try this: [forum.#*$!.com...]
4:16 am on Mar 19, 2005 (gmt 0)

Junior Member

10+ Year Member

joined:Apr 30, 2002
posts:45
votes: 0


Lorel: Sorry that the URL didn't get through. If you do a search for "In a german discussion board I found a very simple solution to that" you can find it that way. I guess I'm not having a very good IT night. But then I'm not even an IT professional. I'm just some guy with a Master's in Engineering who is trying to learn and does this for a hobby and supplimental income. I have developed a sucurity plan to move forward with this topic; I'm not resting on my laurals waiting for "it can't happen Here" so let google fix it.
 

Join The Conversation

Moderators and Top Contributors

Hot Threads This Week

Featured Threads

Free SEO Tools

Hire Expert Members