My titles and descriptions are being hijacked!

Forum Moderators: Robert Charlton & goodroi

Message Too Old, No Replies

My titles and descriptions are being hijacked!

mboydnv

6:15 pm on Oct 24, 2008 (gmt 0)

I got dozens of pages indexed in google, but with someone else's title and description.

My pages are being indexed with casino gaming titles and descriptions featuring that guy wanted by the govt in afganistan....this has got to be hurting me....

is this cloaking of google's cache? cookie stuffing? I don't know..any ideas, i can't even get a hold of google to explain...endless voicemail.....

BradleyT

6:40 pm on Oct 24, 2008 (gmt 0)

It sounds like googlebot is being shown a different page than visitors are. And it also sounds like your site is vulnerable to some type of cross site scripting exploits or it was outright hacked.

mboydnv

8:16 pm on Oct 25, 2008 (gmt 0)

This is what is showing up in Google: Not my title, not my description, but my domain link.

What else i can tell you all, is the pages that they are linking too have included files on them, that were not showing up for 3 weeks. I moved from a dedicated server to a VPS and finally configured the server after 3 weeks to allow the domain feeds (the included files)
So it seems this is a hijacking of the cache? How is this done? Is this the famous 302 redirect problem?

Also seeing it on yahoo too. MY domain is being linked to dirty words in the descriptions. Help!

[edited by: encyclo at 11:46 pm (utc) on Oct. 25, 2008]

Marcia

11:25 pm on Oct 25, 2008 (gmt 0)

It isn't a Google cache issue, they've just got what they found. It sounds like your site has been hacked.

mboydnv

12:59 am on Oct 26, 2008 (gmt 0)

I don't think the site was hacked. Too much security. I couldn't even call a feed. But I'm not kidding you all, someone elses title and meta description but with my link. Cloaking? What is doing it?

Marcia

2:38 am on Oct 26, 2008 (gmt 0)

If Yahoo and Google both have that as your title and description, then that's what they found on your site when they crawled it.

So how did that get onto your site for them to index? Somebody put it there, right?

mboydnv

3:04 am on Oct 26, 2008 (gmt 0)

Marcia,

Nothing was put on the server. It's more complicated than that. Encyclo offered this theory:

Your file.php script is showing errors, this is probably where the issues lie - all the modified results seem to be with URLs generated with this script, so this indicates a security issue / SQL injection, etc. problem that is being exploited.

tedster

3:11 am on Oct 26, 2008 (gmt 0)

Cloaking? What is doing it?

The most devious hacks today inject a script to cloak only for search engine bots and they cloak BY IP ADDRESS. Even if you browse using a user agent switcher, you will not see the hack but only the content you expect.

This level of hacking also stays on top of the most newly discovered security holes and exploits them before patches are available.

That's what to look for on your server, in the most generic terms at any rate. Maybe you'll be lucky and find simple user agent cloaking. But if it's IP address cloaking, then it's much harder to find and can be even harder to clean. Some of the most malicious hacks will regenerate automatically, even after you think you've cleaned up everything.