Google SERP result redirects to Google.com homepage?

Forum Moderators: Robert Charlton & goodroi

Message Too Old, No Replies

Google SERP result redirects to Google.com homepage?

triggerfinger

3:50 pm on Jan 3, 2011 (gmt 0)

Hi All,

Very strange problem I'm having. In a search for "Widgets Company USA", the top 3 results are all from WidgetsCompanyUSA.com. However when you click on them, you land back on the Google.com homepage.

The HTTP headers are correct, the pages are live and load perfectly fine when you type the URL directly into the browser. And furthermore, if I load the page directly (and hence adding it to my cache) then the page loads fine when the SERP result is clicked.

This has happened across multiple browsers and machines, so I doubt it's a malware redirect issue.

Anyone ever see this?

Thanks in advance.

Robert Charlton

9:48 pm on Jan 3, 2011 (gmt 0)

This has happened across multiple browsers and machines, so I doubt it's a malware redirect issue.

Thinking out loud here because I haven't tried and sorted through the variations...

It's likely that the site has been hacked on the server, and the hack was set up in such a way that the server only serves the hacked version if the request is coming from Google. Direct requests would get the unhacked version.

The redirect might be a js or meta refresh redirect on the page. Possibly, if a js redirect, it's an onmouseover type redirect which might be harder to detect.

And furthermore, if I load the page directly (and hence adding it to my cache) then the page loads fine when the SERP result is clicked.

If your browser cache is set up to retain a cache of the page once you've viewed it, then you'd continue to view the unmodified version.

I'm curious how WidgetsCompanyUSA.com is doing competitively. If my theory above is correct, it's likely that this hack would eventually affect the site's rankings as well as traffic. A search for the company name itself, though, might be so uncompetitive as to not be affected.

goodroi

11:44 pm on Jan 3, 2011 (gmt 0)

i agree, this smells like a hacked site. based on my experience with fixing hacked sites i would bet its not a caching issue but a cookie that gets set once you visit the site to make you think the malicious code is gone.

by any chance is this site powered by wordpress?

Lame_Wolf

11:46 pm on Jan 3, 2011 (gmt 0)

This happened the other day to me too. Only once though, and it was one of the images that appear on the normal SERPS page (not image search).

triggerfinger

8:15 pm on Jan 5, 2011 (gmt 0)

The verdict is in, and it was a hacked .htaccess file.
No, it's not a wordpress blog.
I don't know how it affected traffic, but it seemed to affect everypage on the site, so I assume it had devastating potential.
Thanks as always guys, you've been most helpful.

tedster

9:01 pm on Jan 5, 2011 (gmt 0)

I very pleased to see this thread. Some things happen just once and you're tempted to write them off as an anomaly. But triggerfinger, you were smart to push for understanding because that one slip was your clue that something really was wrong.

Lame_Wolf

11:00 pm on Jan 5, 2011 (gmt 0)

I very pleased to see this thread. Some things happen just once and you're tempted to write them off as an anomaly.

Very true. I normally write them off because of being an IE6 user.