Comments on: The Never Ending SERPs Hijacking Problem: Is there a definite solution?

By: Web Design Newcastle

Web Design Newcastle — Tue, 25 Sep 2007 10:56:26 +0000

One solution that I’ve seen in the forums and that Google recommends is to verify the IP saying that it is Googlebot, actually is.

Oh - and this is a bit of a cop-out by Google. It’s their problem to fix, not ours.

By: Web Design Newcastle

Web Design Newcastle — Tue, 25 Sep 2007 10:52:33 +0000

I read about this technique somewhere else yesterday (can’t remember where?) and to be honest my first thought was that of Jez above - surely Google can tell which version it found first? However, after looking into it somemore it does appear to be happening a lot currently and I’ve read accounts of it being used to wipe out a competing site by simply waiting until the site is hijacked and then removing the content delivered by the proxy. Obviously Google will eventually reinstate the original site but this could take a while.

With the team Google has - this type of problem should be easily wiped out, and I’m confident it will be. The problem is there is always a new threat around the corner.

By: Hamlet Batista

Hamlet Batista — Wed, 04 Jul 2007 17:27:28 +0000

Heather,

Exactly! It is the same idea, but they would need to detect cgi proxy hijackers, instead of comment spammers. Great find!

By: Hamlet Batista

Hamlet Batista — Wed, 04 Jul 2007 17:13:44 +0000

Does Google not consider the age of a page also though? If my content is 6 months old can someone still hijack it using this method?

Jez,

Yes, Google does, but hijacking is still taking place as you can read on the forums. This is not as trivial as it looks and requires a longer explanation. Excellent idea for another post

Furthermore, if it is based on PR, then they would need to get the PR of their proxy URL’s up, which implies they also need a spam network to point at these URL’s. In fact, as they are not aware of the links, would they not need to spider their own proxy to find the links to report back to their spam sites?

They can rent pages on high PageRank websites to achieve this. This is a very well known technique by black hatters.

Also, I assume they also have to cloak to avoid DMCA complaint for these pages? If they were left accessible via a URL then you would still be able to view and report the scraped content…

The problem is that the content is not being copied

I am just guessing here but it seems to me that setting up the proxy is the easy part!!

It definitely is

By: Heather Paquinas

Heather Paquinas — Wed, 04 Jul 2007 16:46:12 +0000

Project Honey Pot’s http:BL is trying to accomplish this same thing,

http://www.google.com/search?&q=site:digg.com web honeypot

By: Jez

Jez — Wed, 04 Jul 2007 08:50:56 +0000

Does Google not consider the age of a page also though? If my content is 6 months old can someone still hijack it using this method?

Furthermore, if it is based on PR, then they would need to get the PR of their proxy URL’s up, which implies they also need a spam network to point at these URL’s. In fact, as they are not aware of the links, would they not need to spider their own proxy to find the links to report back to their spam sites?

Also, I assume they also have to cloak to avoid DMCA complaint for these pages? If they were left accessible via a URL then you would still be able to view and report the scraped content…

I am just guessing here but it seems to me that setting up the proxy is the easy part!!