You’ve Won the Battle but not the War: 10 Ways to protect your site from negative SEO

You’ve Won the Battle but not the War: 10 Ways to protect your site from negative SEO

July 16th, 2007 @ // 18 Comments

rankings_robber2.jpgLast month there was an interesting article in Forbes about the search engine marketing saboteurs. These so-called “SEO professionals” proudly proclaim their job to be damaging the hard-earned rankings of their clients’ competitors. I understand a lot of people would do anything for money, but it’s still unsettling to see such people trumpet their efforts with such gusto. A huge thumbs down to all those mentioned in the article.

Earning high search engine rankings is challenging enough. Now we need to work twice as hard to protect the rankings once we earn them. The Forbes article lists seven ways you can damage someone else's website. I can think of three more — but instead of adding more wood to the negative SEO fire, I’ve decided to create a list of things you can do to detect, prevent and protect your rankings from these types of attacks.

Here are Hamlet’s countermeasures. (You may want to read the Forbes article first to better understand the terms.)

  1. Anti-Google bowling. This attack makes your link structure look spammy, potentially causing Google and other search engines to believe your rankings are undeserved. The way to protect your site from this is to monitor your incoming links and their anchor text. Google’s webmaster central provides all the information you need for this purpose. Any site-wide links you are not familiar with, links with strange anchor text (usually porn), etc. are a clear indication that your site is being attacked. Contact the site owners that host the links and politely request they take them down. A cease and desist letter should do the trick, too—but only as a last resort.

  2. Anti-Tattling. This attack is possible thanks to Google's encouragement of reporting paid links for ranking purposes. The best way to avoid this attack is not to buy text links at all. A competitor can purchase links for your site and report it. I assume Google's spam team is smart enough to tell if those paid links are making any difference for the search engine rankings and demote the links instead of banning the website. Again, monitor your incoming links profile and request take-downs where necessary.

  3. Anti-Insulation. This one is basic— creating more pages about the same topics as your site’s pages to make yours less relevant. Preventing your competitors from pushing down your pages means that you will have to work even harder to make your pages more popular and relevant to keep their highly-deserved rankings. As you know, this is why SEO is an ongoing battle.

  4. Anti-Copyright take-downs. Make sure all your content is original. This might sound obvious, but if you pay content writers to create your content, it is good practice to do a Google search for portions in their work to make sure it is original. I have turned down more than one “content writer” because of a simple Google search. If someone does file a bogus complaint against your site, the legal option is the best. Make sure their unscrupulous actions backfires to them. 

  5. Anti–Duplicate content take-downs. If you content is original and it gets copied by another webmaster, contact the webmaster to have him/her take it down. It’s also a good idea to file a DMCA complaint with the search engines before that might affect you.

  6. Anti–Denial of Service Attacks (DOS). There are hardware and software solutions to protect your site from DOS attacks. Most are very expensive. For my most profitable websites, I have been subjected to heavy DOS attacks, followed by an alleged 'Chinese hacker' asking for ransom. Personally, I’ve found that a reverse proxy with mod_evasive is good enough if you have the bandwidth to sustain the attacks. This is how you can protect yourself inexpensively:
    1. Set up a separate web server with Apache mod_proxy and mod_evasive.
    2. Set up mod_proxy as a reverse proxy server. That way, all requests will be forwarded to the real web server.
    3. Set up mod_evasive and adjust the number of simultaneous requests per second to a low value. Use a number that does not cause legitimate traffic to be filtered.
    4. Set up iptables on your real server so that you block all direct HTTP traffic not coming from the reverse proxy. All the web traffic must pass through the DOS filter.

  7. Anti-Click fraud. Not exactly SEO-related, but also mentioned in the article. The best indication of click fraud is a sudden amount of clicks and no conversions when you have a history of strong conversion rates. The new click-fraud reports provided by the search engines help, as do some tools by specialized analytics providers.

  8. Anti–SERP hijacking. This one wasn’t mentioned in the article, but SERP hijacking is another way to steal your rankings. As I explained in a previous post, before this was possible via HTTP 302 redirects, and these days with cgi proxy servers. Here is how you can protect your site from an attack:
    1. Se tup HTTP-USER-AGENT detection and reverse-forward dns verification to confirm that it is actually the search engine crawler pulling pages from your website.
    2. Some hijackers's proxies will not report as a search engine robot to avoid such detection. For this second case, here is a more advanced approach that involves cookies and IP blocking:   
       1. For each new IP address that is not a search engine robot (your script will need to keep track of each IP), encode the IP with optional information (user_agent, time, etc.) and insert it into the HTML as a comment or other invisible element that is returned to the requester.   
       2. When you find a hijacked URL, check the content of the page and look for the encoded text. Decode it and add the IP address to an access control list. You can block the IPs in Apache or in your iptables' based firewall.

  9. Anti–Website hacking. Also not mentioned in the article, but perfectly possible (I read a thread at Digital Point Forums where this happened) is the hacking of your website to make the pages spammy. This includes adding hidden links or text, etc. If such a thing happens to you, remove the spam immediately, harden your server, and submit a re-inclusion request explaining what happened. In order to prevent this from happening make sure your server has all the latest security patches and any unnecessary Internet services shut down. All web scripts should 'sanitize' their input and treat it as not trusted.

  10. Anti–Domain hijacking. This one wasn’t mentioned in the article either, but is probably very common. Hijackers can steal your domain names if you forget to renew them or with a fraudulent domain transfer. It is one of the most difficult attacks to recover from. If you value your domain property, it is imperative that you always keep your domains in a 'locked' state and that you set them up to auto renew at your registrar. It is also good practice to trademark your domain names if you are doing something serious. If you ever lose your domain, your best chances are by disputing it with the ICANN. Basically, you’ll need to prove that you own a trademark to the domain name and/or that the current registrant is using the domain in bad faith (to profit from your branding efforts for example).

Achieving high search engine rankings for competitive terms is hard enough. Every day is a new battle and we need to fight continually to keep winning the war. If you’re like me, you’ve spent a lot of your time improving your sites and content and it would be a colossal waste to let negative SEOs demote your rankings.

As always, let me know in the comments section if you find the tips useful and if you have any of your own to add.

 


Category : Blog &On-page SEO

18 Comments → “You’ve Won the Battle but not the War: 10 Ways to protect your site from negative SEO”


  1. Tom

    6 years ago

    Great post hamlet – I was going to write something on this exact subject (and it was going to be a top 10 list too!) but you've gone into a lot more technical detail which is good.

    (loving the pic as well!)

    One point I think you missed is that you should always make sure your canonicalisation is fixed – if both the www. version of your site and the non www. version both resolve to the same content it's possible to cause problems with the Google duplicate content filters if you send links to the wrong one. (I know this is a very basic point but it's one that I come across time and time again)

    Reply

    • Hamlet Batista

      6 years ago

      Tom,
      Thanks for your comment. How funny that we were thinking in the same lines :-)

      Remember that the list is about counter-measures for negative SEOs. The reason I omitted the canonical issue is that is very unlikely a (smart) competitor would use it to harm you site. If they did, a simple 301 redirect rule would turn the table in your favor ;-)

      Reply

      • Paul Montwill

        6 years ago

        Hamlet, this picture is hilarious. It made my day. About the post, it is All tips are very useful, especially regarding DOS attacks.

        As you are very technical guy, can you write a post in the future regarding redirections? Starting with basics and finishing with more advanced tips? It is an important area and I would like to learn more about it
        and fill my knowledge gaps. Thanks

        Reply

        • Hamlet Batista

          6 years ago

          Paul,
          That is a good idea for a future post. I promise to work on it.

          Reply

  2. Paul Montwill

    6 years ago

    Reply
  3. [...] Google in an attempt to get you penalized. A great article about how to effectively combat this is You’ve won the battle but not the war: 10 ways to protect your site from negative SEO by Hamlet [...]

    Reply
  4. [...] SEO expert/blogger Hamlet Batista isn’t amused. He says: These so-called “SEO professionals” proudly proclaim their job to be damaging the hard-earned rankings of their clients’ competitors. I understand a lot of people would do anything for money, but it’s still unsettling to see such people trumpet their efforts with such gusto. A huge thumbs-down to all those mentioned in the article. [...]

    Reply

  5. David Airey :: Graph

    6 years ago

    Another sterling article, Hamlet.

    Seems I have some looking around your blog to be doing. Thanks again.

    Reply

  6. Rafael Cedano

    6 years ago

    Hello Hamlet, Great article, all that people need to know about negative seo,

    Great,

    Congrats.

    Reply
  7. [...] a nice little tip: use Google Webmaster Tools to view all your back links to your web site.  By looking at your back links you can potentialy catch and prevent people from creating unwanted anchor text links to your site [...]

    Reply

  8. Kirk

    6 years ago

    Hamlet your list is full of useful information and I thank you for posting it.

    However as someone who really only knows the basics of HTML and web development and also uses a windows server (and ASP code) in their website, do you have or offer an "idiots guide" on implementing the above techniques?

    Thanks

    Kirk

    Reply

    • Hamlet Batista

      6 years ago

      do you have or offer an “idiots guide” on implementing the above techniques?

      Kirk – Thanks for your comment. Unfortunately I do not have such guide. I'd probably need to write a 50-page guide to make this post easier to understand to the general public. If there is enough interest, I may be able to find time to get it done. I'd need some research for windows/asp based servers.

      My blog is aimed primarily at advanced marketers, but I can help you clarify any specifics you need.

      Reply

  9. Keniki

    6 years ago

    Hi great article, all of the above is true.
    There is now a more advanced way to damage peoples content. Black hats simply use search engine syndication and at present I am told there is no way inwhich you can prevent search engines syndicating your content to any site causing google bowling and many of the other problems mentioned above such as dilluting your content.

    Reply

    • Hamlet Batista

      6 years ago

      keniki – Thanks for your comment. These negative seos are definitely a concern of mine

      Reply
  10. [...] Even if you protect your search engine rankings by canonicalizing your URLs, it’s still possible that someone can steal your rankings. And with your own content on their site. Scary but true. Read SEO Fast Start’s article Google Proxy Hacking [via Sphinn]. While you’re at it, also read Hamlet Batista’s 10 Ways to Protect Your Site From Negative SEO. [...]

    Reply

  11. Amit

    6 years ago

    Hi Hamlet nice post providing real information on negative seo. Since i myself is new towards the seo, learning the basics from all research work.

    Well i never thought of negative seo. But, after reading your post i updated my knowledge base.

    Thanks for guiding all seo's including me.

    Reply

  12. Bob At Blogging For

    6 years ago

    As far as spotting your content on the web is concerned, there are a couple of things I do when posting articles — I use a very unique name (foriegn names do well) as the author title, and will often also use a few uniquelly speled (catch that?) phrases in the article body. It then becomes very easy to set up a Google alert for the author name and unique body text. You'd be suprised at how many people post your stuff on the web without any modification at all.

    Reply

  13. pravish thomas

    6 years ago

    HI Hamlet,

    This is what i needed
    An awesome post
    Gr8 work
    The evil always stay there na – i don't get y ppl go for this BLACK hat ? Why the hell they don't be innovative and do something good for the world
    Don't know when the day would come :)
    But yeah – Gr keep the good work

    cheers,,,,,

    Reply

Leave a Reply


9 + = fourteen

Latest Posts

Testimonials

"I am proud to say that I have had the pleasure of working with Hamlet both as a client and as a partner, especially in light of his extraordinary capabilities in his areas of expertise. Hamlet Batista is a well-recognized, authority figure in the online marketing world, particularly when it comes to his incredible knowledge of the complexities of search engine marketing"

(Curtis) R. Curtis — Chief Sales & Marketing Officer, RankSense

Subscribe Now