New Method in SEO market - Hack, change and Boost your ranking

secondeye

Elite Member
Joined
Aug 1, 2008
Messages
1,998
Reaction score
584
Currently, to gain top ranking SEO hackers have found a new way to get high rankings on Google. The new trick involves hacked websites and the canonical tag.

Now, what is canonical tag?

Canonical tag "rel=canonical" tag is to help website owners eliminate self-created duplicate content. The canonical tag tells search engine spiders the original source of a file.

For example, a search engine robot might visit the web page "http://www.example.com/page4.htm". If that page contains the tag <link rel="canonical" href="http://www.originalpage.com/"> then search engines will show http://originalpage.com/ in the search results instead of http://example.com/.


The main point:
If hackers add the canonical tag to your web pages and point it to another website then your website content will help another website to get high rankings while your own website will lose all of its rankings.


How to check if your website is exploited
Open a page of your website in your browser and select "View HTML source" in your browser. If you can see a rel=canonical tag that points to an unknown domain in the head section of your page then your website has been hacked.


Unfortunately, hackers might have changed your web server so that it only shows the canonical tag to Google's indexing robot. In that case, you have to check how Google sees your web pages

Google is aware of the problem. Unfortunately, it is very difficult to find out if a webmaster intentionally inserted a canonical tag to a website or if the tag was inserted by a hacker.

Solution:
Re-check all your main or homepage and if you found any of the tag mentioned above then remove it.

Matt Cutts and rel=canonical
"We take rel=canonical urls as a strong hint, but in some cases we won't use them:

  • For example, if we think you're shooting yourself in the foot by accident (pointing a rel=canonical toward a non-existent/404 page), we'd reserve the right not to use the destination url you specify with rel=canonical.
  • Another example where we might not go with your rel=canonical preference: if we think your website has been hacked and the hacker added a malicious rel=canonical.
On the 'bright' side, if a hacker can control your website enough to insert a rel=canonical tag, they usually do far more malicious things like insert malware, hidden or malicious links/text, etc.
Should Google trust rel=canonical if we see it in the body of the HTML? The answer is no, because some websites let people edit content or HTML on pages of the site."

You can read full detail about Matt Cutts
http://www.mattcutts.com/blog/rel-canonical-html-head/?utm_source=sel&utm_medium=scap&utm_campaign=email

I hope this will help many of our webmasters.

Regards,
Secondeye



###
 
Well then, great share. Enjoyed that read
 
It looks like all in one seo uses rel="canonical" tags.
 
thanks for sharing, great info

my only question is how to check "how google sees our site"

did it means checking the cache version of our site in google?
 
thanks for sharing, great info

my only question is how to check "how google sees our site"

did it means checking the cache version of our site in google?
Add your website to webmaster tools
 
Last i checked, the canonical code only works on your own internal site. Google will ignore it if it either loops into itself or points to an outside domain.

Proof = hxxp://www.mattcutts.com/blog/rel-canonical-html-head/

Change the XX in the http

Sorry guys. :google2:
 
Knew about this but thanks. Google said they haven't seen much abuse with it.
 
Great share. I've read the article by Matt Cutts and basically he's saying that you have nothing to worry because hackers usually insert the canonical tags in the <body> section of your HTML code and Google usually ignores those. I wonder whether that's just a false assurance though.
 
Ahhh good old SQLi. Man I'm surprised there are still sites vulnerable to that mess.
 
So how to prevent our site with these attacks?

If your site runs off something like blogger or WP then your fine. SQLi is an older form of attack that targets sites that don't sanitize user input.

So you just needed to create a URL requesting whatever you wanted from the database.
 
Back
Top
AdBlock Detected

We get it, advertisements are annoying!

Sure, ad-blocking software does a great job at blocking ads, but it also blocks useful features and essential functions on BlackHatWorld and other forums. These functions are unrelated to ads, such as internal links and images. For the best site experience please disable your AdBlocker.

I've Disabled AdBlock