1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

New Method in SEO market - Hack, change and Boost your ranking

Discussion in 'Black Hat SEO' started by secondeye, May 25, 2011.

  1. secondeye

    secondeye Jr. VIP Jr. VIP Premium Member

    Joined:
    Aug 1, 2008
    Messages:
    1,173
    Likes Received:
    483
    Home Page:
    Currently, to gain top ranking SEO hackers have found a new way to get high rankings on Google. The new trick involves hacked websites and the canonical tag.

    Now, what is canonical tag?

    Canonical tag "rel=canonical" tag is to help website owners eliminate self-created duplicate content. The canonical tag tells search engine spiders the original source of a file.

    For example, a search engine robot might visit the web page "www.example.com/page4.htm". If that page contains the tag <link rel="canonical" href="http://www.originalpage.com/"> then search engines will show originalpage.com in the search results instead of example.com.


    The main point:
    If hackers add the canonical tag to your web pages and point it to another website then your website content will help another website to get high rankings while your own website will lose all of its rankings.


    How to check if your website is exploited
    Open a page of your website in your browser and select "View HTML source" in your browser. If you can see a rel=canonical tag that points to an unknown domain in the head section of your page then your website has been hacked.


    Unfortunately, hackers might have changed your web server so that it only shows the canonical tag to Google's indexing robot. In that case, you have to check how Google sees your web pages

    Google is aware of the problem. Unfortunately, it is very difficult to find out if a webmaster intentionally inserted a canonical tag to a website or if the tag was inserted by a hacker.

    Solution:
    Re-check all your main or homepage and if you found any of the tag mentioned above then remove it.

    Matt Cutts and rel=canonical
    "We take rel=canonical urls as a strong hint, but in some cases we won't use them:

    • For example, if we think you're shooting yourself in the foot by accident (pointing a rel=canonical toward a non-existent/404 page), we'd reserve the right not to use the destination url you specify with rel=canonical.
    • Another example where we might not go with your rel=canonical preference: if we think your website has been hacked and the hacker added a malicious rel=canonical.
    On the 'bright' side, if a hacker can control your website enough to insert a rel=canonical tag, they usually do far more malicious things like insert malware, hidden or malicious links/text, etc.
    Should Google trust rel=canonical if we see it in the body of the HTML? The answer is no, because some websites let people edit content or HTML on pages of the site."

    You can read full detail about Matt Cutts
    http://www.mattcutts.com/blog/rel-c...source=sel&utm_medium=scap&utm_campaign=email

    I hope this will help many of our webmasters.

    Regards,
    Secondeye



    ###
     
    • Thanks Thanks x 9
  2. Kz3ro

    Kz3ro Junior Member

    Joined:
    May 20, 2011
    Messages:
    198
    Likes Received:
    356
    Occupation:
    Internet Engineer
    Location:
    Black Hat World
    Well then, great share. Enjoyed that read
     
  3. KlaAz0r

    KlaAz0r BANNED BANNED

    Joined:
    Jan 11, 2011
    Messages:
    722
    Likes Received:
    853
    Thanks for the info! But how do they do t ?
     
  4. secondeye

    secondeye Jr. VIP Jr. VIP Premium Member

    Joined:
    Aug 1, 2008
    Messages:
    1,173
    Likes Received:
    483
    Home Page:
    I don't know how they hack but hackers do know some loopholes....
     
  5. Neeoo

    Neeoo Junior Member

    Joined:
    Oct 6, 2010
    Messages:
    156
    Likes Received:
    112
    Location:
    Florida
    It looks like all in one seo uses rel="canonical" tags.
     
  6. naveensingh

    naveensingh Power Member

    Joined:
    Feb 15, 2010
    Messages:
    622
    Likes Received:
    198
    Occupation:
    Wordpress & Magento Expert
    Location:
    United States
    so now we have to check backend too :)
     
  7. Tinus

    Tinus Registered Member

    Joined:
    Mar 4, 2009
    Messages:
    54
    Likes Received:
    19
    sql injection i guess
     
  8. SEO.9

    SEO.9 Regular Member

    Joined:
    Oct 27, 2010
    Messages:
    257
    Likes Received:
    57
    thanks for sharing, great info

    my only question is how to check "how google sees our site"

    did it means checking the cache version of our site in google?
     
  9. Boaster

    Boaster Newbie

    Joined:
    Jul 10, 2010
    Messages:
    12
    Likes Received:
    2
    thanks for the share, interesting
     
  10. mirrorer

    mirrorer Jr. VIP Jr. VIP

    Joined:
    Jan 30, 2009
    Messages:
    1,163
    Likes Received:
    1,029
    Add your website to webmaster tools
     
  11. HDShock

    HDShock Registered Member

    Joined:
    Mar 25, 2011
    Messages:
    65
    Likes Received:
    18
    Last i checked, the canonical code only works on your own internal site. Google will ignore it if it either loops into itself or points to an outside domain.

    Proof = hxxp://www.mattcutts.com/blog/rel-canonical-html-head/

    Change the XX in the http

    Sorry guys. :google2:
     
  12. secondeye

    secondeye Jr. VIP Jr. VIP Premium Member

    Joined:
    Aug 1, 2008
    Messages:
    1,173
    Likes Received:
    483
    Home Page:
    To hack a website is not easy task today...
     
  13. xPWN1t

    xPWN1t Regular Member

    Joined:
    May 13, 2011
    Messages:
    492
    Likes Received:
    82
    Knew about this but thanks. Google said they haven't seen much abuse with it.
     
  14. HDShock

    HDShock Registered Member

    Joined:
    Mar 25, 2011
    Messages:
    65
    Likes Received:
    18
    Sadly it still is... Heck, SQL injection alone can be automated pretty easily if you have two brain cells to rub together.

    :(
     
  15. secondeye

    secondeye Jr. VIP Jr. VIP Premium Member

    Joined:
    Aug 1, 2008
    Messages:
    1,173
    Likes Received:
    483
    Home Page:

    So how to prevent our site with these attacks?
     
  16. queenmery

    queenmery Power Member

    Joined:
    Jan 18, 2011
    Messages:
    501
    Likes Received:
    30
    Occupation:
    Student
    Location:
    BANGLADESH
    Thanks secondeye for sharing posts on new SEO method.
     
  17. SEO Controller

    SEO Controller Jr. VIP Jr. VIP Premium Member

    Joined:
    Apr 14, 2011
    Messages:
    418
    Likes Received:
    82
    Gender:
    Male
    Occupation:
    SEO Controller
    Location:
    France
    Great share. I've read the article by Matt Cutts and basically he's saying that you have nothing to worry because hackers usually insert the canonical tags in the <body> section of your HTML code and Google usually ignores those. I wonder whether that's just a false assurance though.
     
  18. Riseing

    Riseing Regular Member

    Joined:
    Aug 15, 2010
    Messages:
    341
    Likes Received:
    83
    Ahhh good old SQLi. Man I'm surprised there are still sites vulnerable to that mess.
     
  19. Riseing

    Riseing Regular Member

    Joined:
    Aug 15, 2010
    Messages:
    341
    Likes Received:
    83
    If your site runs off something like blogger or WP then your fine. SQLi is an older form of attack that targets sites that don't sanitize user input.

    So you just needed to create a URL requesting whatever you wanted from the database.
     
  20. monazky5050

    monazky5050 Registered Member

    Joined:
    Aug 17, 2009
    Messages:
    99
    Likes Received:
    198
    great method secondeye
    keep up