Background: My website and 28+ other domains I can identify - that are all big sites that share similar keyword rankings in google suggesting a very targeted overall attack - are all being targeted by a site cloner, who then uses cloaking, 302 redirect hijacking, and possibly other techniques to accomplish devastating results. His method appears to have been implemented as follows: Dec 1st - .trade Domain registered Dec 8th - Google starts reporting hundreds of links from this .trade domain Dec 20th - My sites index drops overnight from 30 indexed pages (stable over a year) to 8 pages Jan 1st - Google search traffic vanishes (his site overtakes every ranking!) Current: Searching for any keyword that had been previously ranking - shows this .trade pages ranking in its place. Titles, url structure, and content are all exact duplicates of my domain. "site:domain.trade" query returns identical results to my domain. Google's cache for a page such as "spam/post-name-5/" shows an exact duplicate as mysite/post-name-5/" Clicking on googles cache for any of spam.trade/ pages, at the top where it says "This is google's cache of "______" shows my webpages url, even though i have clicked the cached index page for the ranking spam/post-name-5/ type of url. How is he accomplishing this? - It appears the index of site:spam.trade seems to be updating almost as quickly as my website For example a new post I publish is found in googles index for the .trade domain within an hour of publishing and ranks. Changing the titles and content of old pages also seems to have the effect of google updating its index of the .trade domain to represent these changes in short time. Things I'm doing & trying: - disavowed all links from .trade domain (although this may further separate me as original content source?) - moving rss feed to feedburner in case he was finding updates to the website to crawl via rss feed methods - changing sitemap name / location in case this is how he is crawling (sitemap tagged with last modified date for example) - ordered SLL and dedicated IP (on hostgator reseller hosting plan) in case he is targeting me at IP address level? - moving from http to https (full integration and proper 301 redirection to be applied to further separate the old toxic URLS to new ones) also in the case of his .trade domains cached pages in google giving my website/product-name-5 at the top despite clicking on the .trade google results cached page - contacted apparent webhost, registrar, & company he appears to getting his nameservers from? (supporting evidence and screenshots) for hopeful removal - google webspam reports for cloaking, plagirisim, & sneaky redirects from serps to illegal steroid store for hopeful removal - bought brand new theme to implement and will rewrite all pages once I see he is no longer actively and quickly finding every move I make. - deleted lots of non vital plugins and checked for security vulnerabilities Questions for techie people & experiences: - Where would you begin looking for where/how he is crawling and cloning the website? - Shall i make a master list of known bad bots to block through htaccess? - can I block the spam.trade domain and its ip address in some way from hitting my site in any form? - Are there any other things I can be trying regarding to site cloning and redirect hijacking? Thank you so much!