Results 1 to 2 of 2

Thread: Beware Of Canonical Redirect Hacking

  1. #1
    Franc Tireur's Avatar
    Franc Tireur is online now Senior Net Builder
    Join Date
    Dec 2009
    Posts
    2,089
    Thanks
    289
    Thanked 148 Times in 118 Posts

    Beware Of Canonical Redirect Hacking

    A year and a half ago Google began supporting the cross domain canonical tag and some people were concerned there would be ways to abuse the system. Well, even Google was concerned, which is why they waited ten months to introduce the cross domain version of the canonical tag.
    I've haven't heard much of people complaining that their site was negatively impacted by the tag.
    But now, it seems like hackers who focus on SEO hacking, have been recently targeting vulnerable sites and stealing (or hijacking) their traffic with this tag.
    A WebmasterWorld thread has well-known moderator, goodroi, reporting he is seeing hackers exploit this tag now.
    It isn't an issue with the canonical tag specifically, but rather hackers gaining access to a server and the site's code and basically redirecting the domain name to a third-party site. goodroi said:
    I came across a website with canonical tags setup on all of their pages and they were pointing to a spam site. I suspect someone hacked in and changed the canonical tags to siphon link juice. Now that cross cross-domain canonical tags are supported I would not be surprised if this becomes more common.
    The canonical tag is a small line of code that is easy to overlook despite its large implications.
    It is so important to stay on top of your security patches and make sure your sites are hacker-free - if there is such a thing. The canonical tag is almost as strong and setting up a 301-redirect from a domain to a different domain. So be careful!
    SEO Hackers Next Target? Canonical Tags

    How to avoid hackers doing it? Just patch?
    Those who can make you believe absurdities can make you commit atrocities.

    Voltaire


  2. Thanked by:

    bogart (17 May, 2011), TopDogger (16 May, 2011), Will.Spencer (20 May, 2011)

  3. #2
    TopDogger's Avatar
    TopDogger is online now Über Hund
    Join Date
    Jan 2009
    Location
    Hellfire, AZ
    Posts
    3,029
    Thanks
    345
    Thanked 901 Times in 689 Posts
    A hacker has to get access to your web site in order to change or add the hacked canonical tags. Secure your site and your server and you will not have a problem.

    The issue is no different than the hackers who bury hidden links in a site. They cannot do it unless they find a way in.
    "Democracy is two wolves and a lamb voting on what to have for lunch. Liberty is a well-armed lamb contesting the vote." -- Benjamin Franklin


  4. Thanked by:

    Franc Tireur (17 May, 2011)

Similar Threads

  1. Hacking forum nearly open!
    By tomgholmes in forum Partnerships
    Replies: 4
    Last Post: 20 April, 2010, 16:28 PM
  2. Password hacking attempts?
    By Abdullah in forum Announcements and Suggestions
    Replies: 5
    Last Post: 5 April, 2010, 04:23 AM
  3. Scammers Beware
    By Shenron in forum Business
    Replies: 3
    Last Post: 27 September, 2009, 18:48 PM
  4. Replies: 13
    Last Post: 1 March, 2009, 13:22 PM

Tags for this Thread

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •