Monetize Pro

What are open redirects?

Many websites use links that redirect their website visitors to another page. Some redirects are left open to any arbitrary destination. These redirects can be abused by spammers to trick web surfers and search engines into following links that seem to be pointing to your website although they redirect to a spammy website.

That means that people who think that they visit your website will be redirected to highly questionable web pages that might contain adult content, viruses, malware or phishing attempts.

Which redirects on your website could be abused?

Spammers are very inventive. According to Google, they have managed to use the redirect spam on a wide range of websites, including the websites of large well-known companies and the websites of small local government agencies.

For example, the following redirection types can be abused:

1. Scripts that redirect users to a file on the server can be abused by spammers. The links on your website could look like this:

http://www.example.com/download.php?url=http://www…
http:///www.example.com/get/pdf/?http://www…

2. Site search result pages with automatic redirect options. If the result pages of your internal site search feature contain an URL variable that sends your website visitors to other pages, spammers might be able to exploit them:

http://www.example.com/search?q=keyword&page=1&url=…

3. Affiliate tracking links. Affiliate tracking links often allow people to direct website visitors to other pages. Spammers might enter their own URLs in the tracking links. Example:

http://www.example.com/track.php?affid=123&url=…

4. Proxy pages. Proxy sites send people through to other websites and they can be abused by spammers:

http://myproxy.example.com/?url…

5. Interstitial pages. Some websites show an interstitial page when users leave a website to let users know that the information found on the link is not under their control. These URLs usually look like this:

http://www.example.com/redirect/http://www…
http://www.example.com/out?http://www…
http://www.example.com/cgi-bin/redirect.cgi?http://www…

How to find out if your website is abused

Even if you find none of the URLs above on your website, your site still may have open redirects. Do the following to check if your website is abused by spammers:

1. Make a site search on Google

Go to Google.com and search for “site:yourdomain.com”. Replace yourdomain.com with your own domain name. If you see web pages that have nothing to do with your website then it’s likely that someone exploits a security hole on your website.

2. Check your web server logs for URL parameters like “=http:” or “=//”. If your redirection URLs get a lot of traffic, this could also be caused by spammers.

3. If you get user complaints about content or malware that you know cannot be found on your website then your website users might have seen your URL before they were redirected to the malware site.

What you can do to protect your website

It’s not easy to to make sure that your redirects aren’t exploited. The reason for that is that an open redirect is not a bug or a security flaw. There are some things that you can do to protect your website:

1. Check the referrer. Your redirect scripts should only work if they area accessed from another web page of your website. The redirect script should not work if the user accesses the script directly or from a search engine.

2. If possible, make sure that the script can only redirect to web pages and files that are on your own websites. You could use a whitelist of allowed destination domains.

3. Use the robots.txt file of your website to exclude search engines from the redirect scripts on your website. That will make your website less attractive for hackers.

4. Add a signature or a checksum to your redirect links so that only you can use the script.

source: axandra.com

According to the article in Google’s blog, Google analyzes more than 200 signals (we call them ‘ranking factors’) to specify the position of a web page in the search results:

“Given the user’s query, over 200 signals (including the analysis of the site’s content and inbound links as mentioned above) are applied to return the most relevant results to the user.”

It’s a simple two-step process

Getting high rankings on Google is a simple two-step process:

1. You must optimize your web page contents so that Google can find out what your website is about. Optimize your web pages for your keywords so that Google knows that your website is relevant to these keywords and your topic.

2. Other websites must confirm that your website is about that topic. That’s what inbound links are for.

It’s as simple as that. If your website passes Google’s analysis of all ranking factors, it will get a top 10 ranking.

A number 1 ranking in Google’s search results for the right keyword can mean a lot of visitors and a lot of sales. That’s why so many people want to be on Google’s first result page.

Unfortunately, many people still don’t know what it takes to convince Google that your website is more relevant than the millions of other websites on the Internet. There are four simple rules that will help you to get your website on Google’s first result page:

Rule #1: Don’t try to fool Google

Google wants to return the most relevant web pages for a search query. They want to provide the best answer to a search query. If you try to get a high ranking for a keyword for which your web page isn’t really relevant then you won’t get good results. Actually, you might be accused of spamming. If your website consists just of ads and affiliate links then it will be extremely difficult to get good rankings.

Make sure that your web pages will answer the questions of people who search for your keyword. The better your web pages match the interest of the web searchers the better rankings you will get. It takes some time to create good content but it will pay off in the long run.

Rule #2: Your web pages must show Google that they are relevant

A website about used car parts cannot get high rankings for a keyword such as “brain surgery”. A high ranking for the keyword “used car parts” would be very beneficial to that site.

The problem is that Google must be able to find out that your web page is relevant for the keyword “used car parts”. For that reason, you have to optimize your web pages. Optimizing your web pages simply means that you make it easy for Google to find out what your website is about.

When Google visits your web pages, it will analyze the following elements of your web pages:

* The URL structure
* The title tag and the meta tags
* The body text
* Headline tags
* Image alt attributes
* Your site architecture and the internal linking structure of your site
* The outbound links
* Many other factors in the HTML code of your web pages

Each element can contain your keyword and show Google that your website is relevant for that keyword. This doesn’t mean that you can simply insert your keyword in these tags and that’s it.

You can also over-optimize a website and that can get your website banned from Google’s search results. It’s important that you optimize the right elements and that you insert your keywords in the right frequency.

Rule #3: Other websites must confirm that your web pages are relevant

In addition to optimized web page content, Google heavily relies on the links from other websites to your site. Basically, the other websites have to confirm that your website is relevant for a special keyword. The more websites link to your website, the more visible it will be to Google. The more other websites use a special keyword as the linked text in the links to your website, the more important is your website for that keyword.

A web page that has been optimized for the keyword “used cars” can also get high rankings for the keyword “pre-owned cars” if enough websites link with that text to the page.

It is also important that the other web pages are related your site. If a website that is about vintage cars links to your “used car parts” website then this will have a bigger effect on your search engine rankings than a link from a candy shop website. A link from a web page that only links to car related web pages is also more valuable than a link from a web page that links to all kind of pages. Getting the right links is crucial if you want to get on Google’s first result page.

Rule #4: Your website must have a clean history

The age of your domain and its history will also be considered by Google. A domain name that has been around for a long time will get high rankings more easily. However, if your domain name has been used by spammers before, you might still suffer from the ranking penalties that have been applied to the previous content.

If you follow the rules above and change your web pages accordingly, your website will get top rankings on Google. It cannot be done over night but it’s definitely something that can be done within a few weeks if you do the right things.

During the last weeks, people in online forums observed some strange Google result changes. Rumor has it that there is a new -60 penalty that Google applies to websites in which it has lost trust.

What has happened?

Some webmasters found websites that were listed on position 61 in Google’s search results that had Google Sitelinks below their listing.

Normally, Google only displays Google Sitelinks for the first search result. Many webmasters believe that the website that was listed on position 61 with the Sitelinks was the number 1 result for that keyword but had been penalized by Google.

What does Google say about the -60 penalty?

In a Google Groups discussion about showing Sitelinks for #61 results Google employee John Mu referred to a -60 penalty discussion. Google hasn’t officially confirmed that a -60 penalty exists. However, Google employee John Mu indicated in a discussion about the -60 penalty in the official Google groups that Google penalizes websites if they contain certain spam elements.

Which spam elements trigger the -60 penalty?

It looks that Google applies this penalty to websites that buy links. Many of the websites that seem to have been penalized had many inbound links from websites that linked to them from every single page of their website (so-called site-wide links). Sitewide links are an indicator of paid links, which Google sees as an unwanted way to artificially inflate search engine rankings.

The head of Google’s anti-spam team Matt Cutts has often said that websites that buy paid links will be penalized and it looks as if Google tries to do the job properly. If this penalty for paid links really exists then even websites that follow Google’s rules can get in trouble. Your competitors could harm your website simply by buying links or by creating mini-net websites with sitewide links to your website.

Instead of penalizing seemingly “bad” links, Google should simply ignore them. That way, people could not harm competitor websites.

Webmasters in a discussion forum have noticed changes in Google’s search results. Do we have to expect a larger ranking algorithm update? How will this influence the ranking of your web pages in Google’s search results?

What changes did webmasters notice in Google’s search results?

Not all webmasters noticed the same changes. Here’s an overview of what has been reported:

* Some established websites that did not spam dropped out of Google’s index early March.
* It seems to take much longer now until new websites get indexed by Google.
* Rather less relevant results have received higher rankings because some relevant pages either dropped out of the index or lost some of their inbound links.
* The Cache data doesn’t seem to be updated.
* The site: and inurl: queries on Google that normally fluctuate for large websites now report the same numbers every day.

Changes like these are usually a clear indicator of an upcoming ranking algorithm update.

Is this really a ranking algorithm update?

Google engineer Matt Cutts denied that there are any major changes in the search results and that there was a ranking algorithm update on the way.

However, he wanted to investigate if and why the results change so much.

The observations of the webmasters in the forum might be normal changes that happen all the time. But the webmasters who discovered the changes are very web-savvy and they should be able to distinguish an anomaly from usual fluctuations.

What does this mean to your Google rankings?

It has yet to turn out whether this really is a ranking algorithm or not. If your rankings haven’t changed yet, there’s no need to act. The whole thing might just be a temporary hiccup.