Home SEO Hijacking in Google SERPs (no hacking or redirects)

Hijacking in Google SERPs (no hacking or redirects)


This weblog has not been up to date for years, and I feel it’s time to write right here once more, I don’t promise something, however I hope to have a brand new article right here once more. For now we’re going to begin with a case that has occurred to me this yr, and never simply as soon as, however twice, and investigating slightly extra I see that I’m not the one one which has occurred. On this case, it’s Hijacking within the Google SERPs with none sort of hacking or entry to your individual web site, that’s, the attacking web site manages to alter its leads to the SERPs for these of your web site. To offer you an thought, here’s a fictitious instance, with the earlier than and after:

Looking the Google boards there are fairly a couple of site owners who discover the very same factor occurring to them:

The reality is that with out experiencing it in my very own flesh, I might not consider {that a} web site, with out touching your web site, can change your outcomes for theirs, however sure, it may possibly occur. The excellent news is that, from what I’ve seen, it’s a kind of random course of, that’s, in the event that they assault you on this manner, their outcomes could seem, however it is rather possible that they won’t succeed, that is why they assault piecemeal hundreds of internet sites, till they get it with one, or with some outcomes. I’ll clarify slightly what it consists of.

Some premises to know any such hijacking

  • The attacking web site makes a clone of your web site with direct calls to your server
  • Each time you alter one thing in your internet or server, it seems on the attacking internet
  • They modify sure components similar to exterior hyperlinks, analytics, brand, and so on.
  • Your web site just isn’t hacked nor has something been touched externally

Briefly, it’s a mirror of your individual web site, altering sure issues like brand, eradicating analytics, and different components however every thing continues to load instantly out of your server. For instance, in the event you add one thing to your server’s ftp, it is going to seem instantly on their area. With this I used to be capable of do sure checks of what was swallowed and never swallowed. For instance the .htaccess no, but when I might put a redirect by means of html. For instance, that is the variety of clicks I received with a redirect for a couple of hours:

As soon as they’ve the cloned internet

  • They index the net that’s an actual copy of yours
  • They generate false clicks by means of Google to your web site
  • They generate visits by means of their cloned internet farm
  • And they’ll do different issues that I don’t know …

As I stated earlier than, this complete course of is huge and so they do it with hundreds and hundreds of internet sites, and basically they don’t often make a selected assault, however they may do it by means of lists and internet listings. As soon as they’ve carried out this earlier course of, two issues can occur, probably the most regular factor is that nothing occurs, or the worst of the 2, that the mirror internet begins to switch the leads to Google of the attacked internet.

If the hijacking assault works

  • Your area begins to seem within the Google cache of your web site
  • They begin to change secondary web page outcomes for the attacking web site
  • They start to alter principal outcomes for these of the attacking web site
  • The attacking web site finally ends up showing for all the outcomes of the attacked web site

Briefly, they begin to steal your visits, and as you would possibly suppose, the promoting they put in is as aggressive as it may be, and since Google thinks it’s your web site, it may possibly have very unfavourable penalties sooner or later. As soon as this occurs you’re screwed, however do not panic, every thing has an answer, so in case you have reached this level certainly your leads to Google will likely be supplanted for a couple of days, and the earlier you place an answer, the higher.

Resolution for Hijacking in Google SERPs

Asking within the Google boards they really helpful the next:

  • Contact the abuse division of the attacking web site (internet hosting, area service,
  • and so on…)
  • Ship a spam report back to Google
  • Ship a DMCA discover to Google

None of those options have been of any use to me. On the one hand, the internet hosting of the attacking web sites is often Russian, Polish, and different international locations that have a tendency to spend so much of every thing, so I didn’t obtain any response or do something about it as anticipated.
Sending a spam report back to Google is an choice, however certainly too gradual, and the place you solely have 300 characters to clarify what occurred, so discarded. The identical with sending a DMCA to Google, since on the one hand DMCAs are usually not designed for any such assault, and however, they don’t take note of you both, or take a very long time to take action.

The answer that labored for me:
Block the ips of the attacking web site in your server.
With this you get the attacking internet to return an error 500 or an error 400 when coming into their area, that’s, they often conceal the ips based mostly on proxies and firewalls, and once you block an IP, they often change it inside a couple of hours for a brand new one, so it’s important to do a relentless job of detecting and blocking new ips. While you get your web site to return the 500 error for a couple of days, Google returns to point out the outcomes of your web site little by little, and the caches are once more these of your individual area.

I additionally advocate doing this in a preventive manner, that’s, in the event you notice that some web site is doing you, block its ips and don’t let it present your content material, since afterwards issues can get extra difficult.

Find out how to detect it earlier than? Effectively, by means of the server logs, or generally, you may get clues within the search console, similar to incoming hyperlinks or outgoing hyperlinks from web sites that aren’t yours or that you’re completely unaware of.

I hope this text has helped somebody, because it has occurred to me a few instances already, and in the mean time you have no idea the best way to act. In actual fact, if it does not occur to me, it could be laborious for me to consider that Google falls into such “crappy” traps like these and will even supplant the results of one web site for one more. Should you can shed extra mild on this matter or have related experiences, feedback are appreciated 🙂


Please enter your comment!
Please enter your name here