Site Shanghai!

Posted by Juicebox on March 5th, 2009

Are you protected?

Understanding The Newest Hijacking Threat to your website

When setting up a new domain name, you have to choose a server IP where your files are hosted. What if you point your new domain name to an IP address that someone else already has a website hosted on? Well it would probably be a confusing experience to your visitors, sending them to someones website other than your own. Still, this is no biggie and happens all the time with just a simple typo.

Now what if you decided to change the IP address of an old domain name that had picked up a bunch of trust over time (through links, etc) and accidentally point it at someones relatively new website (little trust from links)… It may not seem sinister, unless you didn’t “accidentally” make that typo… If you put your black hat on it becomes pretty obvious what might happen..

You can hijack someones content and out-rank them for it in Google.

What do you do when someone points their domain to your server, effectively hijacking your website?

So, What Really Happened?

One of our clients websites, texascontractor.org was launched a few weeks ago. We launched a few other sites around this same time, all of which are performing well. Solid visitors and traffic, growing as we expected… but that has not been the case with this particular clients site. We’ve been scratching our heads trying to understand why the site has a lot of unusual visits from Russia, and what initially appear to be scrapers. Time to investigate… When performing a Google search for a portion of the homepage content, I was shocked by the results.

Look For Yourself!

img13 Site Shanghai!

My First Thought was “What? That’s not my site! That’s a Russian website!”

Who in the hell is mccmembers.ru, and why is it ranking for my clients content? Did the Russians scrape it, or is something more sinister afoot? When I clicked “repeat the search with the omitted results included” (aka the supplemental index) my clients website showed up…

img22 Site Shanghai!

Fast Train to Supplemental Hell

Great… The last place any webmaster wants to be in: supplemental hell ! And the investigation continues…
img3 Site Shanghai!

Yet Another Paradox in the Matrix

They seem identical! But wait… all of the links were identical as well. The russian website was linking back to my clients website… how does Google not see that my client is the original source of the content. Usually a scraper would take the time to copy all of my pages and also change the links to their own pages.

At first, I still considered this as a scraper, just poorly done.  I sent off a DMCA Notice. Soon after, I performed a DIG command on the server , only to realize that the server itself had the same IP as Texas Contractor. NO WAY!!! The russians are actually HIJACKING my clients content, and even link back to where they stole it from.

From Russia With Love? I Think Not!

So now I have this Russian domain name is pointing to my clients server. A quick review of the Russian domain shows me that it has been on the web for 4 years, and it has some links pointing to it. Enough that Google obviously trusts that domain name over mine, causing my clients site to appear as “duplicate content“.

So where do I go from here? One simple solution would be to change the hosting status in Apache from “Dedicated IP” to “Shared IP” thereby putting a Server Error page against mccmembers.ru, but for some webmasters this may not be possible. Also there are certain benefits to having a dedicated IP that would you lose. Below you can see the error page we started to deliver the Russian domain from my clients server.

post-hijack1 Site Shanghai!

Owning The Russians Again. Cold War Style.

However, being a webmaster, I have a bit of twisted humor. What webmaster doesn’t? So I decided to do something more appropriate, sort of returning the favor, if you will. I ended up “hosting” their domain with a more fitting landing page.

hijack-result-b1 Site Shanghai!

ARRR! Much better! See it for yourself http://www.mccmembers.ru. Now my client’s site is free from their grasps and we get a good laugh!

To Bring It All Together

This hijacking may not be as complex as the DNS Cache Poisoning, but this type of hijacking can dramatically impact your search engine rankings, and in turn your bottom line. After all, how trusted are you if you’re a company and when someone searches your name, a Russian domain precedes you? What kind of critical loss could happen for your business? People might start logging into the wrong website and inputting highly confidential personal information into the hackers hands.

This brings about a larger question. Who should handle these situations where a domain owner has maliciously or non-maliciously pointed their domain to another domains IP address?  Who should it involve? Shouldn’t Google be able to tell who is the real owner of the site? What are your thoughts on this situation? Has this happened to you?

Bookmark and Share
Category: Webmaster's Corner

Comments are closed.

Categories

Blog Home
Digital Media
Internet Marketing
Search
Site-In-A-Box
Social Media
Venture Capital
Webmaster's Corner


Recent Comments
  • jeff donnely: Very timely data regarding mortgages and what to expect. Thanks for the info. Many people have similar...

  • Tackett: Greetings, I was seek on the web for some tools that automatically could submit links to divers...

  • Cos: Excellent article on the “nofollow” tag. The web needs more purists or web ecologists like yourself.

  • billy bob: User interaction - Mobile web - these terms and similar are what make up web 2.0. Which is a crappy term...

  • Tony: Interesting post, keep the good stuff coming, good content appreciated!

About Us

SEO Consulting

SEM Services

Marketplace

SEO Resources

© 2007. All Rights Reserved   •   Databanq Internet Services   •   1505 East Robinson Street   •   Orlando, Florida 32801