Unmask Parasites - Check your web pages for hidden links, iframes, malicious scripts, unauthorized redirects and other signs of security problems.
Loading site search ...

Unmasking “Canonical” Hacks

   22 May 11   Filed in Unmask Parasites

As a follow up to the recent Matt Cutt’s tweet and blog post about emerging rel=canonical hacks, I did a detailed guest post on StopBadware blog about this problem.

In that article, I wrote about how such hacks work and how cyber-criminals can use this hard-to-detect attack to hijack search results of compromised sites. You can also find a short review of a real “rel=canonical” attack that affected quite a few websites.

As always, I wrote about tools and techniques that can help you diagnose hacks that try to make Google think that your site has moved to a new domain name. Unfortunately, at this point no tools that I know of specifically check for rogue “rel=canonical” instructions. However, more universal file integrity monitoring solutions can be really efficient as they will inform about any unexpected modifications.

You can read the full article on StopBadware blog.

To help webmasters diagnose rel=canonical hacks, I’ve added a new feature to my Unmask Parasites tool. Now if a web page contains a rel=canonical instruction that points to a page on a different domain, you will see the following warning in an Unmask Parasites report.

Crotopole canonical

While it is perfectly normal to have rel=canonical pointing to a different domain (for mirror sites and for sites that are in the process of moving to a new domain), I still find it very important to notify webmasters about such instructions as they can help reveal both SEO and security problems that can be easily overlooked otherwise.

Related posts:

Comments are closed.