Google has a nasty bug these days that allows unsavory webmasters to hijack the content on your site. If your competitor wants to destroy your search engine rankings he only needs to create a simple page that forces a HTTP 302 redirect to your site. Sounds harmless enough right? Well the problem is that Google follows the redirect to the your site but gives the evil redirect site credit for the content.
How Do I Know if a Site is Hijacking My Site?
1. Search in Google for allinurl:www.mysite.com
2. Look for any listings that are not your site but have the exact title as your site.
3. View the Google cache to see if it looks just like your site.
4. Use my HTTP Response Viewer to view all HTTP headers being returned.
If the title is the same, the cache is the same, and a HTTP 302 is being returned, you’ve been page jacked. The most commonly talked about filename associated with this tactic is tracker2.php but many more are popping up. Often times this is accompanied by cloaking tactics to serve up the 302 redirect to Googlebot and a different page to normal visitors. My HTTP Response Viewer fakes the user-agent so that the server thinks it is a visit from googlebot so that you may view HTTP response headers exactly as Google sees them.
The bad site can either return a HTTP 302 redirect header or drop a simple one liner meta-refresh tag.
How Does This Hurt My Site?
Google sees two sites with identical content and one of them gets smacked out of the index. My experience is that is often the original, innocent site.
Some claim that the offensive site actually steals your pagerank in the process but I’m not convinced this is true.
Are All 302 Redirects Malicious?
No. Remember that HTTP 302 is a valid method of reporting that a page has been temporarily redirected to another site. Google is to blame here. I have found that most webmasters are oblivious to the problem it poses. If you find a site that is redirecting to your site and cloaking in the process you can consider it malicious and a swift FedEx from your attorney is in order.
An interesting sidenote is that Business.com recently shot themselves in the foot. They used a 302 redirect to bounce all traffic to business.com to www.business.com. Soon thereafter they suffered the PageRank 0 on the homepage and higher PageRank on internal pages syndrome as well as having their homepage removed from the Google index.
How Can I Stop my Pages from Being Hijacked?
Unfortunately your only course of action is to attempt to get the other site to remove the HTTP 302 redirect. As I said before most webmasters have no idea of the havoc they are wreaking. I have found that a polite yet firm email nearly always results in a swift removal of the redirect and its often followed by a puzzled reply “Whats the problem?”. To make matters worse, it seems that a module for PHPNuke is creating HTTP 302 redirects. (View an example email that has worked extremely well for us)
What is Google Doing About This?
Who knows. They have requested examples of the bug and at the recent Webmasterworld conference they claimed to be working on a resolution but it seems to be taking a long time. Yahoo had the same bug about 10 months ago and they fixed it very quickly.