Google has just updated the sneaky redirects and hacked content guidelines on its Google Webmaster Central Blog. These updates provide greater clarity on what Google considers to be direct violations of its quality guidelines. Google defines sneaky redirects as the act of sending a visitor to a different URL than the one they initially requested. On the other hand, Google acknowledges that there are some instances when URL redirects are legitimate, such as when sites are moved to new addresses or when several web pages are consolidated into one.
Redirects are often used by webmasters to help forward visitors from one page to another. They are a normal part of how the web operates, and are very valuable when well used, notes Aaseesh Marina on the Google Webmaster Central Blog. However, some redirects are designed to manipulate or deceive search engines or to display different content to human users than to search engines. Our quality guidelines strictly forbid these kinds of redirects.
Marina cited an example of a sneaky redirect when desktop users are redirected to normal pages, while hackers might redirect all mobile users to completely different spam domains. When sneaky redirects display content to human users that differ significantly from the content made available to Googlebot, Googlebotmay index the original page rather than follow the redirect. Similar to cloaking, this practice deceives users and takes them to different target destinations.
Google acknowledges that some sites may possess sneaky redirects because theyve been compromised. On its updated hacking content guidelines, Google notes that hackers may inject malicious code into websites that redirect users into spammy or malicious pages. According to Google, these sneaky redirects sometimes [depend] on referrer, user-agent, or device. For example, clicking a URL in Google search results could redirect you to a suspicious page, but there is no redirect when you visit the same URL directly from a browser.
Other types of hacked content that may be inserted into websites without the webmasters permission because of security vulnerabilities include injected content (wherein malicious elements are injected into existing content); added content (wherein new pages containing spammy or malicious content are added to sites), and hidden content (wherein hackers attempt to add hidden links or texts to pages, or engage in cloaking).
Hacked sites are removed from Googles SERPs to protect users. Fortunately, Google informs webmasters via Webmaster Tools if theyve determined that a site has been compromised. Sites that have been hacked or infected with malware should be quarantined and repaired immediately. Recommendations for identifying and fixing issues on infected sites are provided by the APWG.
Regardless of the platform or type of infection, Google recommends the following steps: quarantining the site to prevent it from infecting other sites or systems; assessing the damage by identifying its scope and scale; cleaning up the site by removing spammy content and malicious code; and finally, asking Google to review the site once it has been cleaned up for re-inclusion in Googles SERPs.
Comments
comments