Here Are Two Quick Ways to Catch Cloaked Nofollows

Recently, rustybrick at SEO Roundtable mentioned that some publishers are selling links, but then adding cloaked nofollows. That is: The links appear to “follow” and pass page rank to normal visitors, but say “nofollow” to Google.

Clearly, this sort of “nofollow” is lessens the value to advertisers who think they are paying for the both link juice and traffic, but get traffic only.

This type of cloaking is fairly easy to do. But, I want to warn any ninja bloggers out there: it’s also it’s easy to catch!

How can advertisers detect cloaked no follows?

There are two ways: One is quick, and will often work; the second takes more time, but is more effective.

Here’s how:

1. Visit pages using User Agent Switcher and Search Status:
   Search Status makes “nofollow” links easy to detect by highlighting them in pink. User Agent Switcher lets switch your “user agent” to “Googlebot” and surf the web seeing it the way the Googlebot does (at least usually.)

   Used together, you should be able to catch most publishers who cloak to show “nofollows” only to the Googlebot. If you use both, you will usually see all cloaked nofollows will be shown in pink when you set your user agent to Googlebot. They will not be pink when you set your user agent to default.

   Unfortunately, this method is not foolproof, because a) Spam plugins like Bad Behavior will notice you aren’t really the Googlebot and refuse to show you the pages. This is an entirely legitimate way for a publisher to protect their page. b) Some “clever” publishers may cloak by detecting IP in addition to user agent. This could foil detection using the User Agent Switcher.

   Luckily, you can always rely on method 2:

2. Check cached page at Google: Periodically, while the your contract is in place, visit Google and check the cached copy of all pages with paid links. Obviously, if the Googlebot is shown “nofollows”, it will cache a page containing nofollows. So, this method is foolproof.

Will I be writing a cloaking plugin?

I’m tempted to write a cloaking extension to NoOldSpamLinks plugin. It would be great for traffic. But, I’ve decided against it.

I’m all for letting bloggers control their nofollows. I think bloggers should be able to do whatever they prefer with their links within the law and contractual obligation.

But, I’m afraid I can’t bring myself to help bloggers show “follows” to advertisers who pay for them, and “nofollows” to Google. If you want to sell “nofollow” links, negotiate that with the advertiser; then show the nofollows to both the public and Google. If you as a blogger want to cloak to show nofollow to Google, and “follow” to your paying customers, I’m not telling you how to do it!

Tags:Blog Hacks blogging cloak google monetize nofollow seo

Related Posts:

• Useless Link Detector: Is it useful?
• How To Cloak Nofollows on Individual WordPress Articles
• Seven Ways to Drive Web Traffic: Wall Street Journal
• Optimize Wordpress for Search: No more sercret duplicate content!

Comments

Don’t Get Hacked:
Google Bot Trick!

Justin’s blog was hacked and he didn’t notice for a while. Why not? The hack made blog look normal to everyone except Google. This caused Justin’s blog for dropping out of Google’s index- which results in a major loss of traffic.

If this happened to Justin, you can bet it could happen to you! Luckily there are steps you can take to could protect yourself both from getting hacked, or failing that, at least discover if you have fallen victim of this sneaky hack!

How to protect yourself

1. Periodically change passwords you use to access by FTP. This is generally done at the account web host gives you. If you don’t know how to do this, ask your host!
2. Protect your wp-admin area using htaccess. Hacking into wp-admin is a common tactic. I discussed the steps you can take to protect that area of your blog in Blog Security: htaccess block.
3. Periodically look at your pages through Google’s eyes:
   • Install the FireFox User Agent Switcher
   • Create a Googlebot user agent.
     Do this buy pulling down “Tools” -> User Agent Switer ->Options ->Options.
     Next click “User Agents” then “add”.
     An entry box will appear. Enter Googlebot 2.1 for “Description” and “User Agent”. Don’t worry about the other boxes; leave them blank.
     Save these settings.
   • Switch to the Googlebot user agent by selecting “Tools->User Agent Switcher”. You’ll now see “Google bot 2.1″. Select that.
   • Turn off BadBehavior (or the next step will fail.)
   • View your blog. If should look the same when viewed with the Googlebot user agent and when viewed normally. If you see something horrible, you have been hacked. (Sorry, I don’t tell you how to fix that here. The ‘fix’ will depend on precisely what the hacker modified. )
   • Reactivate BadBehavior (to protect you from malicious ‘bots.
   • Head on back to “Tools->User Agent Switcher” and pick “default”.
4. Back up everything: Just in case protecting your ftp and wp-admin areas fails, be sure to periodically back up your blog templates, database, and Wordpress files (including images etc.) Backing up won’t prevent you from being hacked, but it lets you recover if someone does hack you. I back up my database daily using WordPress Database Backup.

   I back up the whole blog by saving the entire domain as a zip file and emailing to myself from time to time. (No, not every day.)

Hey, it’s Saturday. That’s as good a time to back up as any. Good luck and safe blogging!

Tags:.htaccess Blog Hacks blog security blogging plugins WordPress

Related Posts:

• Blog Security: htaccess block
• Spam Shields Up!
• Andy Beard Wants Dramatic Titles: Just Like Muhamed Saleem's.
• The Secret to Organizing Posts while Complying with PPP Best Practices

Comments

Blog Security: htaccess block

Reading Matt Cutts blog, I got a chuckle when I read a blog security tip I’d been using at my knitting blog for two years. Evidently, the tips is news to SEO blogging types?

(Which maybe means if you get your security tips from knitting blogs, you an avoid getting hacked the way Greywolf was in January of 2007?)

Anyway, since I know this can happen to anyone, I’m going to describe what the hackers do, and then describe two things you can do to increase security against these hacking attempts.

One will require you to deal with ‘.htaccess’ manually, but results in the most convenient set up while working at home. The other involves using a brand new plugin available at Ask Apache. That plugin is almost perfect. However, it could be improved. Because I got an error when trying to leave comments at “Ask Apache”, I’m going to suggest improvements to the plugin. (The developer asked!)

If he or she takes the suggestions to heart, this will be a truly awesome plugin. (It’s already very useful.)

So, now onto the meat of the article.

What do hackers do?

Click here to read more.
 

Tags:blog Blog Hacks blogging hacking htaccess plugins seo WordPress

Related Posts:

• Don't Get Hacked: Google Bot Trick!
• Here Are Two Quick Ways to Catch Cloaked Nofollows
• Login Lockdown! Keep Wordpress Safe.
• What makes an A-list blogger?

Comments