evilgreenmonkey

With the verticals that I work in, you tend to find the most aggressive forms of SEO - often by affiliates using techniques that the brands themselves would never dream of experimenting with. This goes further than the everyday world of Black Hat SEO, to a place where the lines of ethics and morality really do become blurred. The topic often crops up in SEO forums and blogs, although few people seem to know how it’s done. So let’s explore a couple of ways in which a spammy page on a trusted domain can rank top for a competitive search term.

The majority of these URLs use an old-fashioned doorway page technique, which all the major engines are still having trouble detecting. The basic premise of these pages is as follows:

if (referrer = Google or Yahoo or MSN)
{
Redirect to an affiliate link.
}
else if (browser = Googlebot or Slurp or MSNBot)
{
Show page of keyword rich auto-generated content.
}
else
{
Display 404 Page Cannot Be Found
}

This flow control is usually initiated through a small piece of JavaScript on the hosted page, often base64 or URL encoded to hide from nosey bots and competitors. If anyone gets inquisitive and visits the URL directly, the 404 makes it appear like the page never existed or has been taken down. Any search engine spiders visiting will be re-assured that the page deserves the thousands of links pointing at it due to the keyword rich content shown. Lastly, anyone finding the link in the search results and clicking through will never see the content and get sent directly to the cookie dropping affiliate link (unless they have JavaScript disabled in their browser of course).

You may wonder how such a worthless page can rank above so many other informative pages; the fact is that it doesn’t matter how bad your page is - enough decent links can usually get you on the first page of Google. You may not stay there long, although if you make £50 per sale in affiliate commission and make 20 sales a day for a week - you make a nice little profit. Do it once a month and you can quit your day job and live in the Bahamas!

Okay, I admit that it’s not as easy as it sounds - most of these doorway pages have links from some major authority sites. How do you get authoritative sites to point to your doorway page? Well you Beg, Steal and Borrow…

Beg
Nothing in life is free (unless you steal or borrow), but you can find some bargain links out there. The real bargains come from people who have access to a trusted domain with lots of history, and don’t know what the value of a link is. Most university students (especially non-techies) fall into this category, and many are desperate for cash. Imagine how successful a leaflet drop campaign at a University campus would be, if you offered a free crate of beer or Amazon voucher to the first 50 students who upload your web page or link to their University web space, student union site or restricted-access fraternity/department website. Do it across 20 Universities and you’ve got 1,000 inbound links on an array of IPs and domains - all highly trusted and major authority sites. I personally think that a brand new .edu has just as much authority as any other Top Level Domain; although when that domain has been around for 10 years with more inbound links than the Pope, it’s a different story.

Steal
There are many different ways to put your link on other people’s sites, the most mainstream of which being automated blog comment spamming and forum spamming. These are the bread and butter of Black Hat SEO, although some people look to go further - wanting to upload their links page or doorway page to a third-party website against the site owners knowledge. This involves hacking the site and uploading a HTML file, something that is a criminal offence in most countries. The culprits are not like a normal hacker though - they’ll upload dozens of pages to sites that are easy to compromise and will skip over sites that are too hard or take too long to crack. The methods used are also quite basic, taking advantage of documented vulnerabilities in poorly coded Content Management Systems, SQL injection attacks or finding a web folder with its permissions set incorrectly. Why spend hours cracking an FTP password when you can use HTTP PUT to upload files to a student’s MP3 folder without even being prompted for a login? This is how many of the spam pages ranking for competitive terms are achieved, and you can usually tell how the site was compromised from the URL structure - such as /cms/images/, /upload_text/ and /~jimbob/mp3/.

Borrow
One way to “borrow” a link is to use XSS (Cross Site Scripting) and add a link to someone else’s site using a special URL, without actually uploading a permanent link to their page or making it visible from the normal navigation of the third-party site. This can be achieved by parsing a malformed piece of HTML to a search form for example. A site that does not clean data submitted to it will then display the HTML on the search results page. Rob from Bronco recently posted an example of an XSS exploit found in the commonly used phpinfo() function of PHP. This .edu page now has a link back to my site after changing the URL and with no hacking required. It’s worthless on its own (and harmless to the site) as no one is linking to that exact URL and the spiders won’t find it. But point a couple of hundred spam links at the XSS URL and you’ve now got an important page on a trusted .edu site, which spiders will then index and find the link back to my site. It’s not just the odd education site that is vulnerable to this type of exploit - you can even get a link from Yahoo and the British Prime Minister using XSS. Although some action has been taken by the search engines to discount these links, I know from my own research that they can still work and can have a big impact on search ranking.

So once you’ve got your authoritative inbound links from blog comments, Universities, Government and search engines linking into your student hosted .edu doorway page - just sit back and watch your search rankings soar and the money role in ;).

Many of the techniques discussed here are dangerous and/or illegal; so don’t even think about using this as a “How-To” guide. I currently work to combat some of the more illegal methods mentioned here for brands, so please don’t take this post as me condoning or using them. At least the next time you read about these types of spam pages, you’ll know what they are and how they’re achieved.