WebProNews

Third parties could hack someone's place in Google's SERPs right out of the index with some malicious proxy work.

Google Search Results: Your SERPs At Risk

A few short days before the biggest search conference of the year, SES San Jose, we've learned of a story that should have people talking next week. Dan Thies claimed he has been sitting on an explosive story of Google proxy hacking for a year, and has just posted about it on his SEO Fast Start blog.

"Danny Sullivan has known nearly as long, and I suspect that his behind the scenes efforts are the reason why the major search engines all decided to publish "how to validate our spider" instructions after SES San Jose last year," Thies said.

A SEO client, Brad Fallon, with a site that Google indexed all of save the home page, set Thies looking for the reason why that page wasn't making it into the SERPs. The client's page had been fetched by Googlebot through a proxy, creating a duplicate content situation.

Thies' client's home page was being dropped by Google. Through further investigation, Theis discovered, "Someone was actively seeking out proxies and linking to them, so that Google would pick them up, and drop Brad's home page." Fallon's site had not been banned by Google.

To alleviate the problem, Thies opted to do the same thing bookmarking site Delicious does: reverse cloaking:

Every page Brad's web servers deliver now has "noindex, nofollow" in the robots meta tag, unless the request comes from a validated search engine spider. A "spoofed" proxy visit from Googlebot delivers a page that won't be indexed. A real visit from Googlebot gets the page with "noindex" removed.

The problem has been existent for more than a year, and Thies felt it was time to talk more about this issue publicly. We're betting lots of people will do just that.