Site icon Search Engine People Blog

My last word on 302 redirect hijacking?

Oh so long ago, I started ranting about 302 redirects / 302 hijacking problems. Before I started ranting, others had been ranting for quite a while. If you want to refresh your memory, you can read my posts that date back to November, 2004 (shown below).

11/4/2004 - Rankings hijacked by 302 redirects - are you a victim?

12/22/2004 - Search engines, bugs, and ethics

2/11/2005 - Search Engine Indexing Summit

3/15/2005 - The Google 302 pagejacking problem explained

4/19/2005 - Google finally addressing the 302 hijacking problem

5/24/2005 - Google updates and hijacks

5/25/2005 - Google Pagejacking Petition

8/2/2005 - Google looking for your help to solve redirect hijacking

So, although Google took a very long time to even acknowledge the existance of 302 hijacking problems, they have FINALLY come close to solving the problem. Matt Cutts discussed it a few times on his blog yesterday in various posts. In SEO advice: url canonicalization, he says Many months ago, if you saw someresult.com/search2.php?url=mydomain.com, that would sometimes have content from mydomain. That could happen when the someresult.com url was a 302 redirect to mydomain.com and we decided to show a result from someresult.com. Since then, we've changed our heuristics to make showing the source url for 302 redirects much more rare. We are moving to a framework for handling redirects in which we will almost always show the destination url. Yahoo handles 302 redirects by usually showing the destination url, and we are in the middle of transitioning to a similar set of heuristics. Note that Yahoo reserves the right to have exceptions on redirect handling, and Google does too. Based on our analysis, we will show the source url for a 302 redirect less than half a percent of the time (basically, when we have strong reason to think the source url is correct)..

In SEO advice: interpreting inurl, he explains that using inurl: to detect hijacking is not useful. In SEO advice: discussing 302 redirects, he discusses more in detail when they might choose not to show the destination url (due to long, ugly urls showing up), and also discusses the fact that the new BigDaddy datacenter (66.249.93.104) is the one to watch for solving these problems.

Finally, in Feedback on Bigdaddy data center, he gives details on how to give feedback on the Bigdaddy datacenter, specifically, feedback about canonicalization, redirects, duplicate urls, www vs. non-www, and similar issues.

Now, I don't claim to know exactly how big an issue this has been. I certainly have no way to count the number of sites that have been hijacked. If you listen to webmasters, it seems huge. If you listen to Googleguy, the problem is minute. In either case, if the chance exists (no matter how small), that your site can be hijacked, it needs to be prevented.

So, hopefully (all fingers crossed), Google is finally really, truly trying to solve the 302 hijacking problem. I'm happy about that, but it does irk me that it has taken so incredibly long for them to accomplish this. Normally, I would give kudos to a search engine for fixing a problem, but dang it, I just can't seem to spit out the words "Thank you" for something that should have happened about a year ago.

In any case, for those of you interested in the hijacking problem, take a gander at the Bigdaddy datacenter and see if things look better to you...or not. If not, be sure to send feedback, and please do so using the rules Matt has laid out. Otherwise, the feedback will probably just get tossed.

I propose a toast to the END OF 302 HIJACKING and the END OF ME HAVING TO RANT ABOUT IT.