Preventing Session SEO Spam attacks
Your competitor can theoretically damage your Search Engine listings and
there is no way to stop the competitor from trying this technique against you, but there is a way out to protect yourself.
Before that it is necessary to note that Google is getting better at ignoring session ids in URLs and will continue to do
that even if they are spoofed as they are in the dark-side technique. Therefore, we can expect that the dark-side technique have a limited life-span.
The simplest way to protect your site from this kind of URL spamming that will protect you from a wider version of this
technique which could use randomly made up URL variables rather than just session ids is as follows:
Firstly, you need to list out all the URL variables that your site currently uses. For example, if your site uses the variables
"page", "offset", and "results" then the URL might look like this:
http://www.site.com/product.php?page=45&offset=22&results=10
Using the dark-side technique, a competitor might try to duplicate your content on your own site by linking to an
extended version of the URL, for example:
http://www.site.com/product.php?page=45&offset=22&results=10
&PHPSESSID=h32b0832h893he94rp98473
Now, create a file in some coding language such as PHP and then call it "darksidestopper.php". This file should have an array
containing all your variable names used in URLs and the following code to check if there are others in the URL:
$urlVars=array("page","offset","results");
// replace this with your site variables
$newQS="";
// this variable builds the real query string
foreach($urlVars as $value){
// this loop checks the values of the
// real query string against that requested
if(strlen($_GET[$value])>0){
if($newQS=="") {
$newQS = $value . "=" . $_GET[$value];
} else {
$newQS .= "&" . $value . "=" . $_GET[$value];
}
}
}
if($newQS!=$QUERY_STRING){
// this conditional redirects the file with a
// 301 Redirect if the wrong query is requested
header( "HTTP/1.1 301 Moved Permanently" );
if(strlen($newQS)0){
header( "Location: " . $SERVER['SCRIPT_NAME']
. "?" . $newQS . " )";
} else {
header( "Location: " . $SERVER['SCRIPT_NAME']
. " )";
}
}
?>
This code also ensures that the URLs used in links are always used in the order you have
specified in the array, which solves another common problem with query-string driven websites
and Supplemental Results in Google. Finally you need to include the darksidestopper.php script
at the start of all your web pages.