SEO word salad pornography?
December 18, 2008 7:49 PM Subscribe
What in the world is going on with this website (subject of a recent askme)? Have a look at these google results: site:carolscookies.com inurl:locator. Is this an indication that the website's been hacked, or is this the kind of disgusting behavior that passes for SEO these days?
I tried to google the site for nutrition information to answer the original question, but my query turned up all these pages. Rather than derail the original thread, I'm asking a fresh question.
I tried to google the site for nutrition information to answer the original question, but my query turned up all these pages. Rather than derail the original thread, I'm asking a fresh question.
I don't know much about computers, but I think it might be wise to warm people who are trying to look at the site to answer the question. It might be possible for them to gather information about you if you click the wrong thing on that site?
posted by Night_owl at 8:16 PM on December 18, 2008
posted by Night_owl at 8:16 PM on December 18, 2008
Rough guess is that she was using a locator script downloaded from the web somewhere that was a bit rough around the edges and got spammed.
Looks cleaned up now.
posted by bitdamaged at 9:11 PM on December 18, 2008
Looks cleaned up now.
posted by bitdamaged at 9:11 PM on December 18, 2008
Response by poster: bitdamaged says it "looks cleaned up now", but that's not the whole story--the links return a 404 when I click on them in my web browser, but return suspect content when I download with wget. User-agent detection?
lee, sorry, I live in a fantasy world where clicking on things on a website can't harm your computer in any real way. I went ahead and flagged the original askme question.
posted by jepler at 5:59 AM on December 19, 2008
lee, sorry, I live in a fantasy world where clicking on things on a website can't harm your computer in any real way. I went ahead and flagged the original askme question.
posted by jepler at 5:59 AM on December 19, 2008
Best answer: I saw something like this happen to a site I was maintaining for my university department. This looks like a PHP script exploit. Spam sites hammer these sorts of scripts, constantly. In my case it was using referrer logs to build directories of spam sites. In this case it looks like they're exploiting the server to host links to stuff. They've managed to trick the locator script into accepting and remembering URLs, which are probably redirecting your wget requests to the pirated software + porn described in the links.
Based on response headers the site is running Apache 1.3.41 (newest, but still a legacy version) and PHP 4.4.8 (another legacy version, and one revision behind the current 4.4.9 legacy patch) which might be part of the problem.
The locator script they're using is Ultimate Locator. The site has the admin login for the script control panel in the open, and more than likely the site maintainer chose the default user name and a poor password that was quickly cracked.
posted by caution live frogs at 7:23 AM on December 19, 2008
Based on response headers the site is running Apache 1.3.41 (newest, but still a legacy version) and PHP 4.4.8 (another legacy version, and one revision behind the current 4.4.9 legacy patch) which might be part of the problem.
The locator script they're using is Ultimate Locator. The site has the admin login for the script control panel in the open, and more than likely the site maintainer chose the default user name and a poor password that was quickly cracked.
posted by caution live frogs at 7:23 AM on December 19, 2008
This thread is closed to new comments.
posted by MadamM at 8:00 PM on December 18, 2008