SEO Security Advisory - Check your sites NOW

This wont apply to vBSEO sites, mbut for those with non-vbulletin sites, you will want to check this out right away.

Full details here.
SEO Security Advisory - Check your sites NOW

Wow!

That's a pretty serious situation you are describing Rob.

I will read it again once this cup of coffee has sunken in.

lets face it ace..... the whole seo world is up in arms over duplicate content.... a simple search on google for 'duplicate content google' will show you how bad and serious the dupe content problem is in the google world.

Lets say for arguments sake, that vBSEO wasnt as secure as it is... I could link to this thread with a doctored link, with the link text :- vbseo bad security

like I said, if vBSEO was open to this hole, I would have done two things.... created a duplicate content page on this site, and worse than that - the *potential* for a drastic NEW KIND of googlebomb exists... because the words in the link text ALL EXIST in this page. All you need is many sites linking with the same link text.

I cannot yet confirm if the googlebomb potential exists, but if you use words in the link text that exist on the page, and then inject those keywords into urls also, then I'm pretty much 95% certain this would get around the googlebomb patches that were put in place by google very recently.

You bet its bad, thankfully not for vBSEO though.

I don't get how you made a second page with the root url ?

btw, Great tagline on your site

heh.. .thanks.

This is impossible to do for root urls (domain roots), but it's fairly easily possible on as many as 1 in 4 websites for inner pages.

see if you can spot the similarities in these url's and you will know instantly what I'm getting at

CommunitySEO for IPB v1.0 Feature List - CommunitySEO
CommunitySEO for IPB v1.0 Feature List - CommunitySEO
CommunitySEO for IPB v1.0 Feature List - CommunitySEO
CommunitySEO for IPB v1.0 Feature List - CommunitySEO

Hope you understand now.

I understand what your saying..
I don't see how you made

notyoursite.com/forums/thread-title-that-you-make.html ?

Regardless of the CRU content, the "t35.html" remains the same.

What does that?

What is it that you can't get?

Many sites are not careful with ensuring URL integrity... it's that simple.

Juan.... can you see what i mean here.... lol Is there anyone's head this isn't whizzing over?

I get it. Is it only IPB sites that have this 'feature'?

CommunitySEO for IPB v1.0 Feature List - CommunitySEO

Hi Ace..... that site was one i truly, and genuinly picked at random. This affects joomla, worldpress, drupal, mambo and many hundreds of other content rewritten applications also.

It also includes many home-rolled sites that implement url rewriting!

THIS ISNT JUST FORUMS! ..... it's far more serious.

I don't see how you can make a URL on a site that isn't yours.... ?

It's to do with the way the 'target' site has its rewrite set up.

With the one that has been used as an example in this thread, *anything*t35.html will show that page.

Therefore, all we need is another site that we use to send spiders to that site, using different URLs. Dupe content applies, and they take a hit.

We would auto-301 anything like that, but I understand that it is a cause for concern especially for other types of rewritten CMS.

wow

CommunitySEO for IPB v1.0 Feature List - CommunitySEO

how odd, this is for all sites ? does it work with the htaccess ? like can it be done to my blog vBulletin Setup ? :(

Your site is safe to a certain degree (in the fact you cant inject keywords into the url), but you can still add lots of dupe content....
eg:
vBulletin Setup » Blog Archive » Do you want to Earn money posting on vBulletinSetup ?

Prolly an easy fix - you are replacing hypens with spaces and using trim....
just dont use trim