Posted on 7 December 2008 at 23:44 UTC, filed under Hack, 47 comments.

The last time I wrote about a hacked site, it was using a redirect that sent some users to a different site. This kind of hack is pretty common (even though it’s usually not as complex as mentioned in that post), it leverages the sad fact that users are often easy to trick and not browsing with protection (or a current browser).

A different angle of attack is to redirect only search engine crawlers to a different site. By doing this, they can make it look like the pages of a website moved to a new domain name. In general, when search engines find redirects like that, they will more or less pass the “value” that a page had on to the new URL — that generally also applies to PageRank. So in a sense, they are trying to steal the value that a webmaster has built up over time.

In this particular case, a “massive amount” of sites were hacked and likely redirected through suomi.co.in.
Continue reading ‘Hackers stealing your PageRank’ »

Posted on 5 September 2008 at 22:31 UTC, filed under CSS, Javascript, 23 comments.

Here’s a simple trick to view nofollow links in Google Chrome. Just drag and drop the following button to your bookmark bar and hit it whenever you want to see links with the rel=nofollow HTML microformat:

Nofollow?

This bookmarklet inserts a tiny bit of CSS into the top of the page you’re currently viewing. The CSS is similar to that which is used in other nofollow highlighting methods:
Continue reading ‘Seeing nofollow links in Google Chrome’ »

Posted on 20 May 2008 at 23:27 UTC, filed under Tricks, 17 comments.

Here’s something from my mailbox – someone wanted to know how he could crawl his site and confirm that all of his pages really have the Google Analytics tracking-code on them. WordPress users have it easy, there are plugins that handle it automatically. Sometimes it’s worth asking nicely :) – let me show you how I did it. As a bonus, I’ll also show how you can check the AdSense ID on your pages, if you’re worried that you copy/pasted it incorrectly.

This is pretty much cross-platform, but as a Windows-user you’ll have to grab and install two files first:

  • wget – a tool to download copies of web pages
  • UnxTools – a collection of popular Unix/Linux tools for the hacker in you

Extract the ZIP files, copy the contents somewhere where you can find it and make sure that the appropriate folders are in your “path” (the files you’ll need for UnxTools are in “…\usr\local\wbin”). We’ll need to access these tools through the command line. I have a feeling I may need to elaborate on that for Windows users :) — let me know if that’s the case.

First, we’ll mirror our site on our local machine (this assumes that your site is crawlable; if it isn’t, then fix it first :D ):
Continue reading ‘Confirm that you’re using Analytics on all pages’ »

Posted on 1 February 2008 at 23:14 UTC, filed under Tricks, 13 comments.

Sometimes it would just be great to have multiple instances of Firefox running at the same time. Some web applications just love to eat memory in Firefox, some web pages go crazy if you have JavaScript enabled and sometimes you just want different sets of cookies to let you manage two accounts at the same time.

I’ve been trying to do that for years and did the most exotic things to make it happen. I’ve used four different browsers in parallel and I’ve even used a virtual PC running within my PC (that kind of defeats the desire to use less memory, but it feels neat anyway). In the end, a collegue in the office, who happens to use emacs as his main web browser :D , pointed me into the right direction.

Now I have three completely independant instances of Firefox running at the same time!

3 little Firefoxen, running on a desktop

So what’s the trick?
Continue reading ‘Running Firefox in parallel’ »

Posted on 12 January 2008 at 16:05 UTC, filed under Tricks, 15 comments.

All of the websites I put together at the moment are used for playing around and testing things. It’s fun to set up a site, try some things out, delete it or just let it sit and then – usually much later – start over and try something else. The only problem is that by the time I am ready to start over, I have forgotten my password. I can find my user name, it’s in the FTP client and visible in my hosting control panel, but the password is not visible anywhere. The secure way would be to just pick a new password, but let’s assume you need your old one :-) . The following will also work for email passwords stored in your email client, by the way.

What we’ll do is “sniff” the connection that your FTP client builds up, we’ll take a look at the packets sent out and received. Remember that other people can do this as well – say if you’re on an insecure wireless connection on the road — use secure connections and protocols whenever you can!
Continue reading ‘Go hack yourself – recovering your FTP password’ »