Definition

proxy hacking

Proxy hacking, also known as proxy hijacking, is an attack technique designed to supplant an authentic Web page in a search engine's index and search results pages. An attacker may use proxy hacking to gain an advantage over a competitor or, ultimately, to redirect users requesting the targeted page to a malicious or fraudulent website.

Here's how it works: The attacker creates a copy of the targeted web page on a proxy server and uses methods such as keyword stuffing and linking to the copied page from external sites to artificially raise its search engine ranking. The authentic page will rank lower and may be seen as duplicated content, in which case a search engine may remove it from its index.

Bill Atchison and Dan Thies gave a presentation on proxy hacking at the 2006 SES conference in San Jose. Thies had noticed the vulnerability in Google's algorithm the previous year and alerted the company. Although Google has attempted to deal with the problem, proxy hacking attacks have reportedly continued to affect the company's search results as recently as February 2010.

If you suspect that your website is the victim of a proxy hack, search for a phrase that should be unique, or almost unique, to your content. Your page should be prominent in search results. If, however, a duplicate of your content shows up, it may be a proxy page.

Proxy page URLs typically look different. Dan Thies provides this example of how a proxy link might appear:

www.example.com/nph-proxy.pl/011110A/http/www.mattcutts.com/blog/

In the middle of the link, http/www appears, which is only at the start of normal URLs.

To prevent proxy hacking, you should limit connections from open proxy servers to your website. Open proxy servers, which are accessible to anyone online, are often used for illegal purposes.

This was last updated in October 2010
Posted by: Margaret Rouse

Email Alerts

Register now to receive SearchITChannel.com-related news, tips and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

More News and Tutorials

Do you have something to add to this definition? Let us know.

Send your comments to techterms@whatis.com

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: