Search Engine Optimization is the process of increasing the visibility of a website or a webpage in a search engine result page. SEO comes with two views: Positive SEO and Negative SEO.
Positive Search Engine Optimization is a process to positively impact ranking for a URL, by manipulating a variable within the content, links or user signal areas.
Negative Search Engine Optimization is a process to negatively impact ranking for a URL, by manipulating a variable within the content, links or user signal areas.
Who is attacking you?
There are several ways to unmask the people targeting your website with a negative SEO attack. The first way to find out attacker starts with you, depending on the type of attack you are experiencing. However they are attacking you, you will need to gather some information in order to shut them out.
Let’s have a look at some common attack methods and learn how to defend them.
Injected content and links
Content injection also referred to as content spoofing, is an attack targeting a user made possible by an injection vulnerability in a web application. If an attacker has managed to inject content or link to your existing website, you will need access to your server logs to determine which IP was used for the link or content injection. Moreover, attackers forget to proxy themselves, giving you a glimpse of where they are coming from.
Comment spanning is a process of commenting irrelevant content to someone’s blog for a sole purpose of dropping a link to the spammer’s website. Comment spamming can be done in two ways: manually or by using a spamming software.
This attack method is pretty easy to spot and easier to fix. You just have to turn off your comment unless you definitely need them. Or else you can add stronger CAPTCHA’s and spam traps like Akismet.com.
This attacking method can be hard to notice until a lot of damage has been done. Hotlinking is a practice that can negatively affect your site’s performance since people embed your images on their site by linking directly to them. This practice uses your bandwidth, which makes offenders easy to discover by looking at traffic coming in via your analytics and data usage in your raw logs. The domains hosting your images can be exported into an attackers list.