Negative SEO, Technical SEO

False Query Parameters, the Sneakiest Kind of Negative SEO

""

/?False-Parameter-Attacks Might be Killing Your CTR

This post is part of a series on negative SEO. Check out my Beginner’s Guide to Negative SEO to see other common of attacks and how to protect against them.

90% of the time that SEOs are talking about negative SEO, we’re skipping around the melodramatic topic of spammy and unnatural links. Without fail, whenever I explain “Fiverr blasts” to a client or a classroom, I get an audible OMG.

Don’t get me wrong, negative SEO has been a big issue for as long as Scrapebox has been around. But today, I’d like to shine a little light on the vaguer and nastier cousin of link spam… an awkward, natural kind of negative SEO. Its name? Well, I don’t think it has one… but David McSweeney called them “false parameter attacks,” and I think that fits.

Ever get a high authority, white hat link that you want gone? No? Let me show you why you might want to double check your backlink profile.

Say you own the eCommerce site pottingsoil.com (and you sell the very best potting soil). On your only Product page (pottingsoil.com/product/), you’ve don’t have a canonical link.

Now say I own the site bestsoil.com, and we’re fierce competitors. I decide that I’m going to go to my journalist buddies over at “Gardeners Magazine” and publish a piece about your products. Great, right? Free exposure!

In this piece, I link to pottingsoil.com/product/?our-soil-sucks.

Conversion Destruction

Because I was feeling extra evil, I built an otherwise white hat, high-authority link to an important non-canonicalized page on your site — and with a particularly unflattering query param. This was discussed in this /r/bigseo post. The idea is to index the ?our-soil sucks page right next to your high-profile Product page and watch your organic CTR implode.

There are other big implications if left unsolved too:

Google Panda

When people talk about Google’s Panda core algorithm update, they generally mention thin or duplicate content. The best way to generate that for a competitor’s site? Find a non-canonicalized page on their site and link to dozens of query parameter variants.

How Not To Prevent This Type of Negative SEO

Google’s parameter settings in Search Console: While a powerful tool, this really only solves the problem for Google. Unless you plan to block query parameters globally, it’s going to be an endless game of cat and mouse.

Blocking query parameters in the robots.txt: This is kind of a reckless nuclear option. I generally don’t like solutions that limit what you can do legitimately on your site, and if you ever want to index a page with query parameters, this will prevent it.

Stripping query parameters in the .htaccess, nginx server block, etc.: Not a fan for the same reasons.

The Best Way to Prevent Query Parameter Fraud

The answer here is simple: use canonical links! A good, consolidatory canonical link is almost always the right answer to solving query parameter problems. For help with understanding and implementing good canonicals… well, I refer you back to Mr. McSweeny and the rest of the internet. It’s as easy a fix as it can be an oversight.

The second most important thing, of course, is to monitor your backlink profile either in Search Console or by using a tool like ahrefs. Also monitor for any weird referral traffic in your analytics tool of choice.

The third most important thing is to crawl your site with a tool like Screaming Frog to identify any pages without canonical links!

BONUS: ahrefs’ Dope Solution

Since the ahrefs blog was the place where Mr. McSweeney coined the phrase “false parameter attacks,” and he explains how he prevented false parameter attacks on ahrefs, I want to show the brilliant solution that the ahrefs team developed to protect against this kind of negative SEO.

Let’s go with the most situationally ironic ahrefs page we can find: their new job posting for a technical SEO!

very technical SEO job posting

At first glance, this page actually doesn’t have a canonical link. Easy target for query param spam, right? You could even try something sneaky, like making a blog post with this dofollow link:

https://ahrefs.com/jobs/very-technical-seo?hire-me-plz-your-name-here

But ahrefs ain’t no chump. Give it a try — as soon as you throw an arbitrary query parameter behind the URI, the page generates a snippet that canonicalizes the new variant to the homepage, and it noindexes the unwanted link you just made as an extra precaution.

Link rel equals canonical, ahref equals ahrefs.com. Meta name robots, content equals no-index.

So cool.

BY THE WAY: Hopefully it goes without saying that I don’t actually advocate doing any of the negative SEO techniques in these posts! Please play fair.

Have your own negative SEO experiences? Did I miss something? Let me know in the comments!

Posted by on .

Comments

0 comments so far.

You must log in to comment.