MAJOR SECURITY FLAW WITH GOOGLE SITEMAPS

David Naylor points out, as does this WebmasterWorld thread spotted via Threadwatch, a pretty surprising security oversight with Google’s new Sitemaps stats system that can allow anyone access to stats of other web sites, if those web sites don’t report 404/File Not Found errors correctly. Right now, I’m looking at stats for eBay and AOL, as well as Google’s own Orkut!

In order to see stats for a site, you have to verify you own it by installing a special file on your server. Google randomly generates a filename to use, you install this file, then Google checks to see if it exists. If it does, you can view stats for that site.

The problem is, some web sites will respond that any page exists, even if it doesn’t. Rather than sending out a 404 File Not Found error message, they’ll dynamically generate the page with content anyway or they’ll tell the user the file doesn’t exist, but the server code sent to a browser says differently.

For example, try this:

http://www.ebay.com/djkfjkdjfkjd

You’ll see that eBay responds that the page doesn’t exist. However, behind the scenes it redirects the request (sending a 301 server code) to another page that has a 200 Page Found code. As a result, along with Dave and Barry, I’m now looking at eBay’s stats, along with AOL’s stats.

How could we all three of us get access? Because both eBay and AOL will turn any request into a page found code — and remember, we were all given unique file URLs to enter. As far Google is concerned, we all have correctly installed these files.

Full Story

NoFollow No More

FYI people… Massive number of reports of Google dropping the nofollow tag… regardless of nofollow is there or not it’s showing up as backlinks.

Google Analytics

Google Analytics has been installed on one of our clients as a test to see if it affects rankings.

Though we cannot tell you the exact client, we can tell you that the client is a fortune 100 firm with nearly 1 million pages indexed in Google currently.

In 3 months we will publish our findings and any changes (if any) that took place that we could attribute to the Google Analytics program.

Working with Social Media Sites

Working with Social Media Sites.

Recently we have been working more and more with Social Media sites in attempts on raising the profile of our clients and their products.

It doesn’t work for all companies, it works with firms that have interesting products. Things that are really high tech, or breaking news sites that literally have broke a story.

Even though Yooter generally focuses on Search Engine Optimization, we have found that using Social Media sites to help our clients tends to help out just as much, if not more. Social Media sites are sort of like Forums or Youtube, basically places where you could leave a link or a note for others to find and discuss.

You could call it Social Media Optimization. You could call it whatever you want, but in essence it’s just pure internet marketing. They way it works is pretty simple. You try to get the visitors of the clients to want to spread the word.

Spam Google

I am sorry about the off the beat post, but have a good laugh.

Spam Google

Google Update

It appears that Google is doing part three of the three part update.

Details soon.

Welcome to the New and Improved Yooter Search Marketing Blog

Welcome to the new Yooter Search Marketing Agency Blog

Keep visiting.. will be updating soon.

We make markets