There are multiple uses for hijacking. Some reasons are legitimate (honestly that’s just scraping and cloning). The others? Well they may not be legal as NSEO.
First, for those who just want to legitimately scrape someone’s site and throw it in WordPress there are a couple tools and plugins you can use. HTTrack or SiteSucker on Mac for scraping the site itself. Then for WordPress use HTML Import 2. HTML Import 2 is pretty self explanatory but it’s a breeze to convert many sites from HTML to WordPress.
Proxy Hijacking
How nice would it be to hijack someone’s ranking without building any junk links to their site or reporting them? It’s the perfect NSEO dream. The strategy makes perfect sense after you understand the Panda penalties. After digging ourselves out of so many penalties, we realized we could use it as a weapon against others; only shortly before it was used against us on a mass scale. It took a few months to recover. We learned the only way to remain immune was constantly updating the ban list in htaccess or in the security plugin.
Big Picture
All you have to do is get proxy sites indexed that feature the target’s content. If you get lucky in the Panda lottery, the proxies will get credit for original content. AppSpot has a TON of these proxies publicly available, but AppSpot it is easy to block. Plus it’s on Google’s radar now. An example of an AppSpot proxy would be:
http://www.proxy4youpro.appspot.com/seorevolution.com
Notice, it’s totally indexable. Fortunately in this case, the canonical is halfway correct. This is not always the case. As you’ll see below, other proxies aren’t so kind and do a mass replace of your URL with theirs. A simple search for “inurl:ip-2/encoded” in Google will display tons of the nasty HMA proxies. Follow up with site: commands to find how many sites are likely being targeted. Be sure to show omitted results to see the big picture.
Independent Proxies
The nastiest and most effective are the independently hosted proxies. They have a footprint, but it doesn’t seem to stop them from working. Google this: “include form” “remove scripts” “accept cookies” “base64”
You will find a long list of proxies. http://htgo.com/index.php?q=d2VibWFya2V0aW5nbm93LmNvbQ–&hl=1111101001 is a perfect example of what can be indexed. Notice there are no noindex tags, no robots.txt blocks, nothing. This URL is crawlable.
Proxy Gold
You may get lucky and discover certain colleges or other institutions have proxies for completely legitimate purposes. Hint: these seem to have the most power. Connect the dots.
Mass Scale and Automation
There is software called ZennoPoster that can have a template written to find tons of proxies, and systematically ping/index the addresses to Google. You want the most proxies you can possibly find. Most will fail to index or overpower the main site, but it is not a waste. All it takes is one single proxy to overtake the target and deliver a heavy Panda penalty. Think about that – just one proxy can turn their site upside down if you get lucky.
Making The Penalty Stick
Remember, Panda is sitewide. If the target has a strong site, but has subpages with little power, attack those first. Eventually you can take down the main page you are targeting, even if it’s the homepage. Panda created that loophole, so use it to your advantage.
Kick the site while it’s down, and do not let up. Index more proxies. Use the copy-paste test to find the proxies that are winning and throw junk backlinks at them to make them stick a little more.
Timing
If the target frequently makes new posts to the site, you may get lucky and index the proxy URLs before their own page gets crawled and beat them to the punch.
Repercussions
Most SEOs won’t know what hit them. Only a few know about the copy-paste test. Unless they are watching their logs carefully, they will probably look for link penalties and ask for reconsiderations.
In the rare event they do report a site for proxy site for infringement (we tested that), it goes nowhere. The time it takes to file all the proxies requires a legal team. It’s not worth it for them.
If they are smart, they will start blocking the AppSpot proxy, and eventually deny IPs one at a time.
RewriteCond %{HTTP_USER_AGENT} AppEngine [NC]
RewriteRule .* - [F]
Is all of this legal? Probably not. For this reason, you are on your own and we take no responsibility for your actions. At least it’s not as bad as submitting all of their articles to article directories or bookmarking their site description everywhere.
Will they declare war on your sites? If they are smart enough to figure it out, yes.
Stupid Hijacking
You can do a hijack of someone’s content on a powerful expired domain. Dejan covered this on his blog using his own domain with permission from the target. The problem is how expensive it is for one site. Plus it’s easy to file a report against, and traceable back to the owner as a copyright violation. It’s not worth the effort.