34 {{ upvoteCount | shortNum }}
34 {{ upvoteCount | shortNum }}

A PBN with footprints

by seoed
29 replies
  • SEO
    • |
Hi,

I know that some hard core SEOs here use PBNs to rank sites.

But there are some things which keep my mind busy.

I thought about some things which could be some footprints for SEs:

1. Using admin to post your articles
2. Private Whois: If all blogs linking to your main site have this isn't this rising flags?
3. Always using the cms
4. Having just some (up to 7) unique articles on them

Don't you think that these are footprints?
#footprints #pbn
  • Profile picture of the author johnben1444
    Originally Posted by seoed View Post

    Hi,

    I know that some hard core SEOs here use PBNs to rank sites.

    But there are some things which keep my mind busy.

    I thought about some things which could be some footprints for SEs:

    1. Using admin to post your articles
    2. Private Whois: If all blogs linking to your main site have this isn't this rising flags?
    3. Always using the cms
    4. Having just some (up to 7) unique articles on them

    Don't you think that these are footprints?
    Make it natural in all humanly possible ways and you would be fine.

    I don't think anyone would want to share their secret.
    Signature
    Grow your social media account, Spotify Streams, YT Views & IG Followers & More
    Software & Mobile APP Developer
    Buy Spotify, Facebook Bot & IG M/S Method
    {{ DiscussionBoard.errors[8938825].message }}
  • Profile picture of the author Mike Anthony
    Originally Posted by seoed View Post

    I thought about some things which could be some footprints for SEs:

    1. Using admin to post your articles

    Then don't use admin only. WP Allows multiple users

    2. Private Whois: If all blogs linking to your main site have this isn't this rising flags?
    I've yet to see a single network deindexed or found out based on using privacy

    . Always using the cms
    Then don't. I don't use CMS all the time but unfortunately most people won't have anything to do with anything but WP so I have built networks for people with just WP.

    4. Having just some (up to 7) unique articles on them
    What law says you have to have no more than seven plus there are lots of sites with ten or so page (not blogs but that goes back to number 3
    Signature

    {{ DiscussionBoard.errors[8938838].message }}
  • Profile picture of the author seoed
    I've yet to see a single network deindexed or found out based on using privacy
    ok, that's interesting. but we have to keep in mind that this definitely isn't natural. are you mixing your links with those kind of links and "real" ones?
    Signature
    120% in 3 days
    {{ DiscussionBoard.errors[8943275].message }}
    • Profile picture of the author Joseph Then
      Originally Posted by seoed View Post

      ok, that's interesting. but we have to keep in mind that this definitely isn't natural. are you mixing your links with those kind of links and "real" ones?
      There are 101 reasons why people use privacy on domain names, and PBN is just one of them. So why is it not natural?
      Signature
      {{ DiscussionBoard.errors[8943299].message }}
      • Profile picture of the author Mike Anthony
        Originally Posted by Joseph Then View Post

        There are 101 reasons why people use privacy on domain names, and PBN is just one of them. So why is it not natural?
        Yep If you want to get hammered with spam leave it off.
        Signature

        {{ DiscussionBoard.errors[8943497].message }}
    • Profile picture of the author Steve Waller
      Originally Posted by seoed View Post

      ok, that's interesting. but we have to keep in mind that this definitely isn't natural. are you mixing your links with those kind of links and "real" ones?
      It depends what you mean by "real"...

      If you mean am I using other sources such as guest blogging, comments, etc then yes in moderation I do.

      If you mean, am I grafting to get super high quality editorial links by just being super great in my niche then it depends on what the rewards are likely to be for that niche and my site by getting those links.
      Signature


      Crawl Your Way To Cheaper Expired Domains - PM Me To Access My Personal Crawler/Scraper


      {{ DiscussionBoard.errors[8944319].message }}
  • Profile picture of the author nettiapina
    Originally Posted by seoed View Post

    1. Using admin to post your articles
    I don't think that's an issue. There's a crap ton of improperly installed WordPress blogs that are still using the admin username.

    If I was to do a blog network I might be tempted to use very limited number of different WP themes. Theoretically that could leave quite a footprint, but I'm not sure if Google is tracking themes and vendors.
    Signature
    Links in signature will not help your SEO. Not on this site, and not on any other forum.
    Who told me this? An ex Google web spam engineer.

    What's your excuse?
    {{ DiscussionBoard.errors[8943585].message }}
    • Profile picture of the author DeskCoder
      Originally Posted by nettiapina View Post

      I don't think that's an issue. There's a crap ton of improperly installed WordPress blogs that are still using the admin username.
      How is using admin mean the blog was improperly installed? When my hosting creates a wordpress installation, it always creates the admin user as the only user. What's wrong with that?
      {{ DiscussionBoard.errors[8944412].message }}
      • Profile picture of the author yukon
        Banned
        Originally Posted by DeskCoder View Post

        How is using admin mean the blog was improperly installed? When my hosting creates a wordpress installation, it always creates the admin user as the only user. What's wrong with that?
        Nothing.

        Nobody cares.

        A default setup is simply Admin.
        {{ DiscussionBoard.errors[8944464].message }}
      • Profile picture of the author Mike Anthony
        Originally Posted by DeskCoder View Post

        How is using admin mean the blog was improperly installed? When my hosting creates a wordpress installation, it always creates the admin user as the only user. What's wrong with that?
        Its a security factor. Due to everyone using admin WP brute force hackers start out with attempts to break into sites with that username
        Signature

        {{ DiscussionBoard.errors[8944526].message }}
        • Profile picture of the author MikeFriedman
          Originally Posted by DeskCoder View Post

          How is using admin mean the blog was improperly installed? When my hosting creates a wordpress installation, it always creates the admin user as the only user. What's wrong with that?
          That sounds like a Fantastico install. Like Mike A said, huge security risk. It really is not a matter of if your Wordpress site will get hacked. It is more likely a matter of when.

          Fantastico creates some other security issues as well. It should NEVER be used to install Wordpress.

          Do a manual install. It takes less than 10 minutes.
          {{ DiscussionBoard.errors[8944562].message }}
          • Profile picture of the author chris_87
            Originally Posted by MikeFriedman View Post

            That sounds like a Fantastico install. Like Mike A said, huge security risk. It really is not a matter of if your Wordpress site will get hacked. It is more likely a matter of when.

            Fantastico creates some other security issues as well. It should NEVER be used to install Wordpress.

            Do a manual install. It takes less than 10 minutes.
            Mike what do you suggest as a platform instead of WP?
            {{ DiscussionBoard.errors[8944568].message }}
        • Profile picture of the author yukon
          Banned
          Downloaded free themes & plugins for all CMS are a thousand times more likely to be the cause for a compromised site.

          No hacking required when the majority of webmasters don't bother checking their free theme/plugin before uploading. That also includes free HTML templates, not only CMS. Basically anything free that can be uploaded to a host.

          Having a site setup with admin will not drop a page in the SERPs. If your still wearing a tin foil hat, change the name & be done with it.
          {{ DiscussionBoard.errors[8944574].message }}
          • Profile picture of the author DeskCoder
            Originally Posted by yukon View Post

            If your still wearing a tin foil hat, change the name & be done with it.
            Indeed sir, I am.

            {{ DiscussionBoard.errors[8944700].message }}
          • Profile picture of the author jxam69
            Originally Posted by yukon View Post

            Downloaded free themes & plugins for all CMS are a thousand times more likely to be the cause for a compromised site.
            This is less of a problem for Drupal than it is for Wordpress and many other CMSs.

            The reason is that to be listed on the official Drupal website, a theme or module must be open source, and all the development work, source code, change logs, and bug reports are available for everyone to see.

            As a result it's a lot more difficult to get malicious code past the Drupal community than it is with some other platforms.

            However, if you source your code from somewhere other than the official Drupal site, and you're not a programmer, you can fall victim to all the same scams that happen on other platforms.


            EDIT: I just realized I've posted in a PBN thread for the first time (I think) - on the remote chance any of my clients see this, please be assured I don't work with PBNs! I will now return you to your regular programming....
            Signature

            This space will be awarded to the first WSO owner who can prove they make Million$ from their methods.

            {{ DiscussionBoard.errors[8944839].message }}
            • Profile picture of the author yukon
              Banned
              Originally Posted by jxam69 View Post

              This is less of a problem for Drupal than it is for Wordpress and many other CMSs.
              If that was true it would only mean Drupal isn't as popular as Wordpress, like Windows is more popular than Mac.

              Spammers target the masses, Drupal is well known so I kinda doubt they're not being targeted be download spammers, people embedding things like base64 code.

              Also, I'm not talking about core file hacks. I'm talking about themes/plugins that have been downloaded by a spammer, the theme/plugin is tampered with (ex: base64), re-uploaded to a 3rd party site (ex: theme download site), downloaded by an unsuspecting webmaster, then uploaded to the unsuspecting webmasters host (by the clueless webmaster). So your Drupal community detecting malicious code is irrelevant since it's an individual webmaster problem, not a core file problem.

              That's the average process of a compromised site.

              Like I said before, it doesn't even have to be a CMS theme/plugin causing a problem, it can be anything uploaded to a host that can cause a backdoor vulnerability.
              {{ DiscussionBoard.errors[8945524].message }}
              • Profile picture of the author jxam69
                Originally Posted by yukon View Post

                Spammers target the masses, Drupal is well known so I kinda doubt they're not being targeted be download spammers, people embedding things like base64 code.

                Also, I'm not talking about core file hacks. I'm talking about themes/plugins that have been downloaded by a spammer, the theme/plugin is tampered with (ex: base64), re-uploaded to a 3rd party site (ex: theme download site), downloaded by an unsuspecting webmaster, then uploaded to the unsuspecting webmasters host (by the clueless webmaster). So your Drupal community detecting malicious code is irrelevant since it's an individual webmaster problem, not a core file problem.
                I never mentioned core file hacks. I pointed out that you are very unlikely to have these problems with themes and modules (modules are the Drupal equivalent of Wordpress plugins) available on the official site. I've been using Drupal for many years and I haven't seen any malicious code on the official site - I'm not saying it's impossible - I am saying it's rare. If you can point to any examples then I'd like to see them.

                I also pointed out that you are at risk if you download from a 3rd party site.

                So I don't really understand - what are you trying to refute from my comment?
                Signature

                This space will be awarded to the first WSO owner who can prove they make Million$ from their methods.

                {{ DiscussionBoard.errors[8946836].message }}
          • Profile picture of the author nettiapina
            As others have said, a WP instance with an admin user "admin" is a security risk. I'd suggest you just change the username to something else. That's one of the easiest security improvements.

            I'm not against the "one-click installers". Sometimes I use Softaculous to install WP, and it seems to work as advertised. As long as the WP install doesn't include stuff that doesn't come from the official package, and installer doesn't do anything outside of the scope (create db, copy files) - it should be just fine.

            Originally Posted by yukon View Post

            Downloaded free themes & plugins for all CMS are a thousand times more likely to be the cause for a compromised site.
            Having the username admin, a poor password, and no login rate limiting plugin is a very common scenario. The attackers are using botnets and are able to try thousands of passwords against a site in a very short period of time. This is a very common attack, and has been the cause of major headaches for hosting companies in 2013.

            Bad code is a major security issue, but I'm not buying "thousand times more likely". And I monitor dozens of WP sites.
            Signature
            Links in signature will not help your SEO. Not on this site, and not on any other forum.
            Who told me this? An ex Google web spam engineer.

            What's your excuse?
            {{ DiscussionBoard.errors[8945027].message }}
            • Profile picture of the author yukon
              Banned
              Originally Posted by nettiapina View Post

              Having the username admin, a poor password, and no login rate limiting plugin is a very common scenario. The attackers are using botnets and are able to try thousands of passwords against a site in a very short period of time. This is a very common attack, and has been the cause of major headaches for hosting companies in 2013.

              Bad code is a major security issue, but I'm not buying "thousand times more likely". And I monitor dozens of WP sites.
              Your not an average CMS user then, because the average CMS user will never be hit by anyone trying to crack a password. But they will eventually end up downloading a free theme or free plugin (guaranteed).
              {{ DiscussionBoard.errors[8945505].message }}
              • Profile picture of the author MikeFriedman
                Originally Posted by chris_87 View Post

                Mike what do you suggest as a platform instead of WP?
                I did not say not to use WP. I said never to use Fantastico to install WP.

                Fantastico leaves a few security loopholes that are easy for hackers to spot and to exploit.
                {{ DiscussionBoard.errors[8945521].message }}
              • Profile picture of the author nettiapina
                Originally Posted by yukon View Post

                Your not an average CMS user then, because the average CMS user will never be hit by anyone trying to crack a password. But they will eventually end up downloading a free theme or free plugin (guaranteed).
                I'm not sure where you are getting this stuff. Your average WP sites are hit all over the world, all the time, every day. The attacks are automated, and they don't even bother to stop when there's no admin account available to hack. Better web hotels also combat this phenomenon.

                Hacks often got nothing to do with the popularity of the site - any site will do. Actually poorly maintained might be better, because there's no pesky admin to meddle with the attack code.

                I use quite many premium plugins, but the bulk of my plugin list is available for free. You know, not the most convincing argument if you just imply that free equals bad. But as I already acknowledged - you're right on WP having problems with poor plugin and theme code.
                Signature
                Links in signature will not help your SEO. Not on this site, and not on any other forum.
                Who told me this? An ex Google web spam engineer.

                What's your excuse?
                {{ DiscussionBoard.errors[8945548].message }}
                • Profile picture of the author yukon
                  Banned
                  Originally Posted by nettiapina View Post

                  I'm not sure where you are getting this stuff. Your average WP sites are hit all over the world, all the time, every day. The attacks are automated, and they don't even bother to stop when there's no admin account available to hack. Better web hotels also combat this phenomenon.

                  Hacks often got nothing to do with the popularity of the site - any site will do. Actually poorly maintained might be better, because there's no pesky admin to meddle with the attack code.

                  I use quite many premium plugins, but the bulk of my plugin list is available for free. You know, not the most convincing argument if you just imply that free equals bad. But as I already acknowledged - you're right on WP having problems with poor plugin and theme code.
                  Nobody cares about cracking the admin on aunt Martha's knitting site (even automated bots), especially when all they have to do is convince (free) old aunt Martha to download an awesome theme or plugin.

                  Crackers, hackers, tokers, smokers don't like to work.
                  {{ DiscussionBoard.errors[8945574].message }}
                  • Profile picture of the author nettiapina
                    Originally Posted by yukon View Post

                    Nobody cares about cracking the admin on aunt Martha's knitting site (even automated bots), especially when all they have to do is convince (free) old aunt Martha to download an awesome theme or plugin.

                    Crackers, hackers, tokers, smokers don't like to work.
                    Nobody cares about the all-powerful admin account that often has file upload privileges and edit permissions to theme files? Career criminals are attacking WP login just for fun?

                    I'd claim that most hacked themes and plugins are not compromised by the author, but hacked the old fashioned way. Bots are snooping around the sites, trying if scripts and URLs exists, and trying to trigger holes and security vulnerabilities.

                    Marketing fake themes and plugins would be hard work, and Google or your hosting company could just nuke the site spreading them. If you wanted to hack WP sites I'm 100% sure you can just go and buy the tools of trade without resorting to any of this social engineering stuff.
                    Signature
                    Links in signature will not help your SEO. Not on this site, and not on any other forum.
                    Who told me this? An ex Google web spam engineer.

                    What's your excuse?
                    {{ DiscussionBoard.errors[8945647].message }}
                    • Profile picture of the author yukon
                      Banned
                      Originally Posted by nettiapina View Post

                      I'd claim that most hacked themes and plugins are not compromised by the author, but hacked the old fashioned way.
                      I never said anything was compromised by a theme/plugin author.

                      This is getting boring going in circles, I'm out...
                      {{ DiscussionBoard.errors[8945673].message }}
                      • Profile picture of the author nettiapina
                        Originally Posted by yukon View Post

                        This is getting boring going in circles, I'm out...
                        Yes it is. Sorry, but comments with "nobody's interested" and "never happens" are going to get me riled, because I see this happen every day. I've got hundreds of fresh site lockout notifications from today alone.
                        Signature
                        Links in signature will not help your SEO. Not on this site, and not on any other forum.
                        Who told me this? An ex Google web spam engineer.

                        What's your excuse?
                        {{ DiscussionBoard.errors[8945723].message }}
                        • Profile picture of the author Mike Anthony
                          Originally Posted by nettiapina View Post

                          Yes it is. Sorry, but comments with "nobody's interested" and "never happens" are going to get me riled, because I see this happen every day. I've got hundreds of fresh site lockout notifications from today alone.
                          I would not even get riled. He obviously does not even know what a brute force attack is. Its precisely because its the easiest way that its so popular and the popularity of the site has little to do with it. Brute forcers work a lot like Some of the link building tools do - they indiscriminately scan through websites looking for vunerable ones automatically. Aunt Martha's site on knitting come s up and is insecure it gets hacked.
                          Signature

                          {{ DiscussionBoard.errors[8946023].message }}
              • Profile picture of the author Mike Anthony
                Originally Posted by yukon View Post

                Your not an average CMS user then, because the average CMS user will never be hit by anyone trying to crack a password.
                Dude when you don't know what you are talking about just stop talking. You were point blank wrong about saying it didn't matter and now you are just trying to save face. Brute force attacks have nothing to do with plugins and they are VERY common. Here go argue with the Wordpress developers

                Brute Force Attacks « WordPress Codex

                If you can read the Wp developers themselves say that WP sites are a "frequent target". You can never install a plugin or a theme and still get hit.

                Case closed. You were wrong and thats the end of it
                Signature

                {{ DiscussionBoard.errors[8945996].message }}
  • Profile picture of the author Joseph Then
    I usually install "Better WordPress Security" and "Theme Authenticity Checker". BWS will help me secure my wordpress like changing the table name and change "admin" username.

    TAC will help me check the theme for any malicious code.

    Works fine for me so far for all my sites in PBN.
    Signature
    {{ DiscussionBoard.errors[8945401].message }}
  • Profile picture of the author multiplecloud
    1. Using admin to post your articles
    Yes, try to have different author. And new algorithm already have weight for authorship.

    2. Private Whois: If all blogs linking to your main site have this isn't this rising flags?
    I do not think so.

    3. Always using the cms
    Using different cms type is not bad idea.

    4. Having just some (up to 7) unique articles on them
    Do you mean unique article is not good
    Signature

    SafePBN - PBN on different shared hosting company
    █ 100% no bad neighborhood | host pbn at safest
    MultipleCloud - Multiple location hosting provider
    █ 200+ worldwide location | different server | different ip owner | best for pbn

    {{ DiscussionBoard.errors[8948314].message }}

Trending Topics