What is URL hijacking?

According to aviationopedia.com, URL hijacking describes the situation in which a website is not linked directly, but with the help of a redirect. In the case of search results pages, this can in turn lead to the redirect page being displayed instead of the target page. The actual target page was removed from the search engine index and can therefore no longer be displayed in the search results.

URL hijacking example

The page www.example.de is linked from a subpage of the directory www.verzeichnis.de, but not as usual via the HTML tag ᐸ a ᐳ, but by means of forwarding. It looks like this:


It can happen that www.example.de does not appear in the search results, but the page with the redirect, ie: www.verzeichnis.de/redirect.php?target=www.beispiel.de. The search engine sees both pages – the “directory page” and the “example page” – as identical and therefore only lists one of the two in the search results, in the worst case the redirect.

This is particularly common with web catalogs, which often include the target URL dynamically using PHP. This “intermediate page” can be used, for example, to save click data for statistical purposes.

Causes: 301 and 302 – permanent and temporary redirects

Forwarding is possible in various ways. There are specific HTTP status codes for this, namely 302 and 301:

A 301 redirect is a permanent redirect.

With 302 pages are temporarily redirected. PHP scripts often create a redirect with 302.

Permanent redirects are set in the event of URL typing errors, for example, in order to lead the user to the correct main page or if, for example, parts of the page have been given a new file name due to a relaunch. Temporary redirects are used when the page you are looking for should only be temporarily accessible via a different address.

Since the search engine crawlers are based on these standards, they index the first address at 302, even if it redirects to another page. You cannot tell what type of page it is, e.g. a web catalog from which a shop is linked. Because the search engine only “concludes”: 302 = temporary. So this means: The page to which the link is made will only exist for a short time anyway and the first page will soon be accessible again as normal.

Detect hijacking

Whether a page has been “kidnapped” can be seen as follows, for example:

Site query: site: Meine-seite.de – the hijacking page appears here instead of your own website

Cache query: cache: http: //www.meine-domain.de – instead of finding your own domain name, the hijacking page is here

Most cases of hijacking are based on ignorance of webmasters and are therefore not done on purpose. But it is also possible to misuse the forwarding to bring your own page to the front in the SERPs. This falls under Black Hat SEO and is considered a criminal act.

Consequences of url hijacking

If website A redirects to website B via 302 and the search engine still assigns B to A, then page A takes over / “hijacks” the ranking from page B, that is, instead of the usual search result position from B. A page that is no longer in appears in the search results, is of course no longer clicked, so that there is an intrusion of visitors.

Actions after “URL hijacking”

To solve the problem you have to contact either the webmaster who set the redirect or the search engine. Because your URL disappears (is hijacked) from the database of the search engines and thus also from the search results.

For permanent redirects you should always choose the 301 redirect. This is definitely much less prone to the hijacking effect. However, if the redirection destination changes each time it is called, a 302 redirection makes sense.

If content is to be forwarded over a longer period of time via 302 redirect, you can also block the script for the crawler and thus prevent hijacking.

What is URL hijacking