302 server redirects exploit allows webmaster create "virtual pages" rank for terms that pages belonging to another webmaster used to rank for.

Successfully employed, this technique will allow the offending webmaster ("the hijacker") to displace the pages of the "target" in the Search Engine Results Pages ("SERPS"), and hence (a) cause search engine traffic to the target website to vanish, and/or (b) further redirect traffic to any other page of choice.

302 redirects tell the search engine that the page’s information has moved temporarily to the hijackers web site and that information now belongs to the hijacker. Scraper Directories "scrape" content off your site and put it on their site to steal your keyword rank. Here are some ways to determine whether you are the victim of hijacking your URL.

- An ID redirect would look like this: HijackersWebSiteURL/id-codecRedirect goes here.?site=
- Meta refresh is a favorite of spammers, and banned by many search engines. Check the browser and view source. Look for code in the header that is similar to this: meta http-equiv="refresh" content="0"; url=http://www.YourOwnDomain
- It is impossible to steal a page without the user knowing. To check this you need to use a heading code. Here is the code for one site.

Notice the 200 OK code, this domain is not redirected. Check Your Site Here: http://www.seoconsultants.com/tools/headers.asp

Server Response: http://inspiredauthor.com
HTTP Status Code: HTTP/1.1 200 OK
Date: Tue, 08 Jul 2008 23:34:28 GMT
Server: Apache/1.3.37 (Unix) mod_auth_passthrough/1.8 mod_log_bytes/1.2 mod_bwlimited/1.4 FrontPage/5.0.2.2635.SR1.2 mod_ssl/2.8.28

OpenSSL/0.9.7a PHP-CGI/0.4mm
Location: http://www.inspiredauthor.com
Connection: close
Content-Type: text/html; charset=iso-8859-1
Redirect Target: http://www.inspiredauthor.com/v3

Now, let’s say that this site was hacked. You would see another website in the location section:

Server Response: http://inspiredauthor.com
HTTP Status Code: HTTP/1.1 302 Found
Date: Tue, 08 Jul 2008 23:34:28 GMT
Server: Apache/1.3.37 (Unix) mod_auth_passthrough/1.8 mod_log_bytes/1.2 mod_bwlimited/1.4 FrontPage/5.0.2.2635.SR1.2 mod_ssl/2.8.28

OpenSSL/0.9.7a PHP-CGI/0.4mm
Location: http://www.thehacker’swebsite.com
Connection: close
Content-Type: text/html; charset=iso-8859-1
Redirect Target: http://www.inspiredauthor.com/v3

Here is how they do it:

1. The robot crawls http://www.hijacker.com.
2. The web server at hijacker.com issues an HTTP 302 redirects the robot to http://www.victim.com.
3. The robot receives content from the web server at www.victim.xyz and indexes it. However, it believes the content has been moved temporarily. It indexes it under the www.badguy.com domain instead of the www.victim.com.
4. A user hits the search page and types in keywords that appear at http://www.victim.com. The search engine finds the keywords indexed under www.badguy.com, so directs the user to http://www.hijacker.com. 5. http://www.hijacker.com steals the content.

Here’s to Find A Redirect using Affiliate Link Checker:

1. Search Google for your blog/website.
2. Locate the entry in the SERPs.
3. Right-click the entry and copy the URL — It will be a Google URL that redirects to your blog.
4. Paste the link into Affiliate Link Checker in the “Affiliate URL” text box.
5. Enter the blog/website’s normal URL in the “Landing Page URL” text box.
6. Save the link in Affiliate Link Checker.
7. Repeat steps 1-5 with your blog entry in Yahoo! (and any other search engine).
8. Create a link entry with the native blog URL in both the “Affiliate URL” and “Landing Page URL” text boxes — This will catch any redirect hacks that don’t filter on referrer.
This tool is created for affiliate sites, but it catches redirects better than the broker link scripts.

One POSSIBLE Solution, The Base Heading Code:

<base href="absolute URL of page">

This Heading code is made so that links can be shortened. However, It might help set the absolute URL of the page, telling the search engine bots that this is the original page. This may help prevent hijackers from using broken links, or taking the www out of the link, to bring down the Page Rank of your website.

The above code will not protect you if someone puts your name or URL in their <title> code, but it will protect against some problems.