An Important Update

Dear Followers Of This Blog ...

If you did not use a Blogger / Google account when you Followed this blog, years ago, you are probably not Following now . During the past...

Saturday, April 04, 2009

Custom Domain Published Blogs, And A Righteous Offsite Redirect Interstitial Warning

In January of this year, I noted that a number of externally published blogs, some externally hosted, others not, were subjected to an "Offsite Redirect" interstitial warning. For blogs published using FTP, to an external server, this is a righteous condition.

Even if blog content is produced from Blogger and published to an external server, and the content is monitored by Google and scrutinised for undesirable content (hacking, porn and / or spam), that does not guarantee that the content of an FTP published blog will all come from the Blogger server. Any server that you FTP content to, from Blogger, you can as easily FTP to from a non Blogger source, and can add non Blogger content. Some non Blogger content could possibly contain hacking, porn, and / or spam.

Spammers have used Blogger this way, in the past. Start with a BlogSpot URL, redirect it using external hosting, add spam directly to the external host. In that case, an "Offsite Content" interstitial warning is righteous.


This is righteous, for FTP published content. Not for custom domain published content.

This blog has not been hosted by Blogger, and has not been checked for spam, viruses, and other forms of malware.

Your readers won't be happy.



Content produced by Blogger and published to a Google server, as a custom domain, should not be subject to the same mistrust, though. Custom domain content, on Google servers, can only be published using Blogger. No spam content can be added directly. And the Google content is scrutinised by Google, just as is BlogSpot content.

So, the above display should never apply to a custom domain published blog. Right?

Wrong.

Here's an (excerpted) HTTP trace.
Sending request:

GET / HTTP/1.1
Host: myblog.blogspot.com
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.8) Gecko/2009032609 Firefox/3.0.8
Connection: close

• Finding host IP address...
• Host IP address = 74.125.19.191
• Finding TCP protocol...
• Binding to local socket...
• Connecting to host...
• Sending request...
• Waiting for response...
Receiving Header:
HTTP/1.1·301·Moved·Permanently(CR)(LF)

<div·id="body"><div·id="main"><div·id="m2"><div·id="m3"><div·class="mainClm"><h1>You're·about·to·be·redirected</h1>(LF)
<p>The·blog·that·used·to·be·here·is·now·at··http://blog.mydomain.net/.(LF)
<br>(LF)
Do·you·wish·to·be·redirected?(LF)
<br><br>(LF)
<span·class="info">This·blog·is·not·hosted·by·Blogger·and·has·not·been·checked·for·spam,·viruses·and·other·forms·of·malware.


That's bogus. It's a custom domain published blog. We think.

So, we look at the DNS addresses.
blog.mydomain.net. 10800 IN A 74.208.62.112
www.blog.mydomain.net. 10800 IN A 74.208.62.112

perfora.net (74.208.62.112)
74.208.0.0 - 74.208.191.255
1&1 Internet Inc.

in some cases, a modified version of the above
blog.mydomain.net. 10800 IN A 74.208.62.112
www.blog.mydomain.net. 10800 IN CNAME ghs.google.com.


That is probably a custom domain published blog - the second example is one, anyway. My gut feel, based upon the questions asked in the BHG Something Is Broken forum, is that's a custom domain published blog. But Google doesn't go on gut feel - they look at the DNS destination. The Google script detects it as an offsite redirect attempt, and in this case, that's a righteous call.

The above case shows yet another spurious DNS address configuration.

>> Top

Dude, hit me with a comment!