Occasionally we see the innocent query in Blogger Help Forum: Something Is Broken, about the recently introduced Blogger feature - country code aliasing.
Not many Blogger blog owners realise the benefits of country code aliasing, which is, like auto pagination, a feature which is not optional. There are publicly available workarounds, which may bypass the effects of country code aliasing - and which may cause more trouble than simple URL confusion.
Many spammers would love to setup gateway blogs, and automatically redirect their unwitting victims.
Spammers would redirect traffic to dangerous blogs and websites.
The redirections would lead to other blogs (or non Blogger websites) which contain their actual hacking, porn, or spam payload. Blogger / Google, like some browsers and security programs, actively prevents automatic redirection of Blogger blog traffic.
Blogger malware classification is not understood by everybody.
Not all blog owners understand the effect of Blogger malware classification. Similar to spam classification, malware classification persistently scans through Blogger blogs, looking for signs of malware.
Anti-alias redirection code is very simple, and subtle.
Here's an example - a very simple code snippet, recently discovered in the header of the template, in a blog which has been repeatedly locked for "Malicious JavaScript" / "Spam".
var·blog·=·document.location.hostname;
var·slug·=·document.location.pathname;
var·ctld·=·blog.substr(blog.lastIndexOf("."));
if·(ctld·!=·".com")·{
var·ncr·=·"http://"·+·blog.substr(0,·blog.indexOf("."));
ncr·+=·".blogspot.com/ncr"·+·slug;
window.location.replace(ncr);
}
or maybe, a more compact snippet
if ((window.location.href.toString().indexOf('.com/'))=='-1') {
window.location.href =window.location.href.toString().replace('.blogspot.in/','.blogspot.com/ncr/').replace('.blogspot.com.au/','.blogspot.com/ncr/');
}
or maybe
//<![CDATA[(LF)
var·curl·=·window.location.href;if·(curl.indexOf('m=1')·!=·-1)·{curl·=·curl.replace('m=1',·'m=0');window.location.href·=·curl;}(LF)//]]>
To prevent malware detection from blocking this post, I'm omitting the essential opening and closing tags, which would normally encase the above code snippets.
You can try anti alias redirection code, if you like.
If your blog contains similar redirection code, to bypass country code aliasing, you may get a notice, one day, that your blog has been deleted for "Malicious Javascript". In order to get the blog restored, so your readers may view it, you may have to remove the Malicious JavaScript - then wait until the blog can be reviewed, to ensure that it is safe for public visibility.
When your blog is classified as a malware host, you will suffer.
While you wait for review, you will have to endure the loss of search engine and reader reputation - while every would be reader sees the interstitial notice, mentioning why your blog is deleted or locked.
Work on the problem, don't use (and encourage) dodgy workarounds.
You will accomplish more, and cause yourself (and your readers) less pain, by learning to live with country code aliasing - and concentrating on convincing the various search engines and other Internet services to accept Canonical URLs, so country code aliasing will work, seamlessly, with the Internet service which interests you. Alternately, use better designed gadgets and Internet services.
Is there any way I can opt out from this constantly changing of the .com termination, into .be, .bg, or .ro, depending on where I travel?
Not many Blogger blog owners realise the benefits of country code aliasing, which is, like auto pagination, a feature which is not optional. There are publicly available workarounds, which may bypass the effects of country code aliasing - and which may cause more trouble than simple URL confusion.
Many spammers would love to setup gateway blogs, and automatically redirect their unwitting victims.
Spammers would redirect traffic to dangerous blogs and websites.
The redirections would lead to other blogs (or non Blogger websites) which contain their actual hacking, porn, or spam payload. Blogger / Google, like some browsers and security programs, actively prevents automatic redirection of Blogger blog traffic.
Blogger malware classification is not understood by everybody.
Not all blog owners understand the effect of Blogger malware classification. Similar to spam classification, malware classification persistently scans through Blogger blogs, looking for signs of malware.
Anti-alias redirection code is very simple, and subtle.
Here's an example - a very simple code snippet, recently discovered in the header of the template, in a blog which has been repeatedly locked for "Malicious JavaScript" / "Spam".
var·blog·=·document.location.hostname;
var·slug·=·document.location.pathname;
var·ctld·=·blog.substr(blog.lastIndexOf("."));
if·(ctld·!=·".com")·{
var·ncr·=·"http://"·+·blog.substr(0,·blog.indexOf("."));
ncr·+=·".blogspot.com/ncr"·+·slug;
window.location.replace(ncr);
}
or maybe, a more compact snippet
if ((window.location.href.toString().indexOf('.com/'))=='-1') {
window.location.href =window.location.href.toString().replace('.blogspot.in/','.blogspot.com/ncr/').replace('.blogspot.com.au/','.blogspot.com/ncr/');
}
or maybe
//<![CDATA[(LF)
var·curl·=·window.location.href;if·(curl.indexOf('m=1')·!=·-1)·{curl·=·curl.replace('m=1',·'m=0');window.location.href·=·curl;}(LF)//]]>
To prevent malware detection from blocking this post, I'm omitting the essential opening and closing tags, which would normally encase the above code snippets.
<script·type='text/javascript'> ... </script>
You can try anti alias redirection code, if you like.
If your blog contains similar redirection code, to bypass country code aliasing, you may get a notice, one day, that your blog has been deleted for "Malicious Javascript". In order to get the blog restored, so your readers may view it, you may have to remove the Malicious JavaScript - then wait until the blog can be reviewed, to ensure that it is safe for public visibility.
When your blog is classified as a malware host, you will suffer.
While you wait for review, you will have to endure the loss of search engine and reader reputation - while every would be reader sees the interstitial notice, mentioning why your blog is deleted or locked.
Work on the problem, don't use (and encourage) dodgy workarounds.
You will accomplish more, and cause yourself (and your readers) less pain, by learning to live with country code aliasing - and concentrating on convincing the various search engines and other Internet services to accept Canonical URLs, so country code aliasing will work, seamlessly, with the Internet service which interests you. Alternately, use better designed gadgets and Internet services.
Comments
Is following code is malicious?
<script>
if ((window.location.href.toString().indexOf('.com/'))=='-1') {
window.location.href =window.location.href.toString().replace('.blogspot.in/','.blogspot.com/ncr/').replace('.blogspot.com.au/','.blogspot.com/ncr/');
}
</script>
1. The code is probably not added with malicious intent - but the Blogger malware classifier is not intuitive, and can't identify intent.
2. The code bypasses Country Code Redirection - and CC redirection is a righteous new feature provided by Blogger, which will help Blogger blogs be visible in more countries, worldwide.
Even knowing that the code was probably not added to this blog, with malicious intent, classifying this code as malware is probably the right thing to do, for Blogger blogs in general.