Perspectives

Host injects JavaScript causing Google to throw flags

Companies relying on their websites for strategic positioning, content marketing, and sales should monitor their Google Search Console regularly.  This may seem obvious, but for many small businesses where owners wear many hats, taking the time to do so can seem like a low priority.  We advise our small business clients to do so monthly, more often if they are running any online marketing campaigns.  On behalf of one of our clients, we recently received a Google email saying: "New AMP issue detected for site..."  

AMP is short for Accelerated Mobile Pages Project, which is an open source initiative. For a variety of reasons relating to its business model, Google is heavily invested in the mobile web, so when you receive an email like this, pay attention, as it is negatively impacting your website's search results.  In this particular email, the reason given was: Custom JavaScript is not allowed.  Integrated Media Strategies builds only open source sites and uses vendors who produce well-coded commercial open-source licensed extensions, so it seemed odd that something had changed, prompting the email.

Google provides a link to the page in Search Console where the errors are found and if you click through on the list, it is possible to see what the code is and where it is coming from.  After double checking the code in the pages themselves, it was apparent that the code was not at site level, but originating at server level.  The code highlighted as problematic by Google looked like this:

Script

 For people who aren't used to looking at code, this probably looks like a foreign language.  But a key clue is in plain text:  Monitoring performance to make your website faster. If you want to opt-out, please contact web hosting support. In this instance, hosting was provided by GoDaddy. 

It turns out that GoDaddy, without telling any of their clients, had implemented this code on their shared servers.  It was injecting this code onto websites, resulting in flagged pages by Google.  Everyone has negative stories about hosting companies, but for small businesses, outsourcing hosting is a key function and for a few dollars a month, remains a cost-effective solution.    In this instance, GoDaddy's Forums yielded a fix for this particular JavaScript issue. 

Log into your hosting account, go to your cPanel, and in the top right hand corner, you'll see a button titled cPanel Admin.  To the right of the button are three dots.  If you click on those, it brings up a dropdown with two options.  Select Help Us and then click Opt Out.  The hamsters will run in the wheel for a while and your option will be saved.  Done.

There have been other issues reported related to this script running on sites. In some instances it is triggering ad blockers in browsers resulting in a range of difficult-to-diagnose issues like disappearing images.  You may also see a slight increase in page load times after disabling the script.  Once you have completed the steps, in Google Search Console, tell Google you have resolved the issue and ask them to validate your fix.  It may take a few days.

Details
Category: Learning
Published:
Hits: 3594
Subscribe
Show comment form

From Our Blog

  • Skype's demise creates new method of spoofing and malware - malicious Microsoft Teams invites

    The demise of Skype and people switching to Microsoft Teams is producing a new wave of socially-engineered malicious activity using spoofed email meeting requests, some with attachments.

    Now that Skype has Skype has been retired by Microsoft, people who once used the voice and video platform for meetings have been told to switch to Microsoft Teams.  So instead of seeing a message notification in Skype, it is now much more common to see in your inbox a calendar notification email with time blocked out tentatively on your calendar.  Because meetings often require associated subject matter for the meeting, attachments and links are also quite typical. 

    It is both this increased frequency post-Skype, and the normality of having attachments for meetings that make them an ideal vector for malicious activity - something that is being exploited as the switchover from Skype happens. 

    Read more …

  • Ten years of working with the African Leadership Institute

    In this industry, clients often hire for a project, and when the project is done, that’s the end of the relationship. Projects can last a few weeks or months, and then it’s turned over. It’s seldom that clients develop the trust and a working relationship that lasts a decade, but it’s a milestone that’s been accomplished at Coherent Marketing.

    In 2013, the African Leadership Institute wanted to transition from a web 1.0 site to something that would better reflect the work they did in developing the next generation of world-class African leaders through their flagship programme, the Archbishop Tutu Leadership Fellowship.

    Read more …

  • Falling foul of copyright ambulance chasers

    When selecting a vendor to provide website development or digital communications, make sure that they provide services that prevent your organisation from legal action due to possible copyright infringement. More importantly, your vendor should help your organisation put in place processes to ensure you manage images and music, understand digital rights and licenses, and save the licenses for images you use.  This is true for digital content used on your website or in social media posts.  Choosing a vendor just because they had a really, really low price to produce your website - but expose you to copyright claims - becomes a quick method to discover that you get what you pay for.

    Artificial Intelligence (AI) now makes it easier for copyright trolls to threaten organisations for use of an image they have used online. Here's how to avoid that.

    Read more …