Google Chrome has recently added an API to modify HTTP headers. This in turns, made it possible to port Zscaler’s Search Engine Security add-on from Firefox and Firefox Mobile to Google Chrome.
 |
| Search Engine Security on the Chrome Web Store |
Most hijacked websites used for Blackhat SEO check the Referer header and the User-Agent, to decide whether to redirect the visitor to a harmless spam page or to a malicious domain (Fake AV page, Blackhole exploit kit, etc.). By modifying these 2 headers when the user leaves a Google, Bing or Yahoo! search, Search Engine Security fools the hijacked site into thinking that the visitor is not a real user and therefore avoids redirection to the malicious content.
 |
| Search Engine Security enabled for Google |
All the work is done in the background, so it can be tricky to understand exactly what happens, or even if the add-on is working. We have therefore added a small note on the Google/Bing/Yahoo! search result pages to show you whether Search Engine Security is on (default settings) or off (disabled in the options): Zscaler SES on or Zscaler SES off.
 |
| Search Engine Security disabled on Bing |
To understand how the the headers are modified, look for “referer mobilefish” in Google after you have installed Search Engine Security. Click on the first link “Mobilefish.com – Show my IP“. The page will display your User-Agent string and Referer header. With the default settings, the string “slurp” is appended to your User-Agent, and the Referer header is removed. These changes are done only when leaving a Google/Bing/Yahoo! search page.
You can also enable/disable the various settings on the Search Engine Security options page to see how the User-Agent and Referer strings are affected.
 |
| Search Engine Security options |
You can install Search Engine Security for Google Chrome in the Chrome Web Store.
Leave a reply
