4 technical SEO issues auditing tools won’t show you
People have discussed the benefits and drawbacks of using technical SEO tools throughout the history of SEO. Relying on auditing tooltips isn’t the same as a genuine SEO strategy, but we’d be nowhere without them. It’s just not viable to hand examine a dozen errors on each page.
Many new auditing tools have been developed for the benefit of the SEO sector in the last decade, and a few of them have emerged as industry leaders. These few technical auditing tools have done us a big favor by constantly improving their capabilities, allowing us to better serve our clients, bosses, and other stakeholders.
Even the greatest auditing tools, however, cannot detect four critical technical SEO flaws that might jeopardize your SEO efforts:
- Canonical to redirect loop
- Hacked pages
- Identifying JS Links
- Content is hidden by JS
Some of these faults may be detectable by tools, but they aren’t prevalent enough to cross their desk. Other flaws would be impossible to discover with instruments.
As with many SEO concerns, some issues may affect sites differently depending on the context. As a result, most tools will not emphasize this in summary reports.
Before we get into the specific concerns, there are two prerequisites that must be met.
Your web crawling tool of choice
Even while most tools will not detect these flaws by default, we can usually make some changes to assist us to detect them at scale.
Some tools that you could use include:
- Screaming Frog
The most important thing we need from these tools is the ability to:
- Crawl the entire website, sitemaps, and URL list
- Ability to have custom search/extraction features
Google Search Console
This should go without saying, but if you don’t already have it, get Google Search Console access for your technical SEO audits. You will need to be able to access a few historical reports to assist us in identifying potential difficulties.
Issue 1: Canonical to redirect loop
A canonical to redirect loop occurs when a webpage has a canonical tag that points to a different URL and then redirects to the original URL.
This is an uncommon problem, but it has caused significant damage to the traffic of a prominent brand.
Why this matters
Canonicals offer Google the preferred URL to index and rank. When Google identifies a canonical URL that is not the current page, it may begin crawling the current page less frequently.
This implies that Google will begin crawling the 301 redirection pages more regularly, delivering a form of loop signal to their Googlebot.
While Google allows you to declare a redirected page the canonical one, having it loop back to the previous page sends a mixed message.
This has happened to some well-known companies. One recently asked me to look into why one of their major sites wasn’t generating the traffic they expected. They had spent a significant amount of money on SEO and had a well-optimized page. But there was one problem that stood out like a sore thumb.
How to detect canonical redirect loops
Even though this issue will not display in any standard auditing tools‘ default summary reports, it is relatively straightforward to locate.
- Use your favorite technical SEO auditing tool to do a normal crawl. Crawl sitemaps in addition to a typical spider crawl.
- Export all of the canonicalized URLs from your canonical report. Not the URLs crawled by the program, but the URL in the canonical tag.
- Run a fresh crawl with that URL list and examine the response codes report with this canonicals list. All answer codes should return a status code of 200.
Issue 2: Hacked pages
Profiting from hacked websites is not a new subject. Most experienced SEOs have seen websites that have been hacked in some way, and the hackers have engaged in nefarious actions to either create harm or earn profit for another website.
Some examples of typical SEO website hacking include:
- Site search manipulation: This occurs when a website’s search pages are indexable. A malicious person then sends a ton of backlinks to their search results page with irrelevant searches. This is common with gambling and pharma search terms.
- 301 redirect manipulation: This happens when someone gains access to the site, creates pages relevant to their business, and gets those indexed. Then they 301 redirect them to their own websites.
- Site takedowns: This is the most straightforward attack when a hacker manipulates your code to make your website unusable or at least non-indexable.
There are several sorts of site hacking that might negatively impact SEO, but the most essential thing is to maintain appropriate site security and make daily backups of your website.
Why this matters
The most crucial reason why hacking is bad for your website is that if Google finds that your website has malware or is engaging in social engineering, you may face a manual action.
How to detect hacked pages
Fortunately, there are several technologies available to not only reduce hacking threats and efforts, but also to detect whether your website has been hacked.
However, the majority of these programs just search for malware. Many hackers are skilled at hiding their footprints, but there are techniques to determine whether a website has been hacked for financial benefit in the past.
Use Google Search Console
- Examine the report of the manual action. This will notify you if the site is currently under penalty.
- Examine the performance report. Look for any significant increases in performance. This might show when a change occurred. Check the URL list in the performance report most essential. Hacked URLs might be noticeable! Many of them are on unrelated topics or are written in a foreign language.
- Check the coverage report. Look for any big changes in each sub-report here.
Check website login accounts
- Examine all users to see if there are any strange accounts.
- Check for recent activity on your website’s activity log.
- Ensure that 2FA is activated on all accounts.
Use online scanning tools
Several technologies will check your website for malware, but they may not inform you whether it has already been attacked. A more comprehensive approach would be to visit https://haveibeenpwned.com/ and search any website admin email addresses.
This website will inform you whether those emails were subjected to data breaches. Many individuals reuse their passwords for everything. Weak passwords are frequent in large enterprises, and your website may be susceptible as a result.
Issue 3: Identifying JS links
Why this matters
Unfortunately, browsers do not expose the actual code in the DOM, so we cannot just search for “onclick” or something similar. However, there are a few typical forms of code that we may look for. Just make sure to double-check that they are indeed JS URLs.
- The button tag is commonly used by developers to initiate JS events. Don’t assume that all buttons are JS links, however, recognizing them may aid in narrowing down the problem.
- data-source: This loads a file in order to utilize the code to perform an operation. It’s typically utilized within the JS link and can assist in narrowing down the problems.
This is one of the most awful problems that websites face. They have a lot of great stuff to offer, but they want to condense it so that it only appears when a user engages with it.
In general, marrying strong content with good UX is ideal practice, but not if SEO suffers. For problems like these, there is generally a workaround.
Why this matters
Google does not click on anything on websites. As a result, if the content is concealed behind a user action and is not available in the DOM, Google will not find it.
This is a little trickier and needs a lot more manual review. You must personally check all concerns discovered, just as you would with any technical audit provided by a program. The following suggestions must be carefully validated.
To verify, simply examine the DOM of the webpage and see if you can see any hidden content.
To find hidden content at scale:
- Start a fresh crawl using a custom search: Use the methods I described in identifying JS connections.
- Check the word count on the scale: Examine all pages with low word counts. Check to see whether it checks out, or if the page appears to need more words.
With practice, we learn to utilize them for what they are: tools.
Tools are not intended to drive our strategy, but rather to assist us in identifying challenges at scale.
As you uncover additional unusual concerns like this, add them to your audit list and keep an eye out for them in future audits.