Manufacturers, Stop Breaking Website Links

JH
John Honovich
May 10, 2016
IPVM

A short message to manufacturers and companies out there. We've seen this happen with lots of big names, including repeatedly, Bosch, Milestone, Hikvision.

When you create a web URL, like example.com/my-super-product, that web URL should always return a valid web page. Unfortunately, lots of companies break URLs when they discontinue products or change marketing, or worse, revamp their websites.

Here is an example that triggered this notice.

ONVIF used to have products categorized as 'Archived'. These were ONVIF 1.x products that were no longer current and were less likely to work but had previously been tested / submitted for conformance.

In the past year or so, ONVIF decided not to recognize any products as 'Archived'. That is fine and certainly reasonable.

The problem is if you go to the URL where ONVIF used to show the directory of Archived products, you get this:

Bad.

What ONVIF should have done is changed it to a short notice explaining the change they made. Instead, the visitor, unless they know this low level information, is confused as to what happened - did they make a mistake? Is the server down? etc.

So please, everyone keep your links working.

And, special notice to companies like Hikvision and Milestone who regularly change their website template, always use 301 redirects to ensure visitors can seamlessly move between old and new URLs.

Thanks.

(5)
(1)
Avatar
Brian Karas
May 10, 2016
IPVM

For any major company to throw a "raw" 404 error like that is just crazy.

You can use a basic page that at least gives the reader a more parseable response, and hopefully a way to find what they were looking for.

IPVM's 404 page allows you to enter a search term, which is pretty nice.

Throwing 404's like that can also negatively affect SEO results.

(1)
U
Undisclosed #1
May 10, 2016
IPVMU Certified

Throwing 404's like that can also negatively affect SEO results.

To be sure, and as far as SEO is concerned, throwing a raw 404 is no worse than throwing a cooked 200, even if more parseable.

(1)
Avatar
Brian Karas
May 10, 2016
IPVM

Most SEO's I know disagree.

In a vacuum, a 404-page does not penalize SEO, but a previously indexed page that has been moved (eg: implying it still has value) without a redirect will typically reduce find ability. In the very least for a short time until it gets re-indexed, but possibly longer-term if the page doesn't have a lot of inbound links.

You'll also lose net SEO benefit because other pages that link to the now 404'd page will no longer be contributing to your rankings.

If the page was for something that is no longer needed (eg: product specs for your betamax VCR's), then sure, you don't have much to worry about.

JH
John Honovich
May 10, 2016
IPVM

The bigger SEO issue is more basic. If a manufacturer has a product page for 'Widget XYZ' and they change the URL without a redirect, the search engine may either continuing pointing to wrong spot or not know where new page is. I've seen this over and over again where, e.g., I have to get Hikvision data sheets from some random Polish reseller.

(1)
U
Undisclosed #1
May 10, 2016
IPVMU Certified

I agree totally. You should server side redirect or url rewrite whenever modifying your site structure.

My point was only that if your links are broken, in regards to SEO, it doesn't really matter what you error code you return. Whether you have a more parseable page with a search box or hex dump, your ranking suffers because Google can't associate the content with the referrer.

Personally, I think returning a 404 is best practice when the URL is not found, that's what it was made for! It makes things easier for scrapers like me.

Also, to point out that Google doesn't directly penalize 404s, though a lot of people are under that misconception.

Avatar
Mark Kirkeby
May 11, 2016

found one tonight

 

then while trying to post this,the site became inaccessible extremely slow and mostly unavailable, after a few minutes it finally came back online

 

JH
John Honovich
May 11, 2016
IPVM

Mark, thanks!

We'll get a redirect inserted for that discussion URL structure.

The heavy load was temporary last night. Sorry for the inconvenience.

JH
John Honovich
May 12, 2016
IPVM

Mark, we added a redirect for that.

This was the bad URL http://ipvm.com/video-surveillance/topics/mac-users-what-tools-do-you-use-for-your-video-surveillance-job. It now automatically redirects to the correct one. Thanks.

JH
John Honovich
May 10, 2016
IPVM

Btw, am I reading this right? ONVIF's website says they are on ASP.NET Version:2.0.50727.5483.

ASP.NET version 2 was released 11 years ago and ASP.NET is now on version 5.

How could they be that out of date?

U
Undisclosed #1
May 11, 2016
IPVMU Certified

Actually this particular version, 2.0.50727.5483, did not appear before 2008 at the earliest, (confidence level 75%).

Which is the year ONVIF coincidentally started... Maybe it's been running on Martin's PowerBook all these years...

Btw, ONVIF may be sharing IT services with its sister NPO's, which are all managed by Inventures.

If you ever thought this address looked familiar

2400 Camino Ramon, Suite 375
San Ramon, CA 94583

you probably have; one of their more famous roommates is the Zigbee Alliance, probably right down the hall.

Search the address and you can see it's just a Mecca of Alliances...

JH
John Honovich
May 11, 2016
IPVM

I believe that. That still makes it 8 or so years old.

The bigger issue I found with the ONVIF site, is that it's very simplistic. Take their Profile Products search. There's no way to get direct links to results (e.g., just show all clients that are profile G or all devices that are profile S, etc.). There's a huge list of manufacturers and no way to type in text to filter manufacturers. There's no way to know what is new or review details without exporting everything, etc.

U
Undisclosed #1
May 11, 2016
IPVMU Certified

Btw, the low-level Apache exception is not totally useless; hackers love it!

JH
John Honovich
May 11, 2016
IPVM

Lol, I never said it was useless but I do agree that it does present a risk in that such low level information makes it easier to spot known vulnerabilities for those systems / versions.

U
Undisclosed #1
May 11, 2016
IPVMU Certified

Can Hik just stop copying Axis for once?

Running a couple of micro versions behind, of course...

JH
John Honovich
May 26, 2016
IPVM

Just noticed that Avigilon broke all their press release links in the past half year. It is strange how common this happens.

New discussion

Ask questions and get answers to your physical security questions from IPVM team members and fellow subscribers.

Newest discussions