Welcome to the Q&A Forum
Browse the forum for helpful insights and fresh discussions about all things SEO.
Well, advertising on Yelp would certainly increase their visibility on that platform. But reviews are done on an entirely voluntary basis. So in short, no.
If you look at a review as a potential ancillary benefit of advertising on Yelp, then they might not be disappointed.
I'm just going to leave this here. ; ) It would seem that all of the typical means of citation can be recognized as such. Perhaps too readily?
Ah, I was wondering since they may have entirely different pricing based upon who you talk to.
So, on an invoice, do you or the client pay Incapsula or SiteLock?
All of the header checks I've done come back with Incapsula. I don't really want to get much further into that for a number of reasons. But if you're actually paying SiteLock that's pretty interesting.
But you're saying the site ranked for it's brand term, at least, before implementing either SiteLock or Incapsula?
The site is using Incapsula as a CDN and web application firewall. The site still has a timthumb file. So I wouldn't recommend stepping out from behind that right now.
A wildcard search on the domain yields a lot of spam backlinks. Check ahrefs.
The entire site appears to index fine. As Patrick pointed out, it appears some of the pages in the index aren't https. But I don't know when you made the move, so things may be chugging right along.
The issue is ranking. But I know what you mean.
So what we have is (not all bad, per se - just what I see):
No doubt, you're going to have to disavow the bad links. Take down requests are nice and all, and you should note them in your disavow submission, but you don't have to manually contact each individual link/domain. It's not really a fire-and-forget process. You can submit it more than once.
I would bet a shiny nickle the attack/hack exploited the timthumb file. The site still uses it. Stop using it. Find an alternative. All it does is resize images.
The https migration (redirects... etc.) is just a confounding factor.
After you've removed the timthumb file, request a security review. Also consider the site may still have issues from the hack. So fetch as google from Webmaster Tools. If you see anything different than the real page, you still have a problem.
Read a little more about recovering from a hacked site here. I think that's more than likely the core of the problem right now.
I think Incapsula is throwing the false noindex tag. But yeah, that's just how Incapsula do. The home page shows just fine with a site: operator.
Judging by the anchor text I see pointed at the site... and the Timthumbs.php file... the site was very very hacked at some point.
Edit: Yep. It was hacked until late last year.
Looks like that, or some approximation thereof has you sorted. I would just like to add that you should keep an eye on Webmaster Tools.
I'm hesitant to say; "Do X." because I'm not really sure what will happen - with the redirect plugin in the mix. I imagine a lot, if not all of the subdomain folders and pages have already been redirected via the plugin. So I imagine the path of least disaster at the moment is just redirecting the subdomain (sub.domain.com) to the main domain (www.domain.com) alone.
I could be totally wrong, but this one is weird.
Test out the rule and then push live. Here is the code to redirect just the subdomain to just the www domain:
RewriteCond %{HTTP_HOST} ^blog.domain.com$ [NC]
RewriteCond %{REQUEST_URI} ^/?$
RewriteRule .* http://www.domain.com [R=301,L]
Double check it, triple check it and then push live. Keep a very close eye on it. I really hope we don't end up with a loop.
This particular situation won't sort itself out. There's a sub involved and I suspect it's a rewrite rule that shouldn't be there. The developer appears to be somewhat sophisticated as they're using X-FRAME-OPTIONS in a way that doesn't allow iFrames to work outside of the domain.
So who knows what goodies await in .htaccess. 
Okay, here's what I got:
The plugin supposedly operates independently of .htaccess. So taking that at face value, I don't think you're going to get what you need out of the plugin.
I would imagine the .htaccess file is much the same as it was when the site launched, or when it was last modified by the developer. So that file is likely going to need editing to achieve what you need. However, that file isn't something you just want to play with in a live environment.
And it's not something anyone in their right mind would blindly say; "Yeah just copy and paste this rule!"
I would talk to Dale and see if he has a block of free time coming up.
You mentioned in the above thread that you're using a redirection plugin. What is it's name? Beyond that Yoast and All in One both allow you to edit htaccess entries. (I despise that feature, btw.)
I'm going to guess that you have something that looks like this in your .htaccess file:
RewriteRule ^blog/$ http://blog.website.com [L,NC,R=301]
WARNING
You can knock your site down with the slightest syntax error when you mess with the htaccess file. Proceed with caution.
Let us know what you find.
It was kind of humorous, at first. It's now showing as returning organic traffic. Direct link to screencap from the original post:
Thanks, but it's just some entrance keyword data. Kind of funny at that. Sure, the spam can increase. But I can set a segment as well as any other. I have extra profiles for filtering fun, if things get 'pucker worthy'.
Yeah... the traffic is annoying. But seeing this (attached image) in my GA was pretty funny. Obviously it was only a couple hits. I thought it was pretty cute in comparison to the other actions.
Well, it looks like they went dark. No response to email or calls. I even developed a child theme for them.
Ah well, now to contact their competitors. I'm not doing that out of spite, rather I found an interesting situation. I would very much like to see how something like that changes things.
A few CSS tweaks, a banner redesign, and I can have my case again. Fortunately there aren't any contractual obligations involved with the first instance.
I'm in the middle of a freebie deal for a mom & pop, simply because all of their local competitors aren't 'mobile friendly'. They aren't in the most affluent area, and rely on foot traffic, so it's safe to say that mobile results are critical. Hopefully I can get everything launched soon.
I'm not promising them the moon. I've made my motivations clear. It's a bit of my own curiosity mixed with the warm fuzzies I get from turning the 'little guy' into a beast among 'little guys'.
I'm certain there are measurable ways to be 'mobile friendlier than thou'. I just don't think it would be terribly ethical to knowingly hold back with a 'live subject'. Ah well, I'm sure there's something in there for IMEC.
I was thinking about the iframe passing juice. Apparently that was 'confirmed' a few years ago, but I never messed with it. It seemed kind of silly to rely on it, since it could be so easily detected. I don't know if the tactic has been 'disproved' and they're spinning their wheels.
I wonder what would happen if they fixed the non-www DNS failure?
Other than that, I think I see 'slow drip' link building.
But given that the home page seems to do better than any of the other pages I've seen, it may be safe to say the iframe tactic might work a little. The site's overall visibility appears to have steadily increased over the last four or five years.
Another possibility, and I wouldn't doubt they've tried it, is CTR bots.
I guess we should look into other domains that refer to |-| /\ppy flow eye tea.
