RFC: Defensive SEO Strategy for Gno.land

[moul]

Gno.land enables permissionless content creation, and while we have moderation tools, SEO metadata is largely invisible and unlikely to be a priority. This creates a risk where bad actors could manipulate metadata to harm Gno’s reputation, making it crucial to focus on risk mitigation first rather than aggressive SEO optimization. A recent example is #3797, which introduced front matter support for custom metadata, improving visibility but also increasing exposure to potential abuse.

Before optimizing for search rankings, we need to ensure search engines can distinguish between Gno.land’s main pages and user-generated realms, preventing harmful content from affecting the platform’s reputation. Should we roll back or restrict some of the changes in #3797? How can we limit risk without restricting permissionless content? The priority should be protecting Gno.land’s credibility before considering any proactive SEO efforts. Let’s discuss.

[alexiscolin]

Thank you @moul, for bringing this topic to our attention. I agree that UGC can pose a threat to our platform. It might be helpful if @kristovatlas could list the potential issues we could face, so we can determine the best ways to address them. I personally see some of them as: SEO bombing, dilution of site authority, scam, phishing attacks...

Regarding UGC on websites, specifically metadata: on platforms such as Medium or dev.to (with rendered content), meta titles and descriptions are either derived from the H1 title/first paragraphs or are manually added in a dedicated field (e.g., in a CMS). But none of these approaches fully guard against scams or malicious content IMO.

Also, let's keep in mind that SEO isn’t solely about title and description metadata, the page’s actual content typically plays a much larger role. While there’s no official or universally agreed-upon figure, we can estimate that around 30% of SEO impact comes from metadata, while about 70% is driven by the page’s actual content.

Below are some ideas on how we might retain UGC in our metadata (thus improving SEO, UX, and accessibility) while still protecting gno.land:

• Prefixed Titles/Descriptions
  Add a warning or note for any unofficial realm, such as: User Post: [My Title] — gno.land. Same idea in the meta description.

• No write rule on metadata
  More restrictive and less UX but without reverting the entire feat(gnoweb): add metadata to md content #3797, we can remove the markdown portion (user-generated) and retain the new default metadata. Some optimizations are welcome and harmless, and the default metadata (no custom) for each layout can be used across every realm. But it's not a silver bullet again SEO attacks.

• Visible "Badge" or "Banner"
  Display a clearly visible “User Contribution” badge in the rendered view to help distinguish user-generated pages and reduce scam risks. That will help Search Engine (but ALSO user) to understand the page is user generated.

• SEO Measures

  • Use rel="nofollow ugc" on all outbound links from user-generated realms, preventing the passing of domain authority to external sites.
  • Include JSON-LD metadata (e.g., description, isPartOf, about) to clarify that the content is unofficial.
  • As a more extreme approach, (while preserving user experience and accessibility) we could consider using noindex, nofollow on all unofficial realms. None would be tracked by Search Engine
  • Another radical approach: using a dedicated subdomains for official and unofficial content can help separate gno.land authority from user generated content ones. But it comes with other strategy, UX and tech challenges.
  • Blacklisting malicious links in addition to using nofollow attributes on user-generated content can also help maintain a healthy link profile, protect site authority, and reduce scam risks.

• Spam Reporting
  Beyond metadata idea, we might consider adding a “Report Spam” button to gnoweb.

• External tools
  We can leverage tools like Google Search Console (indexing, security alerts), Ahrefs/SEMrush (backlink monitoring, SEO analysis), and Cloudflare/Sucuri (WAF protection) to detect and mitigate SEO threats.

These are just initial suggestions. I’ll keep researching other options to ensure both security and a positive user experience.

[moul]

Created this PR #3924. Then we can take more time to consider SEO optims.