https://www.TheeDigital.com | TheeDigital, formerly known as TheeDesign specializes in web design and SEO for local businesses in the Raleigh NC area.

Learn more about our variety of internet marketing services at https://www.TheeDigital.com/internet-marketing

Schedule your free SEO consultation today at 919-341-8901.

Whenever you Google terms like hotels, you may end up seeing sites like hotels.com at the top. And this may make you think that, “Hey, I need to go out there “and spend a ton of money to buy one of these “exact match domains where the exact keyword “that I want to rank for is the domain name.”

RESOURCES & LINKS:
____________________________________________
Ubersuggest: https://neilpatel.com/ubersuggest/
____________________________________________

Well, hotels.com is a little bit of an anomaly and most of us, including me, we can’t replicate that because we just don’t have enough money. If you go to hotels.com, you’ll quickly see it’s a very large corporation. They run tons and tons of caveats. They’re owned by Expedia Group, which is a multi-billion dollar publicly traded company.

So, yes, hotels.com is able to rank really well because they have the exact match domain name, but they’ve also created a brand around hotels.com. And here’s what I mean by this. If you Google for most generic terms like nurse, you’ll find that nurse.com isn’t ranking number one, it’s actually ranking number three.

You have Nursing World that’s number one, then Wikipedia, then you have nurse.com, and then Medical News Today, and the list goes on and on. What you’ll end up seeing is if someone’s Googling your domain or the keyword, which is the exact match of your domain, and you don’t get a lot of clicks, it actually can hurt your rankings.

Here’s what I mean by that. If you go look at my analytics here for neilpatel.com, I’m getting roughly 4.43 million clicks from Google in the last 28 days. One of my most popular keywords is Ubersuggest. Another one is Neil Patel. When people are Googling Ubersuggest, 81% of people are actually clicking on my website. So when people Google for terms like Ubersuggest, you’ll see I have the indented listing and then they’ll click on my listing.

But what most people don’t realize is if a lot of people skip this listing here and they went to number two or number three, what would that tell Google? It would tell Google that, “Hey, this neilpatel.com website “isn’t as relevant towards this keyword. “A lot of people are skipping over it “because they don’t like it. “They don’t want to click on it.”

So if everyone skipped over my listing, and they’re not, because as you can see here, I’m at 81%, but hypothetically imagine if everyone skipped it, it would tell Google, “Hey, this site shouldn’t rank at the top. “People don’t like it as much.” So then they’ll start pushing up the other sites higher and higher up, which can hurt your rankings.

Now, the point of me breaking this down to you and telling you this is most people are like, “I want a generic domain.” Well, unless you have the ad budgets of the Expedia’s or the hotels.com, it doesn’t work that well because you’ll end up being in the same position as nurse.com.

And if a lot of people are Googling your domain name but they’re not clicking on your listing, let’s say if only 20% of people actually clicked on your listing instead of that 70, 80%, what you’ll find is your rankings for all your other pages won’t do as well, because it’s telling Google, “Hey, this site doesn’t have strong brand loyalty. “People don’t love this brand.”

If you have a strong brand like a Nike, you’ll start ranking better for all the other terms out there like shoes and apparel and stuff like that. Just like with me on neilpatel.com, I rank for terms like SEO. You know, I may not be number one for every term, but I’m still at the top. So I’m here number four. And I also rank, or number five, Moz, Moz, Search Engine Land, Google, than me. And I also rank for many other terms, like if I go type in online marketing, you know, I’m number two.

And the reason I’m ranking for a lot of these terms is because I have strong click-through rate for many of my other pages. But if your brand, like your brand, my brand is Neil Patel and Ubersuggest, because I have a app called Ubersuggest, and my name is Neil Patel.

If people aren’t clicking through when they’re searching my brand, it tells Google that I have low brand loyalty, which hurts my rankings on my overall website.

So if you’re going to pick a domain name, don’t pick a exact match domain name.

It’s fine to have your keyword in the domain, but you don’t want your domain name to be a quote-unquote, “Generic keyword,” because it can hurt your overall rankings.

00:00 – Introduction
00:31 – Google Domain
01:55 – Google Search Console – Analytics
03:11 – Generic Domain
04:22 – Reason Why I´m ranking on a lot of terms

► If you need help growing your business check out my ad agency Neil Patel Digital https://npdigital.com/

►Subscribe: https://goo.gl/ScRTwc to learn more secret SEO tips.
►Find me on Facebook: https://www.facebook.com/neilkpatel/
►On Instagram: https://instagram.com/neilpatel/

https://youtu.be/z5P68CSI2BY

#SEO #NeilPatel #DigitalMarketing

So you’ve heard that EMD’s are easy to rank, but how do you actually do it? We walk you through exactly how to take advantage of exact match domains for SEO wins.

This clip was taken from Live SEO Support – Our weekly Livestream where you can ask your most pressing SEO questions in our Facebook Group or on YouTube and have them answered live by Nick and Chris.

Be sure to check the links below and join us next time!

Our Recent Case Study Ranking an EMD:
https://sirlinksalot.co/4-month-link-building-case-study/

Shop Domains for SEO:
https://sirlinksalot.co/aged-domains/

Join the SEO Round Table to Take Part (Facebook Group):
https://www.facebook.com/groups/SirLinksalotSEORoundtable/

Past Live SEO Support Broadcasts:
https://sirlinksalot.co/live-seo-support/

Link Building Services, SEO products, and SEO Learning Resources:
https://sirlinksalot.co/

Our SEO Blog:
https://sirlinksalot.co/seo-blog/

The best SEO Podcast… In the Universe!
https://sirlinksalot.co/seo-podcast/

00:00 – Introduction
01:00 – Start of nmap
02:00 – Taking a look at the web page, finding users on the site, and using FFUF to VHost Enumeration due to talking about a store
04:25 – Fingerprinting the websites, dev looks to be PHP and the main page appears to be Vue
07:55 – Exploring the vue app in Firefox Dev Tools, discovering some routes in the webpack which lead to an API
11:50 – An JWT error message is displayed when accessing some API Pages, removing the token and bypassing authentication
13:10 – Explaining why the web application skips authentication when a cookie is not present, and showing how similar it was to the OMIGod Vulnerability
15:40 – Extracting all users from the page and then using curl to save the hashes to a file. Use CrackStation to crack hashes and get a cred
21:20 – Logged in as Christopher.Jones, checking the Online Store Status link which is vulnerable to SSRF
23:45 – Using FFUF to fuzz for all possible ports and using a bash trick to create a wordlist based upon a range of numbers without creating a file
29:40 – Discovering some API Documentation on a page on port 3002
31:10 – The API all-leave page uses awk, and we can abuse this binary to perform a file disclosure vulnerability if we can poison user names.
33:40 – Using hashcat to crack our JWT
35:30 – Creating a python script to generate JWT’s which allow us to exploit awk and exfil files off the server
42:00 – Python script completed, leaking some files and discovering a unique file in a users .bashrc
48:00 – Having trouble exporting the backup file, and modifying our script to write binary files which allow us to download the tar.gz backup
54:00 – Discovering bean’s credentials in his xpad directory and logging in
56:20 – Running a process list on the box shows inotify is watching an interesting file that is only writable by www-data
59:40 – Looking for system() calls in the PHP app and discovering a sed command. We can exploit this like we did awk to get code execution without any bad characters. Having trouble getting this to work.
01:11:10 – Taking it slower, discovering our mistake and getting code execution
01:14:00 – Reverse shell as www-data. Modifying the file and trying to find out what happens
01:18:10 – Running PSPY, since it will be more thorough than our PS Commands and discover we can inject into the mail command
01:24:30 – Got our command execution working and shell returned as root
01:25:30 – Getting shell as www-data was unintended, showing the intended way of doing this which involves the leave-request page and symlinks
01:32:00 – Cannot poison our JWT and get code execution because of bad characters
01:38:30 – There were directories chmod’d to 777 that the application wrote to. We can use symlinks here to point to other files and have the webserver write to another file
01:40:50 – Showing why we need to create a new product to place our malicious payload
01:44:00 – Reverse shell returned the intended way, and then showed we definitely needed the ! which is a bad character
01:47:40 – Extra content! Showing a more in-depth look at why removing the cookie bypassed auth. By loading the code locally and running it in VS so we can properly debug and step through it
01:49:30 – Explaining and showing why the application should have had an authentication function so there was less duplicate code in each function, which makes it easier to patch