How do you test for SEO

In this post I mention SEO and Search engine optimization several times, I am referring here to the optimization of a website for natural search, so without paying for it showing up high in the search result lists.

While on holiday I spent some time talking to a local entrepeneur. He makes his money through his own website, we got to talking about his website and about the translations of his site in particular. Since this site was translated from Greek into English, French, German, Italian and Russian I had a quick hunch that his meta-keywords would not be in order for all the separate languages (which does not apply to all translations he made by the way).

When asked to test a site specifically for SEO, what are the things to look at? As I mentioned above, there are a few tell-tales when you start your testing, especially when the site has been translated:

  • lang – this should be set to the actual language of the page you are testing
  • meta-keywords – these should be in the same language as the lang set in the header
  • meta-description – this should be in the same language as the lang set in the header
  • Alt-text for images –  – these should be in the same language as the lang set in the header
  • page specific URL’s – should be in the same language as the lang set in the header

Please note that this is just a sub-set of what needs to be looked at when testing a site for SEO optimization.

Based on the before mentioned website I will give some examples of what to look for when testing for search engine optimizations.


Looking at the header of the Russian version I indeed saw exactly what I assumed I would see:

<html xmlns="" xml:lang="ru-ru" lang="ru-ru" >
<base href="" />
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<meta name="robots" content="index, follow" />
<meta name="keywords" content="corfu villa, villa corfu, seaside villa corfu, pool villa corfu, villa with sunset view corfu, villa rental corfu, corfu villa rentals" />
<meta name="description" content="Corfu villa. Two elegant seaside pool villas located in Chalikounas Corfu with amazing panoramic sunset view. See photos check 2010 availability and book online with our paypal secure system." />
<meta name="generator" content="" />
<title>Корфу Вилла | бассейн вилла с потрясающим видом на закат | Корфу</title>

If you look fast and are not sure what to look at this looks fine, however from a Search Engine point of view this header is a bit of a drama.

The language is set to Russian in the first line, the title is in Russian, in the Cyrillic alphabet. The SEO issue however is in between the language declaration and the title: keywords and description are in English. When a Russian is trying to find a “seaside villa in Corfu” he will probably not use the English words for it, instead the keywords used will quite likely be “вилла на Корфу с видом на море“.

Just for fun, here are the result pages for the two searches; the English search on and the Russian search on On the Cyrillic search the first page doesn’t have any links to our test site. On the English search however, the site is the first to surface, underneath the paid links. Problem I see with that result page however is, the url we get back is the main URL rather than the Russian URL.

The header of the homepage of the site is just the beginning of testing it for search engine optimization.


This being a site aimed at renting out a villa with amazing views in a fairly decadent location, it is quite visually driven. As a tester you might not pay too much attention to the images, however when testing the search engine optimization, the images should be looked at as well.

Sticking to the example of the Russian version of this site I grabbed another piece of the source code:

<div title="Corfu Villa Boxes" id="boxes">
<div title="Corfu Villa Gallery. Click to view more photos" id="left_box">
<div class="module">
<table border="0" cellspacing="0" cellpadding="0" width="100%">
<td><a href="/ru/gallery.html"><img src="/templates/corfuvilla/images/gallery.jpg" border="0" alt="Corfu Villa Gallery" /></a></td>

Within this snippet you’ll notice again an issue similar to that in the header meta-tags. The page is supposed to be in Russian, yet the title of the div is in English. The alt-tag of the image is also in English. Both of these are supposed to be in Russian in order for this page to properly be indexed by the search engines in that language. If you really want to make an effort, the image name should also be in Russian.

The useage of the images themselves, on the rendered HTML page already gave an indication that SEO and translation were not well thought through or at least not fully implemented.

Corfu villa gallery image

The text on the image should of course also have been translated. When, as a tester, you see mistakes like this on a website, this should quickly give you an idea that the SEO has not been done properly, nor quite likely will the translation of the site have been done properly. Ideally you would want the text on this image to be configurable in the CMS and be attached to the language the page is in.

Of course there are more things you have to look at when testing for SEO, however I will stop here for now.

How I, unintentionally, social engineered information out of a bank employee

I had a wonderful banking experience this week.
I was trying to move some money from a savings account to a current account, the savings account having plenty of money on it and the current account being on zero.

On my first attempt, in the weekend, there was no direct feedback from the system, so I guessed it would take till Monday for the transaction to be processed cause banks are closed over the weekend (yes that is how things work in Holland more often than you’d expect).
Monday I checked the account and no money there, on checking the transaction I found out the transaction was refused by the system without any indication why.
So I decided to try it again, without waiting for the feedback from the system cause it was now after office hours (yes I make really odd assumptions when banking, unfortunately experience has taught me that more often than not these assumptions are correct).

Next morning I check the account, no money in it. I think, that’s odd… So I check the transaction and yet again it is refused without a reason, just some inexplicable error code, which meant nothing to the helpdesk either as it turned out later on.

Being a persistent person I decided to try it once more, this time during office hours so that I could see the immediate feedback from the bank and of course could call them.

No surprise the transaction was once again refused.

On this I called the bank’s helpdesk.

I explained what was going on, e.g. that i tried transferring money from a savings account to my current account, both within this bank. To my big surprise the only identification I needed to give to the helpdesk person was the bankaccount I was transferring from, no extra verification who I am and whether I can proof that I indeed should have access to these details. Instead she asked me which of the current accounts I was trying to transfer to, naming the account numbers for me and telling me on what name they are, so that she could lookup the transaction and see what was going on.

Ever since reading Kevin Mitnick’s first book, “The art of deception” I have thought that social engineering could not be as easy as he makes it seem. Turns out it truly is. I social engineered, unintentionally, the account numbers and attached names out of a helpdesk employee of a bank. With this I could quite easily start playing around on the internet and clean out the accounts with purchases based on direct debit transactions.

The other odd thing came to me when I was told what was going on, why were the transactions being refused: we apparently never returned the original, signed contract for this savings account. I of course requested a new version of the contract to be sent to me.

On receiving it I decided to read the contract and the small print on it for a change. The smallprint contains a short section about possible wrong information on the contract, such as counter-account numbers or names and how you can adjust these. All you have to do is write the correct details on the contract, sign it and send it back.

So it turns out you can open a savings account, attach it to an account, put money on the savings account from one of the attached accounts all without ever signing the contract. On signing the contract you can change the details about the attached accounts to something else just by writing the new information on the contract and send the contract back to the bank. All by snail-mail.

On receiving the new details the bank will make the appropriate adjustments and send a confirmation (snail)mail about this to the account holder.

This sounds like a very slipperly slope for a bank to me. I was first of all shocked to notice that my details were given away so easily without verification and secondly that if someone wants, they can hijack an account relatively easily…

I did tell the bank that their verification of the caller should be changed, curious to see if they actually do…