What to do if you've been hacked.....
-
Just logged into our CMS system and it appears we have been hacked.
All page titles have been hijacked adding a secondary title tag linking out to website http://emapaydayloans.com with anchor text pay day loans.
Our Web Dev team are working on fixing the hack now. My concern is the potential knock on effect to SEO.
This looks like a bad neighbourhood site:
- 3 pages indexed
- PR 0
And for I don't know how long we've had almost every page on all our domains linking out with the following page title including the same link and anchor text:
I assume its a wait and see at this stage.
-
Thanks for the responses guys, looks like an SQL Injection.
We have cleared the import and all is back to normal. We'll be looking in to beefing up protection. Thanks for the advice. Will be keeping my eye on the traffic via analytics and watching out for messages in Webmaster Tools
-
This type of problem is really hard to fix unless you know how to do the deep scrubbing needed to get rid of the problem. If you don't scrub it properly the problem will recur over and over.
I would hire a pro ASAP.
-
if you have a paid hosting company call them and they'll run tools on your site to find any exploits.
if your traffic is holding steady you might be ok, just get those links off your site and take care of the security holes. Also your FTP write/edit permissions might need to be tightened up.
-
Fix it as quick as possible
Find any exploits you may have missed (keep WP Up to date, disable admin account, if on shared hosting check all file permissions, make sure you are using SFTP (port 22) ect...)
Monitor your traffic for drops and check web cache of Google to see if it was even indexed
If you do take a knock (which I doubt unless it was there for a while) I am not sure a reconsideration would do anything, so you will probably just have to do some damage control
(ie... get lots of social mentions on a good piece of industry relevant content)
Hope this helps
PS this can help you with hardening WP install http://codex.wordpress.org/Hardening_WordPress
Got a burning SEO question?
Subscribe to Moz Pro to gain full access to Q&A, answer questions, and ask your own.
Browse Questions
Explore more categories
-
Moz Tools
Chat with the community about the Moz tools.
-
SEO Tactics
Discuss the SEO process with fellow marketers
-
Community
Discuss industry events, jobs, and news!
-
Digital Marketing
Chat about tactics outside of SEO
-
Research & Trends
Dive into research and trends in the search industry.
-
Support
Connect on product support and feature requests.
Related Questions
-
Anyone backlinks from hacked FaceBook widgets?
I was going through my backlink profile the other day and started noticing a huge number of new back links, like 100k. Digging through them, I am seeing a lot of links that are inserted in Facebook feed widgets. You will see the link at the bottom of the widget. From what I can see, a lot of these links are all in this format, all on European domains, all running WordPress. Doesn't seem to have anything do to spamminess. Had domains that were on blacklists, some not. Anyone seen anything like this before? The only thing I can think of was maybe an automated hack bot that inserted the link when it was able to get in? E0OMJfi.jpg
White Hat / Black Hat SEO | | ShockoeCommerce0 -
UKBF 'forex' clones appearing
Hi all, Just been looking at my referring domains and it seems someone is taking the pleasure of cloning the UK Business Forums website and adding 'forex' based links on all the external anchors. This includes everyone who is listed in their directory. I've put below the domains I know of, but if anyone else knows of more please add them so we can all get them disavowed. domain:redwood96.ru
White Hat / Black Hat SEO | | phero
domain:zanier.it
domain:selskie-zori.ru
domain:gabrielloni.it
domain:reserva-ideal.com
domain:imexaf.com
domain:rassemblementpourjouy.com
domain:windsorlegion.ca
domain:powerconector.com
domain:eltallerdelorfebrewd.com
domain:aepedome.net
domain:spkvarc.ru
domain:mtdnk.ru
domain:koning.rs
domain:rassemblementpourjouy.com
domain:imexaf.com
domain:gabrielloni.it0 -
Seeing URLS indexed that we don't want how do we approach this?
Hey guys, I have seen a few pages in the SERPS that are appearing from my site, some of these pages urls are actually ajax to refresh the buttons on our site... If these are important to our site but don't need to show up in the serps results can anyone recommend anything? Should I remove the urls? Or exclude them from the sitemap? or noindex? Any advice would be much appreciated thanks
White Hat / Black Hat SEO | | edward-may0 -
Why don't I outrank this site?
Hi Mozzers, I'm mystified. Why doesn't our site www.bosphorusyacht.com (ranked 15) outrank this site www.bosphorustour.com (ranked 5 and 6) for the keyword "bosphorus cruise"? Particularly for US based searches. We have far more links, shares, higher DA and PA and more related unique content on topic. Somehow they are even appearing with double listings in this search. Why is this? Am I missing something? Any ideas or suggestions appreciated.
White Hat / Black Hat SEO | | emerald0 -
Website Hacked now it's not Ranking
One of my domains was hacked right before I took over managing it. The hacker created around 100 links for simply grotesque things. After I took over I erased the entire site, rebuilt from scratch, new server (inmotion), rewrote every page, robots.txt every offending page, and even 301 just in case 404s were hurting me. I am now almost a month in and I have seen zero movement on anything rankings based. This is not a bad domain it was registered in 2008 and has a few decent citations because of the Doc's medical license. They registered for BBB in November and have a 30 year old listing citation from them based on business establishment. I must be going crazy but it's not ranking for anything except the homepage. I didn't know Google could hold a grudge for so long. The only ranking I can sometimes achieve is through Google Places which still has to compete with tough domains. I've already put in a reconsideration request and received a response stating the following: We reviewed your site and found no manual actions by the webspam team that might affect your site's ranking in Google. There's no need to file a reconsideration request for your site, because any ranking issues you may be experiencing are not related to a manual action taken by the webspam team. Just check it for yourself I know it's a work in progress but I'm not even considered relevant on page 50! And the crap links are still indexed!! A search for a keyword I'm aiming for with my client's name followed after gives me no results. I am currently using wordpress, yoast xml, and single keyword focusses. My market is tough but no way I can not rank for the keyword and my name.
White Hat / Black Hat SEO | | allenrocks0 -
Google 'most successful online businesses'
how come this guy has all but 1 of the top ten results? (UK results - I'm guessing same in USA?) - with thin content on a spammed keyword on multi-sub domains? How can we 'white hat' guys compete if stuff like this is winning?
White Hat / Black Hat SEO | | TheInternetWorks0 -
Here's some more proof white hat SEO works
I guess this is the most logical place to share this with you. I do SEO for many sites. I've recently been focusing on two in particular for the same client. We used Netfirms SEO services to get links--he insisted--which basically consists of writing articles in broken English and placing them all over blog networks with our desired anchor text. On the other site, I simply refused to employ those services. This was the client's main site, and was way too important to mess around with. I built links myself, the legit way. Long story short, for months I watched the shady, black hat site climb and climb in the SERPs, while the white hat one kept falling. This morning, I checked my SEOmoz campaigns and my white hat site went from #8 to #2 and my black hat site went from page 2 to no longer being in the top 50. Just another example of what's been happening with Google lately and how great it is. Interestingly, the black hat site never got a warning in GWT about buying links. Now I just have to figure out a way to break the news to my boss and tell him I told him so without actually using those words.
White Hat / Black Hat SEO | | UnderRugSwept5 -
Does Google Penalize for Managing multiple Google Places from the same IP Address? Can you manage from same google account or separate? Or does it matter since it's created from the same IP?
I manage a number of client's Google Places from the same IP and heard this is not a good thing. Are there Do's and Don'ts when managing multiple Google Places? Create separate google accounts for each or can you use the same account?
White Hat / Black Hat SEO | | Souk0