Disavow links and domain of SPAM links
-
Hi,
I have a big problem. For the past month, my company website has been scrape by hackers.
This is how they do it:
1. Hack un-monitored and/or sites that are still using old version of wordpress or other out of the box CMS.
2. Created Spam pages with links to my pages plus plant trojan horse and script to automatically grab resources from my server. Some sites where directly uploaded with pages from my sites.
3. Pages created with title, keywords and description which consists of my company brand name.
4. Using http-referrer to redirect google search results to competitor sites.
What I have done currently:
1. Block identified site's IP in my WAF. This prevented those hacked sites to grab resources from my site via scripts.
2. Reach out to webmasters and hosting companies to remove those affected sites. Currently it's not quite effective as many of the sites has no webmaster. Only a few hosting company respond promptly. Some don't even reply after a week.
Problem now is:
When I realized about this issue, there were already hundreds if not thousands of sites which has been used by the hacker. Literally tens of thousands of sites has been crawled by google and the hacked or scripted pages with my company brand title, keywords, description has already being index by google.
Routinely everyday I am removing and disavowing. But it's just so much of them now indexed by Google.
Question:
1. What is the best way now moving forward for me to resolve this?
2. Disavow links and domain. Does disavowing a domain = all the links from the same domain are disavow?
3. Can anyone recommend me SEO company which dealt with such issue before and successfully rectified similar issues?
Note: SEAGM is company branded keyword
-
I'm afraid there's no easy answer. The security side is beyond the scope of Q&A (it's just too dependent on your platform/host/etc.), but locking that down is definitely the biggest and first step. Obviously, though, you can't stop third-party sites from getting hacked.
Disavow can be done at the domain level. There are some oddities, like Wordpress.com (where sub-domains act more like stand-alone domains), but for most sites, if most links are malicious, lock down the entire incoming domain.
Make sure your core links are clean. If you have a solid base of links, and you're not dealing with a lot of quality issues, it's tough for these kinds of hacked links to cause as much harm. Google knows this happens. Unfortunately, if your core link profile is a mess or week, then it's a lot easier to take damage. So, this is a battle on two fronts - stop the attack and, at the same time, clean up your core link profile and strengthen it as best you can.
There are a lot of link removal tools now, but honestly, they're a starting point. You need to dig in and evaluate what they give you, so that you're not taking out links that are potentially good. Right now, this is a labor-intensive process, I'm afraid.
-
Hi Andy,
Am currently gathering data from Webmaster Tools.
No, I didn't get any manual actions message from Google.
I do have a list. Am trying to use Kerboo (LinkRisk) to manage it. However, I have little time to do this.
-
Hi,
2. Disavow links and domain. Does disavowing a domain = all the links from the same domain are disavow?
Yes, I would be disavowing at a domain level (not even subdomain) with a view to blocking everything you find.
How have you been gathering link data? Webmaster Tools? Ahrefs? Majestic? OSE?
Ideally you need to create one master list of everything you can find and start from there. It isn't going to be a quick fix though because if you have been caught by Penguin, you wont get out of any penalty until it is re-run again. All you can do is prepare for when that run happens.
If you haven't yet been caught by Penguin, then you would be saving yourself a lot of worry by getting this resolved before the next refresh happens.
-Andy
Got a burning SEO question?
Subscribe to Moz Pro to gain full access to Q&A, answer questions, and ask your own.
Browse Questions
Explore more categories
-
Moz Tools
Chat with the community about the Moz tools.
-
SEO Tactics
Discuss the SEO process with fellow marketers
-
Community
Discuss industry events, jobs, and news!
-
Digital Marketing
Chat about tactics outside of SEO
-
Research & Trends
Dive into research and trends in the search industry.
-
Support
Connect on product support and feature requests.
Related Questions
-
Which domain we should continue with?
Hello All, We are working with a client who had manual penalty from Google. We worked on that and now penalty has been removed. Client had already started working on the new domain and now the big dilemma is- Which domain should we continue with? Old or New? We are suggesting them to continue with the old one as that domain had good PR, good backlinks, better visibility on their social profiles etc. What do you suggest? any inputs are highly appreciated. Thanks
Technical SEO | | sachin-sv0 -
How long before I can use a redirected domain without taking back link juice?
We recently moved our website to a new domain that better matched our brand. I want to use the old domain at some point for another aspect of our business. How long after we do the domain redirect will it be safe to use the old domain again--without affecting the seo of the new domain? Thanks! Harriet
Technical SEO | | zharriet0 -
Disavow Issues
Hi We have a client who was hit by Penguin about 18 months ago. We disavowed all the bad links about 10 months ago however this has not resulted in an uplift in traffic or rankings. The client is asking me whether it would be better to dump the domain and move the website to a fresh domain. Can you provide thoughts / experience on this please? Thanks.
Technical SEO | | EffectiveSEOUK0 -
Redirecting a questionable domain to a trusted domain
I have a question!
Technical SEO | | FDFPres
We have 2 domains operating within the same retail sector. One of them is for our bricks and mortar business and the other is a new brand we launched as a nationwide e-retailer. We aggressively built links for the new one and achieved some very good search positioning, where we remained for about 4 months until the google updates of the first half of this year started biting. The domain never received a warning from google or anything, but the links have clearly been devalued to a point where the domain is now virtually buried for the most competitive terms. However, the domain does still get around 100-200 visitors per day, and has a DA of 38. We're thinking about a reshuffle that would involve putting the products in to our brick and mortar business website, and redirecting the brand domain to the bricks and mortar domain. Thank you for reading this far! the question is then, is there a danger of the bricks and mortar domain being tarnished by this? as i said the brand domain hasn't had any notices of penalty from google but it has definitely been hit by updates.0 -
Self-referencing links
I personally think that self-referencing links are silly. It's blatantly easy for Google to tell and my instinct says that the link juice for this would simply evaporate rather than passing back to itself. Does anyone have information backing me up from an authoritative source? I can't find any info about this linked to Matt Cutts, Rand or any of those I look up to.
Technical SEO | | IPROdigital0 -
No results with Link Analysis
So I have been working with a domain since November last year that still shows no improvement in regards to the link analysis. I am baffled because we have gotten them onto the first page on Google for a few of the keywords we are optimizing. Any help with this is greatly appreciated and I am a noob so definitely open to learning. Thanks in advance to all of you. Domain in question - www.modernportablerefrigeration.com Domain is currently on a shared server if that makes any difference. Cordially, Todd Richard admin@richfinn.org
Technical SEO | | RichFinnSEO0 -
Too many on page links
Hello I have about 800 warnings with this. Example of one url with this problem is: http://www.theprinterdepo.com/clearance?dir=asc&order=price I was checking and I think all links are important. But I suppose that if I put a nofollow on the links on the left which are only for navigation purposes I can get rid of these warnings. Any other idea?
Technical SEO | | levalencia10 -
Is this seen as a Link Exchange
If i give a self serve banner ad to someone on my blog or a image with a link and they give me a text link ad is that in googles eyes a link exchange or a one way link.
Technical SEO | | DavidKonigsberg0