Hacked Server IP Range Penality?
-
I use a justhost.com reseller account to host about 15-20 of my own websites. None of the sites are related, nor do I interlink or do anything blackhat with any of them. All of the sites have unique content. Some of it isn't great, but I didn't use a writing service on any of then, it was all written by myself.
Recently I found a list of my sites (as well as about 200 others hosted by justhost) on a hacker website that listed the cpanel usernames. I alerted the host and the issue is being fixed. I am changing all of my usernames and passwords for all of the sites.
Anyway, I recently took a look at some analytics and rankings and noticed that I lost a lot of my rankings on a handful of those sites recently. I know there was the big de-indexing of junk blogs recently, but I don't think that is the case. I can still find all of my sites in Google, they are just out of the first 50 results, when a majority of them were ranked from 5-20 in the SERPs.
Here are three of the sites and their phrases:
http://nintendoconsoles.com/ "nintendo consoles" - This domain I bought from someone so there could be some sort of sandbox period for it.
http://webhostingfordrupal.com/ "web hosting for drupal" - This was a new register.
http://seotirical.com "seotirical" - we don't show up, but all of the tweets and links to us do. - This was a new register.
I realize these sites aren't perfect, and might not have been ready for the first page. The Nintendo site is about 3 months old, but the Drupal site has been around for 8+ months. I might try adding a fresh piece of content tonight to see if that helps, but I thought it was curious that it happened across the board with about 5-6 sites on my one reseller account. I don't even know if the top portion of this post has anything to do with the problems, but I thought I'd see if anyone has insight.
Cheers,
Vinnie -
Shane,
Thanks again for the response. I agree those pages aren't the strongest, and don't have a ton of great content. A few of my other sites have more than 2-3 articles, and the content is rich with media.
I guess time and content will tell. If after a few weeks of adding some new content and building a few links nothing has improved, I will start to worry. It just seems shocking that one of my sites that has been holding the 6th position for it's exact match phrase (and has some links/social) dropped completely out of the top 50.
The sites and pages are still indexed, but only come up when you search the exact URL.
Vinnie
-
by hit, do you mean de-indexed or just bumped down aggressively?
Cause the ones you gave seem to be affiliate sites, with thin content, and light design elements, so I can definitely see how these could have been devalued.
Here is the reason I am pretty sure it is not a "Hack Penalty"
First, I am not sure that exists - Google cannot interpret if you have been hacked or not, only if their is malicious intent on your site due to or after the hack.
And as to your password being readily available.. anyone could create a site like this, with passwords, and without google going through each page on the web like this, they would not know if it was real or not. (it is also very easy to brute-force or rainbow a commercial host)
This creates a whole new realm for Google as web avenger, as well as SERP integrity protector.
I am just not sure the password release could be involved.
UNLESS!
A penalty was leveraged against justhosts ENTIRE commercial subnet, due to a issue that was caused due to this password release.
But I do not think you or the sites would be singled out due to the password release, only if something bad enough happened that got Google's attention..
BUT then i believe you would be de-indexed, not de-valued.... (blacklisted)
hopefully this opinion was clear as mud
-
Shane,
Thanks for the input. I agree about securing down the site first. I have checked webmaster tools, and no messages are coming up. No suggestions at all are coming up.
I looked into it a bit more, and it seems like 90% of my sites on that one host were hit, but none of my other sites on different hosts were affected at all. I am gonna try to add a piece of fresh content to each site this week, and maybe get a few social signals. I am not panicking yet, but when I see that 10 sites have all lost all of their rankings (and aren't even showing up for their title tags), it's slightly concerning to me.
-
I believe they are coincidental...
I am not sure Google would take action on the entire Subnet range, for a password breach.
I believe it is only when malicious intent is found or suspected, and the release of passwords was not a malicious act in its own.
Check your Webmaster Tools for Malware messages, and see if there are any other messages. As say, you might have just fell victim to the latest round of quality checks from algorithm - You may have just been bumped -
The idea of first making sure you are protected - then trying to get some fresh content and social signal/links is probably the route I would take.
Shane
Got a burning SEO question?
Subscribe to Moz Pro to gain full access to Q&A, answer questions, and ask your own.
Browse Questions
Explore more categories
-
Moz Tools
Chat with the community about the Moz tools.
-
SEO Tactics
Discuss the SEO process with fellow marketers
-
Community
Discuss industry events, jobs, and news!
-
Digital Marketing
Chat about tactics outside of SEO
-
Research & Trends
Dive into research and trends in the search industry.
-
Support
Connect on product support and feature requests.
Related Questions
-
Does having a sub-domain on a different server affect SEO?
I'm working with a company that has a hard-coded website on the root domain, and then a WordPress blog on a subdomain on a separate server. We're planning on implementing a hub and spoke model for their content, hosting the main hubs on the root domain and the linked articles on the blog. Is having the blog on a different server going to hinder our SEO efforts?
Technical SEO | | KaraParlin0 -
What server issues might cause temporary and repeated Soft 404/500 Errors that appear to be functioning correctly when checked later from Google Webmaster Tools?
We are experiencing unknown server issues (we think) which are causing Soft 404/500 errors at unpredictable times on 2 websites. When we check on the pages, they’re fine but still show errors in Moz/Search Console. What are some measures we can take to protect from this or figure out what is causing this? Example URL for Soft 404 Error: https://www.advancedtraveltherapy.com/jobs/any/occupational-therapist/any/ Example URL for 500 Error: https://www.advancedtraveltherapy.com/job-detail/ms/physical-therapist/87529740/ Example URL for Soft 404 Error: https://www.advancedtravelnursing.com/search/searchresults.php?jobState=CA&tempType=g&specialties= Example URL for 500 Error: https://www.advancedtravelnursing.com/job/ma/registered-nurse/emergency-room/87108662/
Technical SEO | | StaffingRobot0 -
Re: Auto Detection of Currency based on IP & Google SEO
Greetings to the fellow Moz community members! On an e-commerce site, I am using a script to change the default currency of storefront based on IP detection ( GBP for UK visitors, CAD for Canadian visitors and so on). My question is : can this create any problems at all in Google Crawling or Indexing? Will google be able to understand the setup? I don't think this should trigger the "cloaking" or presenting different content to search engines vs users, but just want to double check from the collective wisdom here. Thanks for reading, and wish you a good day ahead. Warm Regards Amit
Technical SEO | | amitgg0 -
Hacking and security
Hi, we have had some of our sites hacked and i would like your advice on the situation. We pay a fair but of money for a dedicated server as we thought that by having a dedicated server it would make the sites secure. The language we use for our sites are joomla and wordpress but yesterday a few of them on the dedicated server were hacked. the hosting company have sent us the following info 'There is one extra security improvement on the system we may offer you and it is cloudlinux with cageFS. This improves the overall security on the server but will not stop unsecured code exploiting if such coding is present in your website scripts.' The hosting company is asking for an extra £20 a month to add this on. we asked the hosting company what they meant by unsecured code and they said: 'Unsecure coding is code in your scripts which will allow injections of files from external source. Unfortunately better explanation is not available and for any detailed information you may check with experience local web developer.' We thought that the sites would be secured. The hosting company have said that because one of the sites was not updated from joomla 1.5 to joomla 3.0 which we were planning to do this week, this is the reason why it has happened. However, this does not make any sense, as this is a dedicated server so why has the wordpress sites which are up to date been hacked when they are on the same dedicated server. any advice in understand more on this issue would be great, as i need to find out why this has happened and if i should be taking my sites to another hosting company
Technical SEO | | ClaireH-1848860 -
Best Google Practice for Hacked SIte: Shift Servers/IP or Disavow?
Hi - Over the past few months, I've identified multiple sites which are linking into my site and creating fake pages (below is an example and there's over 500K+ of similar links from various sites}. I've attempted to contact the hosting companies, etc. with little success. Was wondering if my best course of action might be at this point: A) which servers (or IP address). B) Use the Google Disavow tool? C) both. example: { http://aryafar.com/crossings/200-krsn-team-part19.html } Thanks!!
Technical SEO | | hhdentist0 -
Dedicated ip helpful for seo
I read somewhere a while back that having a dedicated ip address was helpful for seo if this true or just another rumor? Also I read you should purchase your domain name for multiple yrs, what do you guys think?
Technical SEO | | TinaGammon0 -
Rackspace UK Cloud IP - Traceroute
Hello, I recently moved to rackspace and before i signed made sure with them that i would get a UK based IP. It is a Cloud hosting solution. I have checked with whois and a few other sites and the IP is being shown as US, they asked me to do a traceroute and it shows up in the UK: http://network-tools.com/default.asp?prog=trace&host=164.177.146.74 can anyone confirm if this is UK based and ok from an seo point of view as we are targeting a UK audience. Any help will be much appreciated. Thank you Shehzad
Technical SEO | | shehzad0 -
Does server location (IP) help with international SEO?
If I have a .com.br domain with all my content in Portuguese, will it make a difference if I host in the US or if I host on a server in Brazil? I thought I had the answer to this from Rand in one of his Whiteboard Fridays a while back where he said hosting in the target country would help, but the lady who did the international SEO presentation in MozCon 2011 said any SEO who says this helps doesn't know international SEO. Can anybody point me to a case study on this? I have US and Brazilian dedicated servers but I'd prefer to get rid of the Brazil server expense.
Technical SEO | | jargomang0