Website Vulnerability Leading to Doorway Page Spam. Need Help.
-
Keywords he is ranking for , houston dwi lawyer, houston dwi attorney and etc..
Client was acquired in June and since then we have done nothing but build high quality links to the website. None of our clients were dropped/dinged or impacted by the panda/penguin updates in 2012 or updates previously published via Google. Which proves we do quality SEO work. We went ahead and started duplicating links which worked for other legal clients and 5 months later this client is either dropping or staying in local maps results and we are performing very badly in organic results.
Some more history.....
When he first engaged our company we switched his website from a CMS called plone to word press. During our move I ran some searches to figure out which pages we needed to 301 and we came across many profile pages or member pages created on the clients CMS (PLONE). These pages were very spammy and linked to other plone sites using car model,make,year type keywords (ex:jeep cherokee dealerships). I went through these sites to see if they were linking back and could not find any back links to my clients website. Obviously nobody authorized these pages, they all looked very hackish and it seemed as though there was a vulnerability on his plone CMS installation which nobody caught.
Fast forward 5 months and the newest OSE update is showing me a good 50+ back links with unrelated anchor text back links. These anchor text links are the same color as the background and can only be found if you hover your mouse over certain areas of the site. All of these sites are built on Plone and allot of them are linked to other businesses or community websites. These websites obviously have no clue they have been hacked or are being used for black hat purposes.
There are dozens of unrelated anchor text links being used on external websites which are pointing back to our clients website.
Examples: <a class="clickable title link-pivot" title="See top linking pages that use this anchor text">autex Isuzu, </a><a class="clickable title link-pivot" title="See top linking pages that use this anchor text">Toyota service department ratings, </a><a class="clickable title link-pivot" style="color: #5e5e5e; font-family: Helvetica, Arial, sans-serif; font-size: 12px; font-style: normal; font-variant: normal; font-weight: normal; line-height: normal;" title="See top linking pages that use this anchor text">die cast BMW and etc..</a>
Obviously the first step is to use the disavow link tool, which will be completed this week.
The second step is to take some feedback from the SEO community. It seems like these pages are automatically created using some type of bot. It will be very tedious if we have to continually remove these links. I hope there is a way to notify Google that these websites are all plone and have a vulnerability, which black hats are using to harm the innocent...
If i cannot get Google to handle this, then the only other option is to start fresh with a new domain name.
What would you do in this situation. Your help is greatly appreciated. Thank you
-
Thanks for the thought.
I'm going to give it a try, didn't think about that. Nothing special about our 301's.
-
I've definitely seen issues lately where mass 301-ing a lot of pages all to one page caused some problems with Google. If there were bad/suspicious links to some of those pages, it could definitely exacerbate the problem. You may have to try killing some of those redirects, especially from the worst pages. If you don't get traffic to those pages and you know the links are suspect (whether or not you created them), I'd strongly consider 404-ing some of those pages and cutting the redirects. How deep you have to cut depends on how bad the damage is and how much risk you're willing to take. It's definitely not for the faint of heart, but if the situation is bad enough, it may be necessary.
-
Thanks for the reply. We got the clients primary domain (internal pages were always fine) out of penalization by using the disavow tool and still our rankings have not come back.
Furthermore it looks like we found about 4k new links pointing back to pages which were redirected automatically to the home page upon creation of wordpress (wordpress 301 plugins). We changed the landing page for 301's to be a .com/lost page and that page is setup as no follow/index.
When it comes to the on page factors, I think the domain it self has too many pages talking about DWI. Posts that is. My next step is to remove all these Spammy blog posts (real news however) and see if that gives us a return in rankings.
When it comes to the duplicating links, i am definitely not over exchanging links between clients . Occasionally i will link one or two clients because they are beneficial to one another (personal injury links to a divorce lawyer in the same city). But the majority of links are pr's, he directories, web 2.0 and other links from industry sites.
Picking up a client from a horrible SEO company is probably the hardest project i have picked up thus far and i just picked up two more.... FML
From scratch we can pull a new website from zero to top of page one in 6months, but this has me stumped.
Thanks for your help and maybe one day i will do a write up about my solutions.
-
Unfortunately, even across the broader community, specific technical issues with specific CMS platforms can be really hard to find an answer to. You need someone who's been in exactly your situation, in most cases. I'm seeing multiple mentions on the web for Plone security holes:
http://plone.org/products/plone/security/advisories/20121106-announcement
If you think this is primarily an issue of these bad links, then using the new disavow tool is your best (if imperfect) option right now, most likely. Otherwise, you're left contacting each website to let them know they have a hole. If you think this is a new vulnerability, you could try to work with Plone directly, but that would rely on all of these sites patching the hole. In other words, even if Plone releases a fix, everyone has to actually apply it, and that often doesn't happen. So, cutting off the links via Google is probably more effective.
Given that you switched platforms, though, I'd really dig deep and make sure you haven't run into other problems. For example, did the WordPress switch introduce new duplicate content? Did any of your TITLE tags, URLs, or other on-page factors change? Are they links you're "duplicating" starting to look like a network to Google? It's entirely possible for one site to get hit and not others, especially in a competitive vertical. I'd look long and hard at your whole portfolio and make sure this isn't a signal that something worse is about to happen.
That's conjecture, but I've just seen too many SEO companies jump to the conclusion of foul play, only to miss something they had control over. Make sure you're looking at the whole picture.
-
Amazing i could not get a response on this.
-
any help on this
Got a burning SEO question?
Subscribe to Moz Pro to gain full access to Q&A, answer questions, and ask your own.
Browse Questions
Explore more categories
-
Moz Tools
Chat with the community about the Moz tools.
-
SEO Tactics
Discuss the SEO process with fellow marketers
-
Community
Discuss industry events, jobs, and news!
-
Digital Marketing
Chat about tactics outside of SEO
-
Research & Trends
Dive into research and trends in the search industry.
-
Support
Connect on product support and feature requests.
Related Questions
-
Nuisance visitors to non active page. What's going on?
Hi Guys, for the past several months, I get high volume of searches on a non-existing page /h/9249823.html. These searches come from all over the world from different domains and have a zero session duration. They are automatically forwarded to my home page. The source re Google Analytics is 12-reasons-for-seo.com. The full referrer is 12.reasons-for-seo.com/seo2php. Any idea what is provoking this activity? Any chance it's screwing with my legitimate search results or rankings?
White Hat / Black Hat SEO | | Lysarden0 -
Page drops from index completely
We have a page that is ranking organically at #1 but over the past couple of months the page has twice dropped from a search term entirely. There don't appear to be any issues with the page in Search Console and adding the page on https://www.google.com/webmasters/tools/submit-url seems to fix the issue. The search term we're tracking that drops is in the URL for the page and is the h1 of the page. Here is a screenshot of the ranking over the past few months: https://jmp.sh/akvaKGF What could cause this to happen? There is nothing in search console that shows any problems with the page. The last time this happened the page completely dropped on all search terms and showed up again after submitting the url to google manually. This time it dropped on just one search term and reappeared the next day after manually submitting the page again. akvaKGF
White Hat / Black Hat SEO | | russell_ms0 -
Dodgy backlinks pointing to my website - someone trying to ruin my SEO rankings?
I just saw in 'Just discovered' section of MOZ that 2 new backlinks have appeared back to my website - www.isacleanse.com.au from spammy websites which look like they might be associated with inappropriate content. 1. http://laweba.net/opinion-y-tecnologia/css-naked-day/comment-page-53/ peepshow says: (peepshow links off to my site)07/17/2016 at 8:55 pm2. http://omfglol.org/archives/9/comment-page-196 voyeur says: (voyeur linking off to my site)
White Hat / Black Hat SEO | | IsaCleanse
July 17, 2016 at 7:58 pm Any ideas if this is someone trying to send me negative SEO and best way to deal with it?0 -
G.A. question - removing a specific page's data from total site's results?
I hope I can explain this clearly, hang in there! One of the clients of the law firm I work for does some SEO work for the firm and one thing he has been doing is googling a certain keyword over and over again to trick google's auto fill into using that keyword. When he runs his program he generates around 500 hits to one of our attorney's bio pages. This happens once or twice a week, and since I don't consider them real organic traffic it has been really messing up my GA reports. Is there a way to block that landing page from my overall reports? Or is there a better way to deal with the skewed data? Any help or advice is appreciated, I am still so new to SEO I feel like a lot of my questions are obvious, but please go easy on me!
White Hat / Black Hat SEO | | MyOwnSEO0 -
New sub-domain launches thousands of local pages - is it hurting the main domain?
Would greatly appreciate some opinions on this scenario. Domain cruising along for years, top 1-3 rankings for nearly all top non-branded terms and a stronghold for branded searches. Sitelinks prominently shown with branded searches and always ranked #1 for most variations of brand name. Then, sub-domain launches that was over 80,000 local pages - these pages are 90-95% similar with only city and/or state changing to make them appear like unique local pages. Not an uncommon technique but worrisome in a post Panda/Penguin world. These pages are surprisingly NOT captured as duplicate content by the SEOMoz crawler in my campaigns. Additionally about that same time a very aggressive, almost entirely branded paid search campaign was launched that took 20% of the clicks previously going to the main domain in organic to ppc. My concern is this, shortly after this launch of over 80k "local" pages on the sub-domain and the cannibalization of organic clicks through ppc we saw the consistency of sitelinks 6 packs drop to 3 sitelinks if showing at all, including some sub-domains in sitelinks (including the newly launched one) that had never been there before. There's not a clear answer here I'm sure but what are the experts thoughts on this - did a massive launch of highly duplicate pages coupled with a significant decrease in organic CTR for branded terms harm the authority of the main domain (which is only a few dozen pages) causing less sitelinks and less strength as a domain or is all this a coincidence? Or caused by something else we aren't seeing? Thanks for thoughts!
White Hat / Black Hat SEO | | VMLYRDiscoverability0 -
Domain Structure For A Network of Websites
To achieve this we need to set up a new architecture of domains and sub-websites to effectively build this network. We want to make sure we follow the right protocols for setting up the domain structures to achieve good SEO for the primary domain and local websites. Today we have our core website at www.doctorsvisioncenter.com which will ultimately will become dvceyecarenetwork.com. That website will serve as the core web presence that can be custom branded for hundreds. For example, today you can go to www.doctorsvisioncenter.com/pinehurst. Note when you start there, you can click around and it is still branded for Pinehurst or spectrum eye care. So the burning question(s). - if I am an independent doc at www.newyorkeye.com, I could do domain forwarding but Google does not index forwarded domains so that is out. I could do a 301 permanent redirect to my page www.doctorsvisioncenter.com/newyorkeye. I could then put a rule in the HT Access file that says if newyorkeye.com redirect to www.doctorsvisioncenter/newyorkeye and then have the domain show up as www.newyorkeye.com. Another way to do that is we point the newyorkeye DNS to doctorsvisioncenter.com rather than a 301 redirect with the same basic rule in the HT Access file. That means that, theoretically, every sub page would show up, for example, as www.newyorkeye.com/contact-lens-center which is actually www.doctorsvisioncenter.com/contact-lens-center. It also means, theoretically, that it will be seen as an individual domain but pointing to all the same content under that individual domain just like potentially hundreds of others. The goal is we build once, manage once and benefit many. If we do something like the above which will mean that each domain will essentially be a separate domain, but, will google see it that way or as duplicative content? While it is easy to answer "yes" it would be duplicative, it is not necessarily the case if the content is on separate domains. Is this a good way to proceed, or does anyone have another recommendation for us?
White Hat / Black Hat SEO | | JessTopps0 -
Shadow Page for Flash Experience
Hello. I am curious to better understand what I've been told are "shadow pages" for Flash experiences. So for example, go here:
White Hat / Black Hat SEO | | mozcrush
http://instoresnow.walmart.com/Kraft.aspx#/home View the page as Googlebot and you'll see an HTML page. It is completely different than the Flash page. 1. Is this ok?
2. If I make my shadow page mirror the Flash page, can I put links in it that lead the user to the same places that the Flash experience does?
3. Can I put "Pinterest" Pin-able images in my shadow page?
3. Can a create a shadow page for a video that has the transcript in it? Is this the same as closed captioning? Thanks so much in advance, -GoogleCrush0
