Website Vulnerability Leading to Doorway Page Spam. Need Help.
-
Keywords he is ranking for , houston dwi lawyer, houston dwi attorney and etc..
Client was acquired in June and since then we have done nothing but build high quality links to the website. None of our clients were dropped/dinged or impacted by the panda/penguin updates in 2012 or updates previously published via Google. Which proves we do quality SEO work. We went ahead and started duplicating links which worked for other legal clients and 5 months later this client is either dropping or staying in local maps results and we are performing very badly in organic results.
Some more history.....
When he first engaged our company we switched his website from a CMS called plone to word press. During our move I ran some searches to figure out which pages we needed to 301 and we came across many profile pages or member pages created on the clients CMS (PLONE). These pages were very spammy and linked to other plone sites using car model,make,year type keywords (ex:jeep cherokee dealerships). I went through these sites to see if they were linking back and could not find any back links to my clients website. Obviously nobody authorized these pages, they all looked very hackish and it seemed as though there was a vulnerability on his plone CMS installation which nobody caught.
Fast forward 5 months and the newest OSE update is showing me a good 50+ back links with unrelated anchor text back links. These anchor text links are the same color as the background and can only be found if you hover your mouse over certain areas of the site. All of these sites are built on Plone and allot of them are linked to other businesses or community websites. These websites obviously have no clue they have been hacked or are being used for black hat purposes.
There are dozens of unrelated anchor text links being used on external websites which are pointing back to our clients website.
Examples: <a class="clickable title link-pivot" title="See top linking pages that use this anchor text">autex Isuzu, </a><a class="clickable title link-pivot" title="See top linking pages that use this anchor text">Toyota service department ratings, </a><a class="clickable title link-pivot" style="color: #5e5e5e; font-family: Helvetica, Arial, sans-serif; font-size: 12px; font-style: normal; font-variant: normal; font-weight: normal; line-height: normal;" title="See top linking pages that use this anchor text">die cast BMW and etc..</a>
Obviously the first step is to use the disavow link tool, which will be completed this week.
The second step is to take some feedback from the SEO community. It seems like these pages are automatically created using some type of bot. It will be very tedious if we have to continually remove these links. I hope there is a way to notify Google that these websites are all plone and have a vulnerability, which black hats are using to harm the innocent...
If i cannot get Google to handle this, then the only other option is to start fresh with a new domain name.
What would you do in this situation. Your help is greatly appreciated. Thank you
-
Thanks for the thought.
I'm going to give it a try, didn't think about that. Nothing special about our 301's.
-
I've definitely seen issues lately where mass 301-ing a lot of pages all to one page caused some problems with Google. If there were bad/suspicious links to some of those pages, it could definitely exacerbate the problem. You may have to try killing some of those redirects, especially from the worst pages. If you don't get traffic to those pages and you know the links are suspect (whether or not you created them), I'd strongly consider 404-ing some of those pages and cutting the redirects. How deep you have to cut depends on how bad the damage is and how much risk you're willing to take. It's definitely not for the faint of heart, but if the situation is bad enough, it may be necessary.
-
Thanks for the reply. We got the clients primary domain (internal pages were always fine) out of penalization by using the disavow tool and still our rankings have not come back.
Furthermore it looks like we found about 4k new links pointing back to pages which were redirected automatically to the home page upon creation of wordpress (wordpress 301 plugins). We changed the landing page for 301's to be a .com/lost page and that page is setup as no follow/index.
When it comes to the on page factors, I think the domain it self has too many pages talking about DWI. Posts that is. My next step is to remove all these Spammy blog posts (real news however) and see if that gives us a return in rankings.
When it comes to the duplicating links, i am definitely not over exchanging links between clients . Occasionally i will link one or two clients because they are beneficial to one another (personal injury links to a divorce lawyer in the same city). But the majority of links are pr's, he directories, web 2.0 and other links from industry sites.
Picking up a client from a horrible SEO company is probably the hardest project i have picked up thus far and i just picked up two more.... FML
From scratch we can pull a new website from zero to top of page one in 6months, but this has me stumped.
Thanks for your help and maybe one day i will do a write up about my solutions.
-
Unfortunately, even across the broader community, specific technical issues with specific CMS platforms can be really hard to find an answer to. You need someone who's been in exactly your situation, in most cases. I'm seeing multiple mentions on the web for Plone security holes:
http://plone.org/products/plone/security/advisories/20121106-announcement
If you think this is primarily an issue of these bad links, then using the new disavow tool is your best (if imperfect) option right now, most likely. Otherwise, you're left contacting each website to let them know they have a hole. If you think this is a new vulnerability, you could try to work with Plone directly, but that would rely on all of these sites patching the hole. In other words, even if Plone releases a fix, everyone has to actually apply it, and that often doesn't happen. So, cutting off the links via Google is probably more effective.
Given that you switched platforms, though, I'd really dig deep and make sure you haven't run into other problems. For example, did the WordPress switch introduce new duplicate content? Did any of your TITLE tags, URLs, or other on-page factors change? Are they links you're "duplicating" starting to look like a network to Google? It's entirely possible for one site to get hit and not others, especially in a competitive vertical. I'd look long and hard at your whole portfolio and make sure this isn't a signal that something worse is about to happen.
That's conjecture, but I've just seen too many SEO companies jump to the conclusion of foul play, only to miss something they had control over. Make sure you're looking at the whole picture.
-
Amazing i could not get a response on this.
-
any help on this
Got a burning SEO question?
Subscribe to Moz Pro to gain full access to Q&A, answer questions, and ask your own.
Browse Questions
Explore more categories
-
Moz Tools
Chat with the community about the Moz tools.
-
SEO Tactics
Discuss the SEO process with fellow marketers
-
Community
Discuss industry events, jobs, and news!
-
Digital Marketing
Chat about tactics outside of SEO
-
Research & Trends
Dive into research and trends in the search industry.
-
Support
Connect on product support and feature requests.
Related Questions
-
Is this campaign of spammy links to non-existent pages damaging my site?
My site is built in Wordpress. Somebody has built spammy pharma links to hundreds of non-existent pages. I don't know whether this was inspired by malice or an attempt to inject spammy content. Many of the non-existent pages have the suffix .pptx. These now all return 403s. Example: https://www.101holidays.co.uk/tazalis-10mg.pptx A smaller number of spammy links point to regular non-existent URLs (not ending in .pptx). These are given 302s by Wordpress to my homepage. I've disavowed all domains linking to these URLs. I have not had a manual action or seen a dramatic fall in Google rankings or traffic. The campaign of spammy links appears to be historical and not ongoing. Questions: 1. Do you think these links could be damaging search performance? If so, what can be done? Disavowing each linking domain would be a huge task. 2. Is 403 the best response? Would 404 be better? 3. Any other thoughts or suggestions? Thank you for taking the time to read and consider this question. Mark
White Hat / Black Hat SEO | | MarkHodson0 -
Nuisance visitors to non active page. What's going on?
Hi Guys, for the past several months, I get high volume of searches on a non-existing page /h/9249823.html. These searches come from all over the world from different domains and have a zero session duration. They are automatically forwarded to my home page. The source re Google Analytics is 12-reasons-for-seo.com. The full referrer is 12.reasons-for-seo.com/seo2php. Any idea what is provoking this activity? Any chance it's screwing with my legitimate search results or rankings?
White Hat / Black Hat SEO | | Lysarden0 -
Unlisted (hidden) pages
I just had a client say they were advised by a friend to use 'a bunch of unlisted (hidden) pages'. Isn't this seriously black hat?
White Hat / Black Hat SEO | | muzzmoz0 -
Suggest me a best plan for linking building chart for small static website.
Hi Everyone, Can any one suggest me a clear idea for off page link building chart i.e) Our page is a 24 page website we like to plan for off page activity like bookmarking, classifieds, directory bla bla bla. So how many links we are supposed to post and in how much day time gap example: 15 Links in bookmarking, 10 links in classified, weekly one article submission, after one week the same cycle goes on.....
White Hat / Black Hat SEO | | dineshmap0 -
Should You Link Back from Client's Website?
We had a discussion in the office today, about if it can help or hurt you to link back to your site from one that you optimize, host, or manage. A few ideas that were mentioned: HURT:
White Hat / Black Hat SEO | | David-Kley
1. The website is not directly related to your niche, therefore Google will treat it as a link exchange or spammy link.
2. Links back to you are often not surrounded by related text about your services, and looks out of place to users and Search Engines. HELP:
1. On good (higher PR, reputable domain) domains, a link back can add authority, even if the site is not directly related to your services.
2. Allows high ranking sites to show users who the provider is, potentially creating a new client, and a followed incoming link on anchor text you can choose. So, what do you think? Test results would be appreciated, as we are trying to get real data. Benefits and cons if you have an opinion.2 -
Negative SEO to inner page: remove page or disavow links?
Someone decided to run a negative-SEO campaign, hitting one of the inner pages on my blog 😞 I noticed the links started to pile up yesterday but I assume there will be more to come over the next few days. The targeted page is of little value to my blog, so the question is: should I remove the affected page (hoping that the links won't affect the entire site) or to submit a disavow request? I'm not concerned about what happens to the affected page, but I want to make sure the entire site doesn't get affected as a result of the negative-SEO. Thanks in advance. Howard
White Hat / Black Hat SEO | | howardd0 -
Footer Link in International Parent Company Websites Causing Penalty?
Still waiting to look at the analytics for the timeframe, but we do know that the top keyword dropped on or about April 23, 2012 from the #1 ranking in Google - something they had held for years, and traffic dropped over 15% that month and further slips since. Just looked at Google Webmaster Tools and see over 2.3MM backlinks from "sister" compainies from their footers. One has over 700,000, the rest about 50,000 on average and all going to the home page, and all using the same anchor text, which is both a branded keyword, as well as a generic keyword, the same one they ranked #1 for. They are all "nofollows" but we are trying to confirm if the nofollow was before or after they got hit, but regardless, Google has found them. To also add, most of sites are from their international sites, so .de, .pl, .es, .nl and other Eurpean country extensions. Of course based on this, I would assume the footer links and timing, was result of the Penguin update and spam. The one issue, is that the other US "sister" companies listed in the same footer, did not see a drop, in fact some had increase traffic. And one of them has the same issue with the brand name, where it is both a brand name and a generic keyword. The only note that I will make about any of the other domains is that they do not drive the traffic this one used to. There is at least a 100,000+ visitor difference among the main site, and this additional sister sites also listed in the footer. I think I'm on the right track with the footer links, even though the other sites that have the same footer links do not seem to be suffering as much, but wanted to see if anyone else had a different opinion or theory. Thanks!
White Hat / Black Hat SEO | | LeverSEO
Jen Davis0 -
How does Google rank a websites search queries
Hello, I can't seem to find an answer anywhere. I was wondering how a websites search query keyword string url can rank above other page results that have stronger backlinks. The domain is usually strong, but that url with the .php?search=keyword just seems like it doesn't fit in. How does Google index those search string pages? Is it based off of traffic alone to that url? Because those urls typically don't have backlinks, right? Has anyone tried to rank their websites search query urls ever? I'm just a little curious about it. Thanks everyone. Jesse
White Hat / Black Hat SEO | | getrightmusic0