Website Vulnerability Leading to Doorway Page Spam. Need Help.
-
Keywords he is ranking for , houston dwi lawyer, houston dwi attorney and etc..
Client was acquired in June and since then we have done nothing but build high quality links to the website. None of our clients were dropped/dinged or impacted by the panda/penguin updates in 2012 or updates previously published via Google. Which proves we do quality SEO work. We went ahead and started duplicating links which worked for other legal clients and 5 months later this client is either dropping or staying in local maps results and we are performing very badly in organic results.
Some more history.....
When he first engaged our company we switched his website from a CMS called plone to word press. During our move I ran some searches to figure out which pages we needed to 301 and we came across many profile pages or member pages created on the clients CMS (PLONE). These pages were very spammy and linked to other plone sites using car model,make,year type keywords (ex:jeep cherokee dealerships). I went through these sites to see if they were linking back and could not find any back links to my clients website. Obviously nobody authorized these pages, they all looked very hackish and it seemed as though there was a vulnerability on his plone CMS installation which nobody caught.
Fast forward 5 months and the newest OSE update is showing me a good 50+ back links with unrelated anchor text back links. These anchor text links are the same color as the background and can only be found if you hover your mouse over certain areas of the site. All of these sites are built on Plone and allot of them are linked to other businesses or community websites. These websites obviously have no clue they have been hacked or are being used for black hat purposes.
There are dozens of unrelated anchor text links being used on external websites which are pointing back to our clients website.
Examples: <a class="clickable title link-pivot" title="See top linking pages that use this anchor text">autex Isuzu, </a><a class="clickable title link-pivot" title="See top linking pages that use this anchor text">Toyota service department ratings, </a><a class="clickable title link-pivot" style="color: #5e5e5e; font-family: Helvetica, Arial, sans-serif; font-size: 12px; font-style: normal; font-variant: normal; font-weight: normal; line-height: normal;" title="See top linking pages that use this anchor text">die cast BMW and etc..</a>
Obviously the first step is to use the disavow link tool, which will be completed this week.
The second step is to take some feedback from the SEO community. It seems like these pages are automatically created using some type of bot. It will be very tedious if we have to continually remove these links. I hope there is a way to notify Google that these websites are all plone and have a vulnerability, which black hats are using to harm the innocent...
If i cannot get Google to handle this, then the only other option is to start fresh with a new domain name.
What would you do in this situation. Your help is greatly appreciated. Thank you
-
Thanks for the thought.
I'm going to give it a try, didn't think about that. Nothing special about our 301's.
-
I've definitely seen issues lately where mass 301-ing a lot of pages all to one page caused some problems with Google. If there were bad/suspicious links to some of those pages, it could definitely exacerbate the problem. You may have to try killing some of those redirects, especially from the worst pages. If you don't get traffic to those pages and you know the links are suspect (whether or not you created them), I'd strongly consider 404-ing some of those pages and cutting the redirects. How deep you have to cut depends on how bad the damage is and how much risk you're willing to take. It's definitely not for the faint of heart, but if the situation is bad enough, it may be necessary.
-
Thanks for the reply. We got the clients primary domain (internal pages were always fine) out of penalization by using the disavow tool and still our rankings have not come back.
Furthermore it looks like we found about 4k new links pointing back to pages which were redirected automatically to the home page upon creation of wordpress (wordpress 301 plugins). We changed the landing page for 301's to be a .com/lost page and that page is setup as no follow/index.
When it comes to the on page factors, I think the domain it self has too many pages talking about DWI. Posts that is. My next step is to remove all these Spammy blog posts (real news however) and see if that gives us a return in rankings.
When it comes to the duplicating links, i am definitely not over exchanging links between clients . Occasionally i will link one or two clients because they are beneficial to one another (personal injury links to a divorce lawyer in the same city). But the majority of links are pr's, he directories, web 2.0 and other links from industry sites.
Picking up a client from a horrible SEO company is probably the hardest project i have picked up thus far and i just picked up two more.... FML
From scratch we can pull a new website from zero to top of page one in 6months, but this has me stumped.
Thanks for your help and maybe one day i will do a write up about my solutions.
-
Unfortunately, even across the broader community, specific technical issues with specific CMS platforms can be really hard to find an answer to. You need someone who's been in exactly your situation, in most cases. I'm seeing multiple mentions on the web for Plone security holes:
http://plone.org/products/plone/security/advisories/20121106-announcement
If you think this is primarily an issue of these bad links, then using the new disavow tool is your best (if imperfect) option right now, most likely. Otherwise, you're left contacting each website to let them know they have a hole. If you think this is a new vulnerability, you could try to work with Plone directly, but that would rely on all of these sites patching the hole. In other words, even if Plone releases a fix, everyone has to actually apply it, and that often doesn't happen. So, cutting off the links via Google is probably more effective.
Given that you switched platforms, though, I'd really dig deep and make sure you haven't run into other problems. For example, did the WordPress switch introduce new duplicate content? Did any of your TITLE tags, URLs, or other on-page factors change? Are they links you're "duplicating" starting to look like a network to Google? It's entirely possible for one site to get hit and not others, especially in a competitive vertical. I'd look long and hard at your whole portfolio and make sure this isn't a signal that something worse is about to happen.
That's conjecture, but I've just seen too many SEO companies jump to the conclusion of foul play, only to miss something they had control over. Make sure you're looking at the whole picture.
-
Amazing i could not get a response on this.
-
any help on this
Got a burning SEO question?
Subscribe to Moz Pro to gain full access to Q&A, answer questions, and ask your own.
Browse Questions
Explore more categories
-
Moz Tools
Chat with the community about the Moz tools.
-
SEO Tactics
Discuss the SEO process with fellow marketers
-
Community
Discuss industry events, jobs, and news!
-
Digital Marketing
Chat about tactics outside of SEO
-
Research & Trends
Dive into research and trends in the search industry.
-
Support
Connect on product support and feature requests.
Related Questions
-
My site in 2 page
my site in 2 page how can i rank with this keywords in dubai legal translation in Dubai
White Hat / Black Hat SEO | | saharali150 -
Help finding website content scraping
Hi, I need a tool to help me review sites that are plagiarising / directly copying content from my site. But tools that I'm aware, such as Copyscape, appear to work with individual URLs and not a root domain. That's great if you have a particular post or page you want to check. But in this case, some sites are scraping 1000s of product pages. So I need to submit the root domain rather than an individual URL. In some cases, other sites are being listed in SERPs above or even instead of our site for product search terms. But so far I have stumbled across this, rather than proactively researched offending sites. So I want to insert my root domain & then for the tool to review all my internal site pages before providing information on other domains where an individual page has a certain amount of duplicated copy. Working in the same way as Moz crawls the site for internal duplicate pages - I need a list of duplicate content by domain & URL, externally that I can then contact the offending sites to request they remove the content and send to Google as evidence, if they don't. Any help would be gratefully appreciated. Terry
White Hat / Black Hat SEO | | MFCommunications0 -
On Page #2 of Bing But Nowhere on Google. Please Help !
Hi, community. I have a problem with the ranking of my blog and I hope anyone could help me to solve this problem. I have been trying to rank my blog post for a keyword for almost 6 months but still getting no success. My URL is: this blog post
White Hat / Black Hat SEO | | Airsionquin
Target keyword: best laptops for college The interesting fact is that the post has been on page #2 of BING but nowhere on google. It was on page #3 of google for about one month, but it's been 1-2 weeks gone(not ranked anymore but it's still well indexed). The post has been replaced by another post of my blog(let's say post A) which doesn't have any link. The Post A is ranking on page #4 right now.
The weird thing is my post which ranks for this keyword frequently changes. One day the Post A was on page#4 then after a few days it changed to the post B. Yesterday I searched on google for a keyword "number one on bing but nowhere on google" and then I
come across to read this article on MOZ community and one of the people here said that it was over optimization issue. I think my post has been suffering for an over optimization penalty algorithm. Just for your information, I have been building backlinks to this URL for the last 5 months(it's 1+ year old). It has backlinks only about 1,5k from 200 domains(according to ahref). I have used the exact match anchor only under +/- 2%. The rest is branded, naked URL and generic anchors.
So, in this case, I thought that I haven't done any over anchor optimization.
I have checked the keyword density and I found it was "safe". One important thing I can remember before the post has gone is I add a backlink from lifehack.org(guest post) with exact match anchor.
I suspect this is really the cause because 2-3 days after doing that then the post is gone(dropped) and replaced by another post of my blog(as I've mentioned before). But it's very strange because the amount of the anchor keyword(including the long tail) is only about 10(from 200 domains) or only 5% which mean it should be safe. I'm so Sorry. It's a long story 🙂 So, What is actually happening to my post? and How to fix this problem... Please..please help me... Any hep is appreciated. By the way, Sorry for my poor english.. 🙂0 -
Plugin to duplicate CMS pages, changing the location
Hi all, We have recently noticed a rise in local business websites using a plugin to duplicate hundreds of pages changing only the location in the h1 tag and the page description, we're pretty sure this is a black hat technique allowing them to rank for all locations (although the duplicate page content must not be doing them any favours). An example of this is http://www.essexcarrecovery.co.uk We would like to know what plugin they are using as we think there may be better ways to use this, we may be able to create original location pages faster than we do now? Also why does not seem to be too detrimental to the businesses SEO as surely this method should be damaging?
White Hat / Black Hat SEO | | birdmarketing0 -
Duplicate Content for e-commerce help
Hi. I know I have duplicate content issues and Moz has shown me the issues on ecommerce websites. However a large number of these issues are for variations of the same product. For example a blue, armani t-shirt can be found on armani page, t-shirt page, armani t-shirt page and it also shows links for the duplicates due to sizing variations. Is it possible or even worthwhile working on these issues? Thanks
White Hat / Black Hat SEO | | YNWA0 -
Obscene anchor text linking to non-existent pages on my site
My website seems to be rapidly accumulating links from what seem to be reputable websites and which are going to non-existent pages on my website. The anchor text of many of these links is obscene. Here is the URL of one of the pages that is linking to me. I contacted the originating site a couple of weeks ago and they are looking into it but I've not heard back. I'm guessing the originating sites have been hacked. Should I be concerned? Why are they linking to pages on my site that don't exist? http://www.radicalartistsagency.com/htmlarea/language/0content_abo_utus.html Looking at the page source of this page reveals the hidden links.
White Hat / Black Hat SEO | | MartinDS0 -
All pages going through 302 redirect - bad?
So, our web development company did something I don't agree with and I need a second opinion. Most of our pages are statically cached (the CMS creates .html files), which is required because of our traffic volume. To get geotargeting to work, they've set up every page to 302 redirect to a geodetection script, and back to the geotargeted version of the page. Eg: www.example.com/category 302 redirects to www.example.com/geodetect.hp?ip=ip_address. Then that page 302 redirects back to either www.example.com/category, or www.example.com/geo/category for the geo-targeted version. **So all of our pages - thousands - go through a double 302 redirect. It's fairly invisible to the user, and 302 is more appropriate than 301 in this case, but it really worries me. I've done lots of research and can't find anything specifically saying this is bad, but I can't imagine Google being happy with this. ** Thoughts? Is this bad for SEO? Is there a better way (keeping in mind all of our files are statically generated)? Is this perfectly fine?
White Hat / Black Hat SEO | | dholowiski0 -
Interesting Case Study. Website with 70 PA and 73 DA but PR 0?
http://www.jewelry.hyper-info.com/ This website has no backlinks reported on google, but loads of backlinks across the web. It also doesn't even rank top 50 on its topic keyword [Jewelry Tips]. I would be very wary of building a link on a site like this, but thats my opinion. How would you rate this websites link based on this data?
White Hat / Black Hat SEO | | 13375auc30