What to do if you've been hacked.....
-
Just logged into our CMS system and it appears we have been hacked.
All page titles have been hijacked adding a secondary title tag linking out to website http://emapaydayloans.com with anchor text pay day loans.
Our Web Dev team are working on fixing the hack now. My concern is the potential knock on effect to SEO.
This looks like a bad neighbourhood site:
- 3 pages indexed
- PR 0
And for I don't know how long we've had almost every page on all our domains linking out with the following page title including the same link and anchor text:
I assume its a wait and see at this stage.
-
Thanks for the responses guys, looks like an SQL Injection.
We have cleared the import and all is back to normal. We'll be looking in to beefing up protection. Thanks for the advice. Will be keeping my eye on the traffic via analytics and watching out for messages in Webmaster Tools
-
This type of problem is really hard to fix unless you know how to do the deep scrubbing needed to get rid of the problem. If you don't scrub it properly the problem will recur over and over.
I would hire a pro ASAP.
-
if you have a paid hosting company call them and they'll run tools on your site to find any exploits.
if your traffic is holding steady you might be ok, just get those links off your site and take care of the security holes. Also your FTP write/edit permissions might need to be tightened up.
-
Fix it as quick as possible
Find any exploits you may have missed (keep WP Up to date, disable admin account, if on shared hosting check all file permissions, make sure you are using SFTP (port 22) ect...)
Monitor your traffic for drops and check web cache of Google to see if it was even indexed
If you do take a knock (which I doubt unless it was there for a while) I am not sure a reconsideration would do anything, so you will probably just have to do some damage control
(ie... get lots of social mentions on a good piece of industry relevant content)
Hope this helps
PS this can help you with hardening WP install http://codex.wordpress.org/Hardening_WordPress
Got a burning SEO question?
Subscribe to Moz Pro to gain full access to Q&A, answer questions, and ask your own.
Browse Questions
Explore more categories
-
Moz Tools
Chat with the community about the Moz tools.
-
SEO Tactics
Discuss the SEO process with fellow marketers
-
Community
Discuss industry events, jobs, and news!
-
Digital Marketing
Chat about tactics outside of SEO
-
Research & Trends
Dive into research and trends in the search industry.
-
Support
Connect on product support and feature requests.
Related Questions
-
HELP!! We are losing search visibility fast and I don't know why?
We have recently moved from http to https - could this be a problem? https://www.thepresentfinder.co.uk As far as I'm aware we are doing everything by SEO best practice and have no manual penalties, all content is unique and we are not doing any link farming etc...
White Hat / Black Hat SEO | | The-Present-Finder0 -
How authentic is a dynamic footer from bots' perspective?
I have a very meta level question. Well, I was working on dynamic footer for the website: http://www.askme.com/, you can check the same in the footer. Now, if you refresh this page and check the content, you'll be able to see a different combination of the links in every section. I'm calling it a dynamic footer here, as the values are absolutely dynamic in this case. **Why are we doing this? **For every section in the footer, we have X number of links, but we can show only 25 links in each section. Here, the value of X can be greater than 25 as well (let's say X=50). So, I'm randomizing the list of entries I have for a section and then picking 25 elements from it i.e random 25 elements from the list of entries every time you're refreshing the page. Benefits from SEO perspective? This will help me exposing all the URLs to bots (in multiple crawls) and will add page freshness element as well. **What's the problem, if it is? **I'm wondering how bots will treat this as, at any time bot might see us showing different content to bots and something else to users. Will bot consider this as cloaking (a black hat technique)? Or, bots won't consider it as a black hat technique as I'm refreshing the data every single time, even if its bot who's hitting me consecutively twice to understand what I'm doing.
White Hat / Black Hat SEO | | _nitman0 -
I've purchased a PR 6 domain what will be best use of it ?
I've purchased a PR 6 domain what will be best use of it ? Should make a new site or redirect it to my low pr sites? Or I wasted my $100 ?
White Hat / Black Hat SEO | | IndiaFPS0 -
It's not link buying, but...
Which of these strategies, if any, cross the line from relationship building to link buying? Assume all links are do-follow. You're a local business. You give the local Boys & Girls club a few hundreds buck a year. In return, you get a very nice link on their Sponsorship page for 12 months. You send a sample of your product to influential bloggers, for the purpose of a review and hopefully a link back to your website. One of your clients is a college bar. You invite 50 college kids over for a slow evening and stuff them full of chicken wings. Then, you ask them to please review and link to the bar on their college wiki. You give a client a free service, in exchange for that client linking to your business on its blog roll. You take a blogger out to lunch, and pick up the tab. Later that day, the blogger writes up an amusing little story for the blog, and links back to your desired website. In your email newsletter, you put out a request to your customer base, "Please link to my website, and I'll provide you a special 20% off coupon."
White Hat / Black Hat SEO | | ExploreConsulting1 -
What's the best way to set up 301's from an old off-site subdomain to a new off-site subdomain?
We are moving our Online store to a new service and we need to create 301's for all of the old product URLs. Being that the old store was hosted off-site, what is the best way to handle the 301 re-directs? Thanks!
White Hat / Black Hat SEO | | VermilionDesignInteractive0 -
Google-backed sites' link profiles
Curious what you SEO people think of the link profiles of these (high-ranking) Google-backed UK sites: http://www.opensiteexplorer.org/domains?site=www.startupdonut.co.uk http://www.opensiteexplorer.org/domains?site=www.lawdonut.co.uk http://www.opensiteexplorer.org/domains?site=www.marketingdonut.co.uk http://www.opensiteexplorer.org/domains?site=www.itdonut.co.uk http://www.opensiteexplorer.org/domains?site=www.taxdonut.co.uk Each site has between 40k and 50k inlinks counted in OSE. However, there are relatively few linking root domains in each case: 273 for marketingdonut 216 for startupdonut 90 for lawdonut 53 for itdonut 16 for taxdonut Is there something wrong with the OSE data here? Does this imply that the average root domain linking to the taxdonut site does so with 2857 links? The sites have no significant social media stats. The sites are heavily inter-linked. Also linked from the operating business, BHP Information Solutions (tagline "Gain access to SMEs"). Is this what Google would think of as a "natural" link profile? Interestingly, they've managed to secure links on quite a few UK local authority resources pages - generally being the only commercial website on those pages.
White Hat / Black Hat SEO | | seqal0 -
Does Google Penalize for Managing multiple Google Places from the same IP Address? Can you manage from same google account or separate? Or does it matter since it's created from the same IP?
I manage a number of client's Google Places from the same IP and heard this is not a good thing. Are there Do's and Don'ts when managing multiple Google Places? Create separate google accounts for each or can you use the same account?
White Hat / Black Hat SEO | | Souk0 -
NYT article on JC Penny's black hat campaign
Saw this article on JC Penny receiving a 'manual adjustment' to drop their rankings by 50+ spots: http://www.nytimes.com/2011/02/13/business/13search.html Curious what you guys think they did wrong, and whether or not you are aware of their SEO firm SearchDex? I mean, was it a simple case of low-quality spam links or was there more to it? Anyone study them in OpenSiteExplorer?
White Hat / Black Hat SEO | | scanlin0