Spamming and Wordpress
-
Hi,
I have a Wordpress site for which I was ranking #1 for my main key phrase. Then I noticed that my site had plummeted in ranking. Investigating I found the cause to be a hacking issue where my code has lots of content for and backlinks to Viagra sites! How do I best work on retrieving my ranking and making sure that the site in question gets penalized?
-
thanks, Paul.
I am testing the "Wordfence" plug-in, and I was able to identify (and delete) a malware file. I should probably look for a more secure host as well.
Cheers
Bo
-
This plugin is really helpful for protecting your site:
Once you clean up, it should gain rankings back.
-
A good idea would be to change your passwords on a monthly basis and maybe ask your hosting company to see if there is anything they can do to stop your site from being hacked. Also ask them if they have any data on when your site was hacked.
A good hosting company will help you keep your site secure
-
Just a heads-up Bo - and really sorry to be a bearer of bad news, but fixing a WordPress hack like you're describing is almost never as easy as just deleting the code you see in headers. Like on virus-infected desktop computers, the malware often hides an additional payload of crapware that is capable of regenerating the spam links after a designated time period.
There are a number of different WordPress scanning services like http://sucuri.net/, as well as security-scanning plugins available. Be sure to use a couple of them (no one tool catches everything) to make sure you site is actually clean. In addition, monitor it carefully and repeatedly for the next several weeks to make sure the malware doesn't surreptitiously re-assert itself.
Lastly, make certain you have changed all ftp passwords for your site's server and that you are using strong, complex passwords. This is an easy vector of attack that many webmasters forget to secure. If possible, you should be using sFTP (secure ftp) for any work on your site as it encrypts ftp passwords where regular ftp sends them in the clear and so is extremely easy to hack.
Paul
-
Hi,
thanks for sharing! I found the code in the Header and deleted everything, so hopefully that should take care of the "clean-up" process, so I can start on the "small matter" of regaining my ranking. I'm in 50th at the moment, so at least I'm indexed!
cheers
-
Hey Bo, just thought I'd chime in here. I had a client's site get some kind of nasty code injection - pharma stuff like you're talking about. Happened a month or so ago. He was #1 for his keyphrase also, but as soon as the site was compromised, he dropped to page 4-5. Soon as I re-did the site and got it live his rankings came back.
Sooo...bad news and good news. I highly doubt your site is actually de-indexed (good news). The bad news is the amount of work you'll have to do. I completely wiped the root folder, deleted the DB, and re-built the wordpress site from scratch on a different theme/framework.
-
hi, thanks for the advice!
I will check Webmaster tools, and send a description of the issue. I´m sure you´re right regarding the penalty issue, I guess I just have to tighten security...
-
Most usually, your rankings will come back once you clean your site up. I'd recommend letting go of thoughts regarding penalties to site in question. There's really nothing that the ordinary mortal can do that will make that happen and if there was something that could be done, they'd be up and running the next hour with another site (which probably already is up and running.)
The big take away is: keep your wordpress up to date, delete your admin account, and set up an account with another username with a strong password.
-
Is your site listed in google wmt? if so is there any messages.
Ask for re-consideration and explain what happened
Got a burning SEO question?
Subscribe to Moz Pro to gain full access to Q&A, answer questions, and ask your own.
Browse Questions
Explore more categories
-
Moz Tools
Chat with the community about the Moz tools.
-
SEO Tactics
Discuss the SEO process with fellow marketers
-
Community
Discuss industry events, jobs, and news!
-
Digital Marketing
Chat about tactics outside of SEO
-
Research & Trends
Dive into research and trends in the search industry.
-
Support
Connect on product support and feature requests.
Related Questions
-
Move a Wordpress Site to HTTPS with Bluehost
HI Guys, do you think that the following guide is enoght to move a bluehost wordpress site to https in a seo best practive way? https://www.shoutmeloud.com/free-ssl-certificate-bluehost-hosting.html Basically their steps are: Install SSL on Bluehost panel Install Really Simple SSL Wp Plugin Edit Your .htacess File & Add The Code For HTTP To HTTPS Redirection Update All HTTP URLs In Database To HTTPS Using Search and Replace Plugin Use Broken Link Checker plugin & use its redirection module to find links to 3rd party sites with HTTP that should now be HTTPS. Last thing to do Submit your new HTTPS site to Google Search Console & submit your sitemap. Update your profile link on Google Analytics. Update your website links on social media profiles & anywhere else they exist. This step you can do in pieces in the coming days. Read this guide to learn more about HTTP to HTTPS migration & fixing mixed content. If you disabled Who.Is guard for your domain name, you can enable it now. Do you know a better practical guide for wordrpess? in term of usefull plugins to handle the migration? Tx to everyone!
Technical SEO | | Dreamrealemedia0 -
Redirecting old html site to new wordpress site
Hi I'm currently updating an old (8 years old) html site to wordpress and about a month ago I redirected some url's to the new site (which is in a directory) like this... Redirect 301 /article1.htm http://mysite.net/wordpress/article1/
Technical SEO | | briandee
Redirect 301 /article2.htm http://mysite.net/wordpress/article2/
Redirect 301 /article3.htm http://mysite.net/wordpress/article3/ Google has indexed these new url's and they are showing in search results. I'm almost finished the new version of site and it is currently in a directory /wordpress I intend to move all the files from the directory to the root so new url when this is done will be http://mysite.net/article1/ etc My question is - what to I do about the redirects which are in place - do I delete them and replace with something like this? Redirect 301 /wordpress/article1/ http://mysite.net/article1/
Redirect 301 /wordpress/article2/ http://mysite.net/article2/
Redirect 301 /wordpress/article3/ http://mysite.net/article3/ Appreciate any help with this0 -
Wordpress 404 Errors
Hi Guys, One of my clients is scratching his head after a site migration. He has moved to wordpress and now GWT is creating weird and wonderful strange 404 errors. For example http://www.allsee-tech.com/digital-signage-blog/category/clients.html There are loads like the above which seem to be made up out of his blog and navigation http://www.allsee-tech.com/clients.html works! Any ideas? Is it a rogue plugin? How do we fix? Kind Regards Neil
Technical SEO | | nezona0 -
Best XML Generator for Wordpress?
Hi all, Quick question - does anybody have any recommendations for the best XML sitemap plugin for Wordpress? An idea of why you like it would also be helpful. Thank you very much! Mark
Technical SEO | | markadoi840 -
Wordpress Canonical Problem
I'm using wordpress for my website but m unable to implement Canonical tag property for pages under the same category, Like for matt's blog: The Tag is same .. for all pages under that category: http://www.mattcutts.com/blog/type/googleseo/ & http://www.mattcutts.com/blog/type/googleseo/page/2/ is it some hack or some plugin ? please suggest! thanks
Technical SEO | | AnkitRawat0 -
How do you stop Wordpress spam
What's the best way to stop Wordpress spam? We don't let comments go live without moderation, so the spammers don't succeed, however it wastes time going through the comments. A captcha code could work but a lot of software can crack it. Are there any good captcha solutions or could something else work better/in conjunction? Also, is there anywhere to report spam IP addresses? Not sure much happens when you mark a comment as spam in Wordpress.
Technical SEO | | giantpeach1 -
EzineArticles WordPress Plugin
Any thoughts on the EzineArticles plugin for WordPress? I read that it provides "the ability to simultaneously publish new posts to the web and submit them as articles to EzineArticles.com" Could this lead to duplicate content penalties?
Technical SEO | | martyc0 -
Wordpress 301 redirects
I use wordpress as CMS on a few sites and I noticed that word press automattically places 301s if I change a url etc. I believe it does it by having the following in the .htaccess file: BEGIN WordPress<ifmodule mod_rewrite.c="">RewriteEngine OnRewriteBase /RewriteRule ^index.php$ - [L]RewriteCond %{REQUEST_FILENAME} !-fRewriteCond %{REQUEST_FILENAME} !-dRewriteRule . /index.php [L]</ifmodule> END WordPress Should I use this? I feel like it limits my control over the 301s.
Technical SEO | | mmaes0