Moz Q&A is closed.
After more than 13 years, and tens of thousands of questions, Moz Q&A closed on 12th December 2024. Whilst we’re not completely removing the content - many posts will still be possible to view - we have locked both new posts and new replies. More details here.
Advice needed! How to clear a website of a Wordpress Spam Link Injection Google penalty?
-
Hi Guys,
I am currently working on website that has been penalised by Google for a spam link injection. The website was hacked and 17,000 hidden links were injected.
All the links have been removed and the site has subsequently been redesigned and re-built. That was the easy part
The problems comes when I look on Webmaster. Google is showing 1000's of internal spam links to the homepage and other pages within the site. These pages do not actually exist as they were cleared along with all the other spam links.
I do believe though this is causing problems with the websites rankings. Certain pages are not ranking on Google and the homepage keyword rankings are fluctuating massively.
I have reviewed the website's external links and these are all fine.
Does anyone have any experience of this and can provide any recommendations / advice for clearing the site from Google penalty?
Thanks, Duncan
-
Piggybacking on Kane - since these bad/phantom pages were in one folder, can you request removal in Search Console? It should at least speed things up. Unfortunately, the links can show for weeks or months after they're removed, even if Google doesn't seem to be caching them. If the pages aren't indexed/cached, and the numbers in the console seem to be gradually dropping, I'm not sure if there's a lot more you can do, unfortunately.
-
Hey Duncan, sounds like you've covered the basics. If this had happened a month ago I'd tell you to wait it out, but since it's been 5 months it seems like it should have cleared up by now if it was simply a matter of waiting for Google to deindex everything.
I've put a note out to other associates on Moz Q&A to see if they have any suggestions.
-
We got a hacked site warning on Google results for the company Brand name....but nothing in the Search Console.
Performance is not exactly site wide - some pages only rank for exact match page title search term but not any variations... (e.g. Very Green widgets - page title - the site will rank for Very Green widgets but no variations e.g. Green widgets).
Other pages seem to be fine.... but none rank on page one.
It does seem those pages that had the most links pointing to them have been affected the worse. However, that said - there is a page that that has several 1000 internal spammy links showing but the page does rank ok and does rank for different keywords....another piece of the puzzle!
We checked rankings and at the time of the hack - the site definitely dropped.
Hope that helps!!
Duncan
-
Gotcha... It's fairly standard to see old links in Search Console that have long since been removed, so that concerns me less as long as the 404s are showing up properly and getting noindexed.
Did you receive any "hacked site" warnings in Search Console back in May?
As far as performance issues - is this sitewide, or does it just seem to be occurring on the pages that had the most links pointed at them? Do you still have any pages ranking in top 3 for a semi-competitive term? Out of the pages that did have spammy links to them, are any performing well - on page 1 for target keyword?
-
HI Kane
Thanks for your response! We did do a disavow just on some old directories which looked ok - but it was more of a precautionary measure.
CMS is now all good and secure.
The spammy links were a in subfolder which was deleted (creating 1000's of 404's). The website was then entirely moved to a new secure hosting environment.
Just on your questions...
Yes - the website was fine up until the hack.
The hack happened in May of this year.....a full clean up happened within 3 days after the attack.
Your last point.....yes - they are showing up as 404's. The website initially had 17,000 spammy 404 errors. Google has since reduced that to 3000. As these pages are removed from the index, this gives me hope that the problem is being resolved.
However - the strange part - even though the 404's are being reduced in Webmaster, the number of internal spammy links showing in the Console are not being reduced. It's static.
For example, the homepage shows 6,300 internal links. In reality it only has about a 120. The rest are all spammy (404) links. I do believe that this is causing ranking problems.....? Do you think that is right?
Thanks, Duncan
-
Hi Duncan,
Here's some initial thoughts on steps I would take:
- Since external links are fine, there shouldn't be a need to do anything disavow-related, but I would definitely do that if you see any external links pointed to those old pages, which is common with hacked sites.
- Sounds like you've covered your bases regarding preventing the site from getting hacked again at a CMS level, database level, plugin level, etc., so I'll assume that is good to go.
- If these spammy internal pages were all in a specific subfolder, you could block that subfolder via Robots.txt to send a stronger signal that the URLs should be ignored and de-indexed.
- The internal links should disappear as the pages are removed from the index, but that can take awhile, and it's not uncommon for Search Console to display pages/links/data that have since gone away.
And a couple of questions for you:
- Once those bases are covered, then you're still faced with the potential "penalty", or poor performance. I'm assuming that these pages not ranking in Google were performing well before the site hack?
- How long has it been since the site was initially hacked, and how long since full cleanup was completed?
- Are the spammy internal pages showing up as 404 crawl errors yet?
Got a burning SEO question?
Subscribe to Moz Pro to gain full access to Q&A, answer questions, and ask your own.
Browse Questions
Explore more categories
-
Moz Tools
Chat with the community about the Moz tools.
-
SEO Tactics
Discuss the SEO process with fellow marketers
-
Community
Discuss industry events, jobs, and news!
-
Digital Marketing
Chat about tactics outside of SEO
-
Research & Trends
Dive into research and trends in the search industry.
-
Support
Connect on product support and feature requests.
Related Questions
-
Does Google only show high rankings to webmasters?
Hello! I'm using Google Chrome browser. On the browser logged in with the Google Web Master account, the keyword ranking of my site is ranked on pages 1 to 2. However, in the case of the Google Secret tab and other browsers that have not logged in to the Google Web Master account, the keyword ranking of my site is only 10 pages. Which one is more reliable?
White Hat / Black Hat SEO | | 1kB_man_YWH
Does it only show higher rankings to webmasters?
Or will you soon be able to see the high ranking that has only been seen by webmasters in other browsers? I desperately need your help. Thank you. I look forward to your kind cooperation.1 -
Should I Report A SEO Agency to Google
Our competitor has employed the services of a spammy SEO agency that sends spammy links to our site. Though our rankings were affected we have taken the necessary steps. It is possible to send evidence to Google so that they can take down the site. I want to take this action so that other sites will not be affected by them again.
White Hat / Black Hat SEO | | Halmblogmusic0 -
Is it Okay to Nofollow all External Links
So, we all "nofollow" most of the external links or all external links to hold back the page rank. Is it correct? As per Google, only non-trusty and paid links must be nofollow. Is it all same about external links and nofollow now?
White Hat / Black Hat SEO | | vtmoz0 -
Site Footer Links Used for Keyword Spam
I was on the phone with a proposed web relaunch firm for one of my clients listening to them talk about their deep SEO knowledge. I cannot believe that this wouldn’t be considered black-hat or at least very Spammy in which case a client could be in trouble. On this vendor’s site I notice that they stack the footer site map with about 50 links that are basically keywords they are trying to rank for. But here’s the kicker shown by way of example from one of the themes in the footer: 9 footer links:
White Hat / Black Hat SEO | | RosemaryB
Top PR Firms
Best PR Firms
Leading PR Firms
CyberSecurity PR Firms
Cyber Security PR Firms
Technology PR Firms
PR Firm
Government PR Firms
Public Sector PR Firms Each link goes to a unique URL that is basically a knock-off of the homepage with a few words or at the most one sentences swapped out to include this footer link keyword phrase, sometimes there is a different title attribute but generally they are a close match to each other. The canonical for each page links back to itself. I simply can’t believe Google doesn’t consider this Spammy. Interested in your view.
Rosemary0 -
Spam sites with low spam score?
Hello! I have a fair few links on some of the old SEO 'Directory' sites. I've got rid of all the obviously spammy ones - however there are a few that remain which have very low spam scores, and decent page authority, yet they are clearly just SEO directories - I can't believe they service any other purpose. Should we now just be getting rid of all links like this, or is it worth keeping if the domain authority is decent and spam score low? Thanks Sam
White Hat / Black Hat SEO | | wearehappymedia0 -
Does Trade Mark in URL matter to Google
Hello community! We are planning to clean up TM and R in the URLs on the website. Google has indexed these pages but some TM pages are have " " " instead displaying in URL from SERP. What's your thoughts on a "spring cleaning" effort to remove all TM and R and other unsafe characters in URLs? Will this impact indexed pages and ranking etc? Thank you! b.dig
White Hat / Black Hat SEO | | b.digi0 -
Pages linked with Spam been 301 redirected to 404\. Is it ok
Pl suggest, some pages having some spam links pointed to those pages are been redirected to 404 error page (through 301 redirect) - as removing them manually was not possible due to part of core component of cms and many other coding issue, the only way as advised by developer was making 301 redirect to 404 page. Does by redirecting these pages to 404 page using 301 redirect, will nullify all negative or spam links pointing to them and eventually will remove the resulting spam impact on the site too. Many Thanks
White Hat / Black Hat SEO | | Modi0 -
Footer Link in International Parent Company Websites Causing Penalty?
Still waiting to look at the analytics for the timeframe, but we do know that the top keyword dropped on or about April 23, 2012 from the #1 ranking in Google - something they had held for years, and traffic dropped over 15% that month and further slips since. Just looked at Google Webmaster Tools and see over 2.3MM backlinks from "sister" compainies from their footers. One has over 700,000, the rest about 50,000 on average and all going to the home page, and all using the same anchor text, which is both a branded keyword, as well as a generic keyword, the same one they ranked #1 for. They are all "nofollows" but we are trying to confirm if the nofollow was before or after they got hit, but regardless, Google has found them. To also add, most of sites are from their international sites, so .de, .pl, .es, .nl and other Eurpean country extensions. Of course based on this, I would assume the footer links and timing, was result of the Penguin update and spam. The one issue, is that the other US "sister" companies listed in the same footer, did not see a drop, in fact some had increase traffic. And one of them has the same issue with the brand name, where it is both a brand name and a generic keyword. The only note that I will make about any of the other domains is that they do not drive the traffic this one used to. There is at least a 100,000+ visitor difference among the main site, and this additional sister sites also listed in the footer. I think I'm on the right track with the footer links, even though the other sites that have the same footer links do not seem to be suffering as much, but wanted to see if anyone else had a different opinion or theory. Thanks!
White Hat / Black Hat SEO | | LeverSEO
Jen Davis0