Hacked Server IP Range Penality?
-
I use a justhost.com reseller account to host about 15-20 of my own websites. None of the sites are related, nor do I interlink or do anything blackhat with any of them. All of the sites have unique content. Some of it isn't great, but I didn't use a writing service on any of then, it was all written by myself.
Recently I found a list of my sites (as well as about 200 others hosted by justhost) on a hacker website that listed the cpanel usernames. I alerted the host and the issue is being fixed. I am changing all of my usernames and passwords for all of the sites.
Anyway, I recently took a look at some analytics and rankings and noticed that I lost a lot of my rankings on a handful of those sites recently. I know there was the big de-indexing of junk blogs recently, but I don't think that is the case. I can still find all of my sites in Google, they are just out of the first 50 results, when a majority of them were ranked from 5-20 in the SERPs.
Here are three of the sites and their phrases:
http://nintendoconsoles.com/ "nintendo consoles" - This domain I bought from someone so there could be some sort of sandbox period for it.
http://webhostingfordrupal.com/ "web hosting for drupal" - This was a new register.
http://seotirical.com "seotirical" - we don't show up, but all of the tweets and links to us do. - This was a new register.
I realize these sites aren't perfect, and might not have been ready for the first page. The Nintendo site is about 3 months old, but the Drupal site has been around for 8+ months. I might try adding a fresh piece of content tonight to see if that helps, but I thought it was curious that it happened across the board with about 5-6 sites on my one reseller account. I don't even know if the top portion of this post has anything to do with the problems, but I thought I'd see if anyone has insight.
Cheers,
Vinnie -
Shane,
Thanks again for the response. I agree those pages aren't the strongest, and don't have a ton of great content. A few of my other sites have more than 2-3 articles, and the content is rich with media.
I guess time and content will tell. If after a few weeks of adding some new content and building a few links nothing has improved, I will start to worry. It just seems shocking that one of my sites that has been holding the 6th position for it's exact match phrase (and has some links/social) dropped completely out of the top 50.
The sites and pages are still indexed, but only come up when you search the exact URL.
Vinnie
-
by hit, do you mean de-indexed or just bumped down aggressively?
Cause the ones you gave seem to be affiliate sites, with thin content, and light design elements, so I can definitely see how these could have been devalued.
Here is the reason I am pretty sure it is not a "Hack Penalty"
First, I am not sure that exists - Google cannot interpret if you have been hacked or not, only if their is malicious intent on your site due to or after the hack.
And as to your password being readily available.. anyone could create a site like this, with passwords, and without google going through each page on the web like this, they would not know if it was real or not. (it is also very easy to brute-force or rainbow a commercial host)
This creates a whole new realm for Google as web avenger, as well as SERP integrity protector.
I am just not sure the password release could be involved.
UNLESS!
A penalty was leveraged against justhosts ENTIRE commercial subnet, due to a issue that was caused due to this password release.
But I do not think you or the sites would be singled out due to the password release, only if something bad enough happened that got Google's attention..
BUT then i believe you would be de-indexed, not de-valued.... (blacklisted)
hopefully this opinion was clear as mud
-
Shane,
Thanks for the input. I agree about securing down the site first. I have checked webmaster tools, and no messages are coming up. No suggestions at all are coming up.
I looked into it a bit more, and it seems like 90% of my sites on that one host were hit, but none of my other sites on different hosts were affected at all. I am gonna try to add a piece of fresh content to each site this week, and maybe get a few social signals. I am not panicking yet, but when I see that 10 sites have all lost all of their rankings (and aren't even showing up for their title tags), it's slightly concerning to me.
-
I believe they are coincidental...
I am not sure Google would take action on the entire Subnet range, for a password breach.
I believe it is only when malicious intent is found or suspected, and the release of passwords was not a malicious act in its own.
Check your Webmaster Tools for Malware messages, and see if there are any other messages. As say, you might have just fell victim to the latest round of quality checks from algorithm - You may have just been bumped -
The idea of first making sure you are protected - then trying to get some fresh content and social signal/links is probably the route I would take.
Shane
Got a burning SEO question?
Subscribe to Moz Pro to gain full access to Q&A, answer questions, and ask your own.
Browse Questions
Explore more categories
-
Moz Tools
Chat with the community about the Moz tools.
-
SEO Tactics
Discuss the SEO process with fellow marketers
-
Community
Discuss industry events, jobs, and news!
-
Digital Marketing
Chat about tactics outside of SEO
-
Research & Trends
Dive into research and trends in the search industry.
-
Support
Connect on product support and feature requests.
Related Questions
-
Recovery After A Hack - No Manual Action Notice
Hi Guys, I am helping out an agency who have had a couple of site hacked on their server. I can confirm by correlating increase in not found errors and drop in rankings, that the drop was definitely hack based although the site had no manual action notice from Google. The site looks to have been fixed i.e all not found pages look to have been sorted. Obviously there are some dodgy backlinks to now non existant pages but it looks like two months on no sign of a recovery. Is this normal?, Could the site still be hacked and the web designer is claming it has been cleaned up? I am used to dealing with hacked sites when there has been a manual action listed and then it's quite easy to complete the clean up work, submit a reconsideration and then get the manual action revoked but when you don't receieve a manual notification and the site doesn't recover, what do you do? Kind Regards Neil
Technical SEO | | nezona0 -
Any ideas why this site is being penalized?
http://www.my-french-house.com/ has been online since around 2004 and has nearly always been in the top 10 serps for terms like 'property for sale in france'. However, over the last 12 months we've been hit really hard by Google and have fallen dramatically in rank. Can anyone give any insight into what may have happened? As an aside, we've had no message in the Google Webmaster Console and have not contacted Google about the apparent penalty / penalization. Any help or advice would be greatly appreciated. Cheers Jim
Technical SEO | | jimpannell0 -
Server 500: website deindexed?
Hi mozzers, Since August 22nd, (not a site I manage) has had a Server error 500 and all the pages got deindexed? This is obviously a server issue but why it got deindexed is it because it's been a while since it had this server issue? On the pages I checked the pages loads correctly so I am a bit confused here! His webmaster account show 1500 server errors! Can someone tell me what is going on and how to fix it? Thanks
Technical SEO | | Ideas-Money-Art0 -
Domain hacked and redirected to another domain
2 weeks ago my home page plus some others had a 301 redirect to another cloned domain for about 1 week (due to a hack).The original pages were then de-indexed and the new bad domain was indexed and in effect stole my rankings.Then the 301 was removed/cleaned from my domain and the bad domain was fully de-indexed via a request I made in WMT (this was 1 week ago).Then my pages came back into the index but without any ranking power (as if it's just in the supplemental index).It's been like this for a week now and the algorithms have not been able to correct it. So how do I get this damage undone or corrected? Can someone at Google reverse/cancel the 301 ranking transfer since the algorithms don't seem to be able to?I have the option to do a "Change of Address" in WMT from bad domain to my domain. But I don't think this would work properly because it says I also need to place a 301 on the bad domain back to mine. Would a change of address still work without the 301?Please advise/help what to do in order to get my rankings back to where they were.
Technical SEO | | Dantek0 -
Client sites on same IP / same c class IP range
Our own site and client sites (that we design) are either hosted on the same IP or within same C Class range of IPs Will there be an issue with Google if we include a link on the client site home page footer (as agreed with client) that links to a specific project page on our website for that client e.g they are not linking to our home page?
Technical SEO | | NeilD0 -
Site Recovered from hack, should I submit a reinclusion request?
Hello, The site i'm referring to is http://www.pokeronamac.com, it was hacked via something called the "WordPress Pharma Hack" http://theblawblog.wordpress.com/2012/06/21/restoring-a-pharma-hacked-wordpress-site-wp-3-4/ We restored it as far as I can tell, but if anyone can confirm this by doing a site search and not getting redirected it would be appreciated. You will see that some search results still show up as spam, but when I click on them, they 404. I want to know If I should submit a reinclusion request, I wasn't notified by WMT of malaware, so I want to know the SOP here. Thanks Zach
Technical SEO | | Zachary_Russell1 -
IPs and Domains
If a domain loads on the domain and the IP is that a problem? So it loads on domain.com and 69.16.....com Thanks!
Technical SEO | | tylerfraser0 -
Geotargeting by IP and SEO
Hi, Part of our site displays localized results based on the user's IP (we get the zipcode based on IP). For example a user in NY would get a list of NY based stores, while a user in CA would get a list of CA based stores. So if CA Googlebot comes to our site, it will get results based on Mountain View CA. Given the pages are generated based on your zip, I'm not sure how we'd indicate to Google that we have results for lots of locations and not just the Googlebot IP locations. (users can change their zipcode, but by default we use geolocation). Our landing pages contain localized content and unique urls with the zipcode etc, but it isn't clear how Google will find results for KY etc.
Technical SEO | | NicB10