Site being targeted by hardcore porn links
-
We noticed recently a huge amount of referral traffic coming to a client's site from various hard cord porn sites. One of the sites has become the 4th largest referrer and there are maybe 20 other sites sending traffic.
I did a Whois look up on some of the sites and they're all registered to various people & companies, most of them are pretty shady looking.
I don't know if the sites have been hacked or are deliberately sending traffic to my client's site, but it's obviously a concern. The client's site was compromised a few months ago and had a bunch of spam links inserted into the homepage code.
Has anyone else seen this before? Any ideas why someone would do this, what the risks are and how we fix it?
All help & suggestions greatly appreciated, many thanks in advance.
MB.
-
"in a case like this is it sensible to preemptively remove the links with the disavow tool?"
Once again, the Disavow tool was offered as a last resort by Google. Many webmasters seem frustrated the tool is not working as they expected, and the issue is typically they ignored Google's instructions for the tool's usage.
Prior to using the Disavow tool, you need to make an exhaustive effort to remove the links. Send a polite letter to the WHOIS address for the domain explaining the problem and identifying specific links from that domain which are pointing to your site. If there is no response within 3 days, send the same letter to an email address found on the site itself. If you still do not receive a response, check for a Contact Form on the site.
Try to learn what is going on with the site. Ask site owners how these links were created. It surely can be the result of negative SEO, but in the overwhelming majority of cases I have worked with, it is either the client or an agent acting on behalf of the client. Try digging a little deeper.
-
Hi again Ryan/Gordon,
Sorry to bring this one up again, but we could use some more input if possible. It turns out the number of referring URLs is way higher than we originally thought. I've also done some digging in OSE and have found a huge number of links from dubious sources. It's going to take some time to refine the list but we're probably looking in the thousands.
There's no doubt that this is malicious as we have never done anything to build links like these.
We've not yet noticed any penalty or received any warnings but in a case like this is it sensible to preemptively remove the links with the disavow tool?
One other thought: it seems suspicious that this has happened around the same time that the site itself was hacked with similar links inserted into the homepage.
My best guess is that the site hasn't been specifically targeted but has been caught up in some kind of automated spam attack. I've looked at some of the other offending sites and all the links are in odd places - hidden in the code or in strange anchor text. Is it possible that a robot has crawled all these sites and inserted spam links to create some kind of massive "link wheel"?
In this case what's the best preemptive solution before we get slapped with a penalty?
Thanks again...
-
There are not any general endorsements I can share. Your chosen expert may vary depending on your hosting environment, site software and budget.
-
I appreciate your time & help Ryan. I will pass all those suggestions on.
If they choose to bring in a security expert in to take a look, do you have any recommendations?
-
"As for the client's site hacking, as far as I'm aware their webmaster & in-house team dealt with that when it happened."
The webmaster and inhouse team likely had a gap which was exploited. It may be best to bring in an outside security consultant to review the matter.
"if our messages go unacknowledged, what else can we do about it?"
In my experience, 25 - 60% of removal requests are honored, depending on the site. If you are working with numerous site owners, either some of them will respond or you are likely doing something wrong. Ways to contact a webmaster:
-
use the WHOIS information to send an email
-
use information from the site. Before you say they don't have anywhere, check thoroughly.
-
use the site's Contact Us form
-
call the site with the number on the site or their WHOIS phone number
-
mail the site
-
check for social pages such as facebook and contact them via that method
You shared there are around 20 sites linking to your client's site. Some of them should respond.
-
-
That's good. Sorry, but I had missed the part where you said your clients site was compromised previously....
-
Thanks Gordon,
The links are no-follow so for the time being I'm not too worried about link spam penalties. We'll try to contact the site owners first and will then disavow the links if nothing else works...
Cheers, Matt
-
Thanks for your detailed reply Ralph As for the client's site hacking, as far as I'm aware their webmaster & in-house team dealt with that when it happened. I will pass your notes on to the team and check they are 100% confident that the security lapses are fixed. We are in the process of identifying & contacting the webmasters of the referring sites to requests the links be remove. However, if our messages go unacknowledged, what else can we do about it? The links are mostly no-follow which is a minor blessing and we haven't seen any link manipulation warnings in GWT yet. Still confused on their motives/reasons though.
-
"The client's site was compromised a few months ago and had a bunch of spam links inserted into the homepage code."
Has the issue been fully resolved? What steps have you taken to ensure the site's code is clean and remains clean? Some examples:
- placing the code on a test server and having an expert examine the code
- crawling the site and examining all links
- upon completion of the code analysis, implement a system which detects any coding changes and notifies you of the change
- ensure you are using professional development services with professionally developed extensions
- check your hosting. At a minimum, VPS hosting should be used. Do you have a firewall in place? What type of precautions does the host take (i.e. are you with a major host such as Rackspace, HostDime, etc? Or a host no one has heard of?)
- Use a service such as Symantec or McAfee SSL which offers daily site malware scanning
Every time I have worked with a compromised site, there have been major gaps or a complete lack of site security.
With respect to the links, the Disavow Tool can be used as a means of last resort. Google is very clear the tool should not be used until all other methods have been exhausted.
Have you tried contacting any of the webmasters to inquire about the links? That would be a start. You stated they are from independently owned sites. If that is true, then some of those webmasters will likely be cooperative and help you understand why they are linking to you.
We are happy to help Matthew. There is a lot more detailed information required which is missing from your question. There are dozens of possible causes and solutions.
-
Hi Matthew,
Sorry to hear this, and it's not good news. As to how/why it's happened, I can only guess one of two resaons. Either someone who knows nothing about SEO has decided s/he would "help" the whole SEO process and buy some links in. Or, and possibly more likely it may be a competitor who is doing a negative SEO campaign with the desire to lower your organic rankings, ensuring you will be penalised by Google.
You can now use the Google Webmaster tools and use the disavow tool to tell Google to ignore those links.
Hope that helps and all the best.
Gordon
Got a burning SEO question?
Subscribe to Moz Pro to gain full access to Q&A, answer questions, and ask your own.
Browse Questions
Explore more categories
-
Moz Tools
Chat with the community about the Moz tools.
-
SEO Tactics
Discuss the SEO process with fellow marketers
-
Community
Discuss industry events, jobs, and news!
-
Digital Marketing
Chat about tactics outside of SEO
-
Research & Trends
Dive into research and trends in the search industry.
-
Support
Connect on product support and feature requests.
Related Questions
-
No cache still a good link for disavow?
Hi Yall, 2 scenarios: 1. I'm on the border line of disavowing some websites that link to me. If the page is N/A (not available) for the cache, does that mean i should disavow them? 2. What if the particular page was really good content and the webmaster just has the worse seo skills in not interlinking his old blogs, hence why the page that's linking to me is N/A for cache, should i still disavow it? Thanks
White Hat / Black Hat SEO | | Shawn1240 -
How do you check if a website has a link network (From the same C Class)
Hello Mozzers, I'm conducting a link audit and I see a red flag for one of my guest blogs i did in 2012. let's say the IP of the website was 62.658.62.9 Little did I know that the blogging website is a link network with the same content on each IP via it's specific C class: 62.658.62.9 62.658.62.10 62.658.62.11 ETC... How does one find a website to blog on and check to see if they have a blog network or better yet, see if there is a similar distinction of duplicate sites based on its C-class?
White Hat / Black Hat SEO | | Shawn1240 -
Subtle On-site Factors That Could Cause a Penalty
It looks like we have the same penalties on more than one ecommerce site. What subtle on-site factors can contribute to non-manual penalty, specifically rankings slowly going down for all short tail keywords? And what does it take to pull yourself out of these penalties?
White Hat / Black Hat SEO | | BobGW0 -
Potential spam issue - back links
Hi - we have a client whom we work with for SEO. During a review we noticed in Webmaster Tools, there was an IP address with over 30,000 links to our clients site. The IP address is 92.60.0.123. From looking up the IP address details, it looks like it is based in Europe - but we are unable to establish what it is, where the links are and who created it. We are concerned it could be a potential spammer trying to cause an issue with the SEO campaign. Is there any way of finding out any more details apart from the basic information about the location of the IP address? Also - if we submit a disavow via webmaster tools, we are unsure what issue it will have on the clients site if we do not know what it is and the type of links it is creating. Any ideas? Thanks for your help! Phil.
White Hat / Black Hat SEO | | Globalgraphics0 -
HOW TO: City Targeted Landing Pages For Lead Generation
Hi guys, So one of my clients runs a web development agency in San Diego and for lead generation purposes we are thinking of creating him city targeted landing pages which will all be on different domains ie. lawebdesginstudio / sfwebdesigngurus I plan to register these 20-30 domains for my client and load them all up on a my single linux server I have from godaddy. I noticed however today using google's keyword tool that roughly only 5-10 cities have real traffic worth trying to capture to turn into leads. Therefore I am not sure if its even worth building those extra 20 landing pages since they will receive very little traffic. My only thought is, if I do decide to build all 30 landing pages, then I assume I will have a very strong private network of authority websites that I can use to point to the clients website. I mean I figure I can rank almost all of them page 1 top 5 within 2-3 months. My question is: 1. Do city targeted micro sites for the purpose of lead generation still work? If so are there any threads that have more info on this topic? 2. Do you suggest I interlink all 30 sites together and perhaps point them all to the money site? If so i'm wondering if I should diversify the ip's that I used to register the domains as well as the whois info. Thanks guys, all help is appreciated!
White Hat / Black Hat SEO | | AM2130 -
Multiple domains pointed at one site
I know things are changing and the things Google thinks are cheating searchers from finding what they are really looking for are changing too. So, I have multiple domain names that are related to my site, but not the actual site name. For instance, I have a certification program called Certified NetAnalyst that has a few domains for it... .com, .org and other derivatives like NetAnalyst. I would like to point the domains to my main company web site and not create a site just for the certification. Does Google think it is cheating to point domain names with my company branding names to my main web site? What about domain name forwarding to a specific URL, like taking the certification name domains and pointing them to the certification page instead of the main site? Wondering if one could no follow (don't know how to do that) the domain forwarding links so it is not duplicate content? Is that possible in some way? Could you put another robots.txt file with excludes in the domain forwarding url landing page so it would not be duplicate content? For the future I want all SEO "juice" to go to the main domain, but the keyword value of the domain names is valuable. I sure would be grateful if someone that has a good understanding and specific recent experience with Google policy and enforcement could offer some sage and practical advice and perhaps a case study example where Google "likes it" or on the other hand a good explanation of why I may not wish to do this! Thank You! Bill Alderson www.apalytics.com
White Hat / Black Hat SEO | | Packetman0071 -
Auto-link inside your own site to the same domain is white-hat?
Hi, I am using a plugin in wordpress that make auto link for some certain keywords in my site suppose: My site is example.com My important keyword is: sample and across the domain example.com through out the content if there is the word: sample it is linked automatically to example.com I like your opinion about this practice, if it may carry any kind of punishment by SEs? Thanks.
White Hat / Black Hat SEO | | Pooria0 -
What's been your experience with profile link-building?
What have your experiences been? Short Term? Long Term? There isn't a lot written about it, and I'm wondering where it falls in the order of things. I was very hesitant to jump in, but have launched a few campaigns, both for local geo targeting phrases, and national accounts. Surprisingly, I've seen a surge in rankings, but also wonder how short lived they will be. I've noticed the links still don't come up in tools like open site explorer, but I'm able to find them when searching for the unique username I used while building the profiles. The sites I'm listing on have no relevance to industry, unless by chance, although the PR's I'm using are all 4 or higher. Is this considered gray hat?
White Hat / Black Hat SEO | | skycriesmary720