Moz Q&A is closed.
After more than 13 years, and tens of thousands of questions, Moz Q&A closed on 12th December 2024. Whilst we’re not completely removing the content - many posts will still be possible to view - we have locked both new posts and new replies. More details here.
Advice needed! How to clear a website of a Wordpress Spam Link Injection Google penalty?
-
Hi Guys,
I am currently working on website that has been penalised by Google for a spam link injection. The website was hacked and 17,000 hidden links were injected.
All the links have been removed and the site has subsequently been redesigned and re-built. That was the easy part
The problems comes when I look on Webmaster. Google is showing 1000's of internal spam links to the homepage and other pages within the site. These pages do not actually exist as they were cleared along with all the other spam links.
I do believe though this is causing problems with the websites rankings. Certain pages are not ranking on Google and the homepage keyword rankings are fluctuating massively.
I have reviewed the website's external links and these are all fine.
Does anyone have any experience of this and can provide any recommendations / advice for clearing the site from Google penalty?
Thanks, Duncan
-
Piggybacking on Kane - since these bad/phantom pages were in one folder, can you request removal in Search Console? It should at least speed things up. Unfortunately, the links can show for weeks or months after they're removed, even if Google doesn't seem to be caching them. If the pages aren't indexed/cached, and the numbers in the console seem to be gradually dropping, I'm not sure if there's a lot more you can do, unfortunately.
-
Hey Duncan, sounds like you've covered the basics. If this had happened a month ago I'd tell you to wait it out, but since it's been 5 months it seems like it should have cleared up by now if it was simply a matter of waiting for Google to deindex everything.
I've put a note out to other associates on Moz Q&A to see if they have any suggestions.
-
We got a hacked site warning on Google results for the company Brand name....but nothing in the Search Console.
Performance is not exactly site wide - some pages only rank for exact match page title search term but not any variations... (e.g. Very Green widgets - page title - the site will rank for Very Green widgets but no variations e.g. Green widgets).
Other pages seem to be fine.... but none rank on page one.
It does seem those pages that had the most links pointing to them have been affected the worse. However, that said - there is a page that that has several 1000 internal spammy links showing but the page does rank ok and does rank for different keywords....another piece of the puzzle!
We checked rankings and at the time of the hack - the site definitely dropped.
Hope that helps!!
Duncan
-
Gotcha... It's fairly standard to see old links in Search Console that have long since been removed, so that concerns me less as long as the 404s are showing up properly and getting noindexed.
Did you receive any "hacked site" warnings in Search Console back in May?
As far as performance issues - is this sitewide, or does it just seem to be occurring on the pages that had the most links pointed at them? Do you still have any pages ranking in top 3 for a semi-competitive term? Out of the pages that did have spammy links to them, are any performing well - on page 1 for target keyword?
-
HI Kane
Thanks for your response! We did do a disavow just on some old directories which looked ok - but it was more of a precautionary measure.
CMS is now all good and secure.
The spammy links were a in subfolder which was deleted (creating 1000's of 404's). The website was then entirely moved to a new secure hosting environment.
Just on your questions...
Yes - the website was fine up until the hack.
The hack happened in May of this year.....a full clean up happened within 3 days after the attack.
Your last point.....yes - they are showing up as 404's. The website initially had 17,000 spammy 404 errors. Google has since reduced that to 3000. As these pages are removed from the index, this gives me hope that the problem is being resolved.
However - the strange part - even though the 404's are being reduced in Webmaster, the number of internal spammy links showing in the Console are not being reduced. It's static.
For example, the homepage shows 6,300 internal links. In reality it only has about a 120. The rest are all spammy (404) links. I do believe that this is causing ranking problems.....? Do you think that is right?
Thanks, Duncan
-
Hi Duncan,
Here's some initial thoughts on steps I would take:
- Since external links are fine, there shouldn't be a need to do anything disavow-related, but I would definitely do that if you see any external links pointed to those old pages, which is common with hacked sites.
- Sounds like you've covered your bases regarding preventing the site from getting hacked again at a CMS level, database level, plugin level, etc., so I'll assume that is good to go.
- If these spammy internal pages were all in a specific subfolder, you could block that subfolder via Robots.txt to send a stronger signal that the URLs should be ignored and de-indexed.
- The internal links should disappear as the pages are removed from the index, but that can take awhile, and it's not uncommon for Search Console to display pages/links/data that have since gone away.
And a couple of questions for you:
- Once those bases are covered, then you're still faced with the potential "penalty", or poor performance. I'm assuming that these pages not ranking in Google were performing well before the site hack?
- How long has it been since the site was initially hacked, and how long since full cleanup was completed?
- Are the spammy internal pages showing up as 404 crawl errors yet?
Got a burning SEO question?
Subscribe to Moz Pro to gain full access to Q&A, answer questions, and ask your own.
Browse Questions
Explore more categories
-
Moz Tools
Chat with the community about the Moz tools.
-
SEO Tactics
Discuss the SEO process with fellow marketers
-
Community
Discuss industry events, jobs, and news!
-
Digital Marketing
Chat about tactics outside of SEO
-
Research & Trends
Dive into research and trends in the search industry.
-
Support
Connect on product support and feature requests.
Related Questions
-
Does google sandbox aged domains too?
Hello, i have a question. Recently i bought a domain from godaddy auction which is 23 years old and have DA 37 PA 34 Before bidding i check out the domain on google using this query to make sure if pages of this website are showing or not (site:mydomain.com) only home page was indexed on google. Further i check the domain on archive web the domain was last active in 2015. And then it parked for long about 4 years. So now my question does google consider these type of domain as new or will sandboxed them if i try to rebuild them and rank for other niche keywords ? Because its been 4 weeks i have been building links to my domain send several profile and social signals to my domain. My post is indexed on google but not showing in any google serp result.
White Hat / Black Hat SEO | Aug 6, 2019, 4:53 PM | Steven231 -
Pinging Links
Interested to know if anybody still uses the strategy of pinging links to make sure they get indexed, there are a number of sites out there which offer it. Is it considered dangerous/spamy?
White Hat / Black Hat SEO | Jun 24, 2021, 2:37 PM | seoman100 -
How/Why do I have so many Spam backlinks?
I was looking in GWT yesterday and found we have several thousand "spam" backlinks...I am curious why this happens and how this happens? There are some links from websites/domains that are not mine that appear to be spam. However, we own a large group of domains and have noticed some of the links are coming from 2 of those sites/domains we own to my main site. The sites/domains are not active, we just own them. I am wondering how someone could access these domains that are not active and create spammy backlinks to my main website? (They created about 20,000 links). Thanks.
White Hat / Black Hat SEO | Jun 9, 2015, 1:17 PM | carlystemmer0 -
How does Google determine if a link is paid or not?
We are currently doing some outreach to bloggers to review our products and provide us with backlinks (preferably followed). The bloggers get to keep the products (usually about $30 worth). According to Google's link schemes, this is a no-no. But my question is, how would Google ever know if the blogger was paid or given freebies for their content? This is the "best" article I could find related to the subject: http://searchenginewatch.com/article/2332787/Matt-Cutts-Shares-4-Ways-Google-Evaluates-Paid-Links The article tells us what qualifies as a paid link, but it doesn't tell us how Google identifies if links were paid or not. It also says that "loans" or okay, but "gifts" are not. How would Google know the difference? For all Google knows (maybe everything?), the blogger returned the products to us after reviewing them. Does anyone have any ideas on this? Maybe Google watches over terms like, "this is a sponsored post" or "materials provided by 'x'". Even so, I hope that wouldn't be enough to warrant a penalty.
White Hat / Black Hat SEO | Aug 10, 2014, 6:53 PM | jampaper0 -
Footer Link in International Parent Company Websites Causing Penalty?
Still waiting to look at the analytics for the timeframe, but we do know that the top keyword dropped on or about April 23, 2012 from the #1 ranking in Google - something they had held for years, and traffic dropped over 15% that month and further slips since. Just looked at Google Webmaster Tools and see over 2.3MM backlinks from "sister" compainies from their footers. One has over 700,000, the rest about 50,000 on average and all going to the home page, and all using the same anchor text, which is both a branded keyword, as well as a generic keyword, the same one they ranked #1 for. They are all "nofollows" but we are trying to confirm if the nofollow was before or after they got hit, but regardless, Google has found them. To also add, most of sites are from their international sites, so .de, .pl, .es, .nl and other Eurpean country extensions. Of course based on this, I would assume the footer links and timing, was result of the Penguin update and spam. The one issue, is that the other US "sister" companies listed in the same footer, did not see a drop, in fact some had increase traffic. And one of them has the same issue with the brand name, where it is both a brand name and a generic keyword. The only note that I will make about any of the other domains is that they do not drive the traffic this one used to. There is at least a 100,000+ visitor difference among the main site, and this additional sister sites also listed in the footer. I think I'm on the right track with the footer links, even though the other sites that have the same footer links do not seem to be suffering as much, but wanted to see if anyone else had a different opinion or theory. Thanks!
White Hat / Black Hat SEO | Jul 13, 2013, 9:10 AM | LeverSEO
Jen Davis0 -
Is it worth getting links from .blogspot.com and .wordpress.com?
Our niche ecommerce site has only one thing going for it: We have numerous opportunities on a weekly basis to get reviews from "mom bloggers". We need links - our domain authority is depressing. My concern is that these "mom bloggers" tend to have blogs that end with .blogspot.com or .wordpress.com. How do I screen for "reviewers" that are worth getting links from and how can I make the most of the community we have available to us?
White Hat / Black Hat SEO | Aug 3, 2019, 4:28 AM | Wilkerson1 -
Off-page SEO and link building
Hi everyone! I work for a marketing company; for one of our clients' sites, we are working with an independent SEO consultant for on-page help (it's a large site) as well as off-page SEO. Following a meeting with the consultant, I had a few red flags with his off-page practices – however, I'm not sure if I'm just inexperienced and this is just "how it works" or if we should shy away from these methods. He plans to: guest blog do press release marketing comment on blogs He does not plan to consult with us in advance regarding the content that is produced, or where it is posted. In addition, he doesn't plan on producing a report of what was posted where. When I asked about these things, he told me they haven't encountered any problems before. I'm not saying it was spam-my, but I'm more not sure if these methods are leaning in the direction of "growing out of date," or the direction of "black-hat, run away, dude." Any thoughts on this would be crazy appreciated! Thanks, Casey
White Hat / Black Hat SEO | Mar 27, 2013, 2:47 PM | CaseyDaline0 -
Interesting case of IP-wide Google Penalty, what is the most likely cause?
Dear SEOMOZ Community, Our portfolio of around 15 internationalized web pages has received a significant, as it seems IP-wide, Google penalty starting November 2010 and have yet to recover from it. We have undergone many measure to lift the penalty including reconsideration requests wo/ luck and am now hoping the SEOMoz community can give us some further tips. We are very interested in the community's help and judgement what else we can try to uplift the penalty. As quick background information, The sites in question offers sports results data and is translated for several languages. Each market, equals language, has its own tld domain using the central keyword, e.g. <keyword_spanish>.es <keyword_german>.de <keyword_us>.com</keyword_us></keyword_german></keyword_spanish> The content is highly targeted around the market, which means there are no duplicate content pages across the domains, all copy is translated, content reprioritized etc. however the core results content in the body of the pages obviously needs to stay to 80% the same A SEO agency of ours has been using semi-automated LinkBuilding tools in mid of 2010 to acquire link partnerships There are some promotional one-way links to sports-betting and casino positioned on the page The external linking structure of the pages is very keyword and main-page focused, i.e. 90% of the external links link to the front page with one particular keyword All sites have a strong domain authority and have been running under the same owner for over 5 years As mentioned, we have experienced dramatic ranking losses across all our properties starting in November 2010. The applied penalties are indisputable given that rankings dropped for the main keywords in local Google search engines from position 3 to position 350 after the sites have been ranked in the top 10 for over 5 years. A screenshot of the ranking history for one particular domain is attached. The same behavior can be observed across domains. Our questions are: Is there something like an IP specific Google penalty that can apply to web properties across an IP or can we assume Google just picked all pages registered at Google Webmaster? What is the most likely cause for our penalty given the background information? Given the drops started already in November 2010 we doubt that the Panda updates had any correlation t this issue? What are the best ways to resolve our issues at this point? We have significant history data available such as tracking records etc. Our actions so far were reducing external links, on page links, and C-class internal links Are there any other factors/metrics we should look at to help troubleshooting the penalties? After all this time wo/ resolution, should we be moving on two new domains and forwarding all content as 301s to the new pages? Are the things we need to try first? Any help is greatly appreciated. SEOMoz rocks. /T cxK29.png
White Hat / Black Hat SEO | Aug 12, 2011, 9:06 AM | tomypro0