Search Console Incorrectly Identifies WordPress Version and Recommends Update
-
Howdy, Moz fans,
Today I received four emails from Google Search Console recommending I update WordPress. The message reads, "Google has detected that your site is currently running WordPress 3.3.1, an older version of WordPress. Outdated or unpatched software can be vulnerable to hacking and malware exploits that harm potential visitors to your site. Therefore, we suggest you update the software on your site as soon as possible."
This is incorrect, however, since I've been on 4.3.1 for a while. 3.3.1 was never even installed since this site was created in September, 2015, so the initial WP Engine install was likely 4.3.
What's interesting is that it doesn't list the root URL as the problem source. The email states that it found that issue on a URL that is set up via WP Engine to 301 to a different site, which doesn't use WordPress. I also have other redirects set up to different pages on the second site that aren't listed in the Search Console email.
Anyone have any ideas as to what's causing this misidentification of WP versions? I am afraid that Google sees this as a vulnerability and is penalizing my site accordingly.
Thanks in advance!
-
I saw this for a client as well, who I know for sure isn't running WordPress at all. Personally, I think it's a Google mistake.
-
Thanks for that info, but I actually don't see a trace of 3.3.1 anywhere in my source code, so I'm still confused as to how it came up with that info. I do have a meta generator tag but it just contains a credit to Visual Composer.
The site is http://foam-roller.com.
-
Thanks for the response. It's interesting to me that Google doesn't penalize for vulnerabilities - you'd think it'd have some effect since it'd be in Google's best interest not to serve potentially insecure/malicious websites, just as SSL has a positive effect on rankings.
-
Peter is right, what I also wouldn't worry about is that you might get a penalty because of this. Google is very concerned about the security issues that Web sites might have and that's why they're alerting webmasters through Search Console that this is the case.
-
I also get notifications.
On first site in wp-content/uploads there was HTML file with this in header:
so checking works almost perfect. Just file was downloaded somewhere from other authors.
On second site Jooma was identified as 1.5 or less:
and this is correct. But wasn't hacked yet from creation like 5-6 years ago.
I think that this is part of their notifications about updates and pushing internet CMSes to latest versions. This isn't their first nor be last mail. Do you remember wp-timthumb notification? Do you remember Fancybox notification? Do you remember Revolution slider notification? What's equal in all cases? I know - one vulnerability and over 100k sites are at risk. And bad guys knows this and uses such vulnerability for black hat seo.
Got a burning SEO question?
Subscribe to Moz Pro to gain full access to Q&A, answer questions, and ask your own.
Browse Questions
Explore more categories
-
Moz Tools
Chat with the community about the Moz tools.
-
SEO Tactics
Discuss the SEO process with fellow marketers
-
Community
Discuss industry events, jobs, and news!
-
Digital Marketing
Chat about tactics outside of SEO
-
Research & Trends
Dive into research and trends in the search industry.
-
Support
Connect on product support and feature requests.
Related Questions
-
WordPress Tags and SEO
Good Morning everyone, I am trying to decide how I am going to handle an issue on two WordPress websites. I recently acquired 2 new clients that used to do business with the same SEO company. Neither of the clients know of the other but both had the same story about said SEO company. The usual complaints, I wont get into details. My issue is the old SEO company basically was spamming keywords and utilized tags to do this. For each of these clients they had very thin spammy blog posts written and then had a multitude of spammy tags used as keywords here is an example https://captainjacksboatingschool.com/middlesex-county-boating-safety-class/ Each one of these tags is creating duplicate content. How do i properly handle these tags? Do i delete? Do i need to redirect into one main page after deletion. I much rather use plain English and authoritative based Categories. In fact I never use tags, only categories. They do not seem to have much seo value. Both clients who were with this company have the same Tag setup... Any advice would be greatly appreciated as I do not want to loose the customers current rank because i want to do things my way Thanks, Don Silvernail
White Hat / Black Hat SEO | | donsilvernail0 -
I have a recipe food blog and use wordpress, but my recipes are usually in more than one category...?
The recipes are in most cases in more than one category (usually two) each. Do and (and if so how) need to set each post to one canicol url? E.g A recipe on Peas is in healthy foods (which is the default wordpress cat.) and also Vegetarian Dishes. I use YOAST for wordpress
White Hat / Black Hat SEO | | Kelly33300 -
Do searchs bot understand SEF and non SEF url as the same ones ?
I've jsut realized that since almost for ever I use to code first my website using the non sef for internal linkings. It's very convenient as I'm sure that what ever will be the final url the link will always be good. ex: website.com/component1/id=1 Before releasing the website I use extensions to make the url user friendly according the choosen strategy. ex: website.com/component1/id=1 -> website.com/article1.html But I just wondered if google consider both urls as the same ones or if it consider just as a 301 redirection. What do you think is the best to do ?
White Hat / Black Hat SEO | | AymanH0 -
Can I get updated opinions on PR Web?
I saw Moz has discussed PR web in earlier posts, but they are mostly months to years old. I'm wondering if PR Web is a good service? A lot of my competitors use it, but it seems just like a paid link to me. If for whatever reason, PR Web is an approved loophole, does anyone have any suggestions on which plan to purchase? Thanks, Ruben
White Hat / Black Hat SEO | | KempRugeLawGroup0 -
Search query for SEO Brisbane
Would love to get some opinions on the latest Penguin 2.0 update and how on earth the #1 rank is #1 ranked, very, very peculiar... http://www.google.com/search?gs_rn=14&gs_ri=psy-ab&pq=sila&cp=8&gs_id=10&xhr=t&q=seo+brisbane&pf=p&client=safari&rls=en&sclient=psy-ab&oq=seo+bris&gs_l=&pbx=1&bav=on.2,or.r_qf.&bvm=bv.47008514,d.aGc&biw=1300&bih=569 Any and all theories welcomed and appreciated. Thanks, Mike
White Hat / Black Hat SEO | | MichaelYork0 -
What has been updated on part of Google Penguin 2.0?
I am looking for more details of Google Penguin 2.0 update. Is any information from SEO experts?
White Hat / Black Hat SEO | | gbavadiya1 -
Penguin Update and Infographic Link Bait
Is it still ok to use infographics for link bait now that the penguin update has rolled out? Are there any techniques that should be avoided when promoting an infographic? Thanks
White Hat / Black Hat SEO | | eddiejsd1 -
Is it possible that since the Google Farmer's Update, that people practicing Google Bowling can negatively affect your site?
We have hundreds of random bad links that have been added to our sites across the board that nobody in our company paid for. Two of our domains have been penalized and three of our sites have pages that have been penalized. Our sites are established with quality content. One was built in 2007, the other in 2008. We pay writers to contribute quality and unique content. We just can't figure out a) Why the sites were pulled out of Google indexing suddenly after operating well for years b) Where the spike in links came from. Thanks
White Hat / Black Hat SEO | | dahnyogaworks0