What to do if you've been hacked.....
-
Just logged into our CMS system and it appears we have been hacked.
All page titles have been hijacked adding a secondary title tag linking out to website http://emapaydayloans.com with anchor text pay day loans.
Our Web Dev team are working on fixing the hack now. My concern is the potential knock on effect to SEO.
This looks like a bad neighbourhood site:
- 3 pages indexed
- PR 0
And for I don't know how long we've had almost every page on all our domains linking out with the following page title including the same link and anchor text:
I assume its a wait and see at this stage.
-
Thanks for the responses guys, looks like an SQL Injection.
We have cleared the import and all is back to normal. We'll be looking in to beefing up protection. Thanks for the advice. Will be keeping my eye on the traffic via analytics and watching out for messages in Webmaster Tools
-
This type of problem is really hard to fix unless you know how to do the deep scrubbing needed to get rid of the problem. If you don't scrub it properly the problem will recur over and over.
I would hire a pro ASAP.
-
if you have a paid hosting company call them and they'll run tools on your site to find any exploits.
if your traffic is holding steady you might be ok, just get those links off your site and take care of the security holes. Also your FTP write/edit permissions might need to be tightened up.
-
Fix it as quick as possible
Find any exploits you may have missed (keep WP Up to date, disable admin account, if on shared hosting check all file permissions, make sure you are using SFTP (port 22) ect...)
Monitor your traffic for drops and check web cache of Google to see if it was even indexed
If you do take a knock (which I doubt unless it was there for a while) I am not sure a reconsideration would do anything, so you will probably just have to do some damage control
(ie... get lots of social mentions on a good piece of industry relevant content)
Hope this helps
PS this can help you with hardening WP install http://codex.wordpress.org/Hardening_WordPress
Got a burning SEO question?
Subscribe to Moz Pro to gain full access to Q&A, answer questions, and ask your own.
Browse Questions
Explore more categories
-
Moz Tools
Chat with the community about the Moz tools.
-
SEO Tactics
Discuss the SEO process with fellow marketers
-
Community
Discuss industry events, jobs, and news!
-
Digital Marketing
Chat about tactics outside of SEO
-
Research & Trends
Dive into research and trends in the search industry.
-
Support
Connect on product support and feature requests.
Related Questions
-
Hacked Websites (Doorways) Ranking First Page of Google
Hello Moz community! I could really use your help with some suggestions here with some recent changes I've noticed in the Google serps for terms I've been currently working on. Currently one of the projects I am working on is for an online pharmacy and noticed that the SERPs are being now taken up by hacked websites which look like doorways to 301 redirect to an online pharmacy the hacker wants the traffic to go to. Seems like they may be wordpress sites that are hacked and have unrelated content on their websites compared to online pharmacies. We've submitted these issues as spam to Google and within chrome as well but haven't heard back. When searching terms like "Canadian Pharmacy Viagra" and other similar terms we see this issue. Any other recommendations on how we can fix this issue? Thanks for your time and attached is a screenshot of the results we are seeing for one of our searches. 1Orus
White Hat / Black Hat SEO | | monarkg0 -
How to deal with spam heavy industries that haven't gotten the hammer from Google?
One of our clients works in the video game category - specifically, helping people rank higher in games like League of Legends. In spite of our trying to do things the right way with white hat link building, we've suffered when trying to compete with others who are using comment and forum spam, private blog networks, and other black hat tactics. Our question is - what is the right approach here from a link building perspective? Is it an "if you can't beat them, join them" or do we wait it out and hope Google notices and punishes those who don't play nice? Some test terms to see what we're up against: "elo boost" and "lol coach." Would love to hear thoughts from anyone who's dealt with a similar situation.
White Hat / Black Hat SEO | | kpaulin0 -
Pages mirrored on unknown websites (not just content, all the HTML)... blackhat I've never seen before.
Someone more expert than me could help... I am not a pro, just doing research on a website... Google Search Console shows many backlinks in pages under unknown domains... this pages are mirroring the pages of the linked website... clicking on a link on the mirror page leads to a spam page with link spam... The homepage of these unknown domain appear just fine... looks like that the domain is partially hijacked... WTF?! Have you ever seen something likes this? Can it be an outcome of a previous blackhat activity?
White Hat / Black Hat SEO | | 2mlab0 -
Why isn't a 301 redirect removing old style URLs from Google's index?
I have two questions:1 - We changed the URL structure of our site. Old URLs were in the format of kiwiforsale.com/used_fruit/yummy_kiwi. These URLs are 301 redirected to kiwiforsale.com/used-fruit/yummy-kiwi. We are getting duplicate content errors in Google Webmaster Tools. Why isn't the 301 redirect removing the old style URL out of Google's index?2 - I tried to remove the old style URL at https://www.google.com/webmasters/tools/removals, however I got the message that "We think the image or web page you're trying to remove hasn't been removed by the site owner. Before Google can remove it from our search results, the site owner needs to take down or update the content."Why are we getting this message? Doesn't the 301 redirect alert Google that the old style URL is toast and it's gone?
White Hat / Black Hat SEO | | CFSSEO0 -
G.A. question - removing a specific page's data from total site's results?
I hope I can explain this clearly, hang in there! One of the clients of the law firm I work for does some SEO work for the firm and one thing he has been doing is googling a certain keyword over and over again to trick google's auto fill into using that keyword. When he runs his program he generates around 500 hits to one of our attorney's bio pages. This happens once or twice a week, and since I don't consider them real organic traffic it has been really messing up my GA reports. Is there a way to block that landing page from my overall reports? Or is there a better way to deal with the skewed data? Any help or advice is appreciated, I am still so new to SEO I feel like a lot of my questions are obvious, but please go easy on me!
White Hat / Black Hat SEO | | MyOwnSEO0 -
Bad keywords sending traffic my site, but can't find the source. Advice?
Hi! My site seems to be the target of negative SEO (or some ancient black hat work that's just now coming out of the woodwork). We're getting traffic from keywords like "myanmar girls" and "myanmar celebrities" that just started in late June and only directs to our homepage. I can't seem to find the source of the traffic, though (Analytics just shows it as "Google," "Bing," and "Yahoo" even though I can't find our site showing up for these terms in search results). Is there any way to ferret out the source besides combing through every single link that is directing to us in Webmaster Tools? I'm not even sure that GWT has picked up on it since this is fairly new, and I'd really love to nip this in the bud. Thoughts? Thanks in advance!
White Hat / Black Hat SEO | | 199580 -
Why do these links violate Google's Quality Guideline?
My reconsideration request was declined by Google. Google said that some of the links to my site (www.pianomother.com) are still outside its quality guidelines. We provide piano lessons and sheet music on the site. Three samples are given. 1. http://www.willbeavis.com/links.htm 2. http://vivienzone.blogspot.com/2009/06/learning-how-to-play-piano.html 3. http://interiorpianoservice.com/links/ The first one is obvious because it is a link exchange page. I don't understand why the 2nd and 3rd ones are considered "inorganic links" by Google. The 2nd link is a blog that covers various topics including music, health, computer, etc. The 3rd one is a page of the site that provides piano related services. Other resources related to piano including my website are listed on the page. Please help. Thanks. John
White Hat / Black Hat SEO | | pianomother0 -
Who's still being outranked by spam?
Over the past few months, through Google Alerts, I've been watching one of our competitors kick out crap press releases, and links to their site have been popping up all over blog networks with exact match anchor text. They now outrank us for that anchor text. Why is this still happening? Three Penguin updates later and this still happens. I'm trying so hard to do #RCS and acquire links that will ensure our site's long-term health in the SERPs. Is anyone else still struggling with this crap?
White Hat / Black Hat SEO | | UnderRugSwept2