Moz Q&A is closed.
After more than 13 years, and tens of thousands of questions, Moz Q&A closed on 12th December 2024. Whilst we’re not completely removing the content - many posts will still be possible to view - we have locked both new posts and new replies. More details here.
Site being targeted by hardcore porn links
-
We noticed recently a huge amount of referral traffic coming to a client's site from various hard cord porn sites. One of the sites has become the 4th largest referrer and there are maybe 20 other sites sending traffic.
I did a Whois look up on some of the sites and they're all registered to various people & companies, most of them are pretty shady looking.
I don't know if the sites have been hacked or are deliberately sending traffic to my client's site, but it's obviously a concern. The client's site was compromised a few months ago and had a bunch of spam links inserted into the homepage code.
Has anyone else seen this before? Any ideas why someone would do this, what the risks are and how we fix it?
All help & suggestions greatly appreciated, many thanks in advance.
MB.
-
"in a case like this is it sensible to preemptively remove the links with the disavow tool?"
Once again, the Disavow tool was offered as a last resort by Google. Many webmasters seem frustrated the tool is not working as they expected, and the issue is typically they ignored Google's instructions for the tool's usage.
Prior to using the Disavow tool, you need to make an exhaustive effort to remove the links. Send a polite letter to the WHOIS address for the domain explaining the problem and identifying specific links from that domain which are pointing to your site. If there is no response within 3 days, send the same letter to an email address found on the site itself. If you still do not receive a response, check for a Contact Form on the site.
Try to learn what is going on with the site. Ask site owners how these links were created. It surely can be the result of negative SEO, but in the overwhelming majority of cases I have worked with, it is either the client or an agent acting on behalf of the client. Try digging a little deeper.
-
Hi again Ryan/Gordon,
Sorry to bring this one up again, but we could use some more input if possible. It turns out the number of referring URLs is way higher than we originally thought. I've also done some digging in OSE and have found a huge number of links from dubious sources. It's going to take some time to refine the list but we're probably looking in the thousands.
There's no doubt that this is malicious as we have never done anything to build links like these.
We've not yet noticed any penalty or received any warnings but in a case like this is it sensible to preemptively remove the links with the disavow tool?
One other thought: it seems suspicious that this has happened around the same time that the site itself was hacked with similar links inserted into the homepage.
My best guess is that the site hasn't been specifically targeted but has been caught up in some kind of automated spam attack. I've looked at some of the other offending sites and all the links are in odd places - hidden in the code or in strange anchor text. Is it possible that a robot has crawled all these sites and inserted spam links to create some kind of massive "link wheel"?
In this case what's the best preemptive solution before we get slapped with a penalty?
Thanks again...
-
There are not any general endorsements I can share. Your chosen expert may vary depending on your hosting environment, site software and budget.
-
I appreciate your time & help Ryan. I will pass all those suggestions on.
If they choose to bring in a security expert in to take a look, do you have any recommendations?
-
"As for the client's site hacking, as far as I'm aware their webmaster & in-house team dealt with that when it happened."
The webmaster and inhouse team likely had a gap which was exploited. It may be best to bring in an outside security consultant to review the matter.
"if our messages go unacknowledged, what else can we do about it?"
In my experience, 25 - 60% of removal requests are honored, depending on the site. If you are working with numerous site owners, either some of them will respond or you are likely doing something wrong. Ways to contact a webmaster:
-
use the WHOIS information to send an email
-
use information from the site. Before you say they don't have anywhere, check thoroughly.
-
use the site's Contact Us form
-
call the site with the number on the site or their WHOIS phone number
-
mail the site
-
check for social pages such as facebook and contact them via that method
You shared there are around 20 sites linking to your client's site. Some of them should respond.
-
-
That's good. Sorry, but I had missed the part where you said your clients site was compromised previously....
-
Thanks Gordon,
The links are no-follow so for the time being I'm not too worried about link spam penalties. We'll try to contact the site owners first and will then disavow the links if nothing else works...
Cheers, Matt
-
Thanks for your detailed reply Ralph As for the client's site hacking, as far as I'm aware their webmaster & in-house team dealt with that when it happened. I will pass your notes on to the team and check they are 100% confident that the security lapses are fixed. We are in the process of identifying & contacting the webmasters of the referring sites to requests the links be remove. However, if our messages go unacknowledged, what else can we do about it? The links are mostly no-follow which is a minor blessing and we haven't seen any link manipulation warnings in GWT yet. Still confused on their motives/reasons though.
-
"The client's site was compromised a few months ago and had a bunch of spam links inserted into the homepage code."
Has the issue been fully resolved? What steps have you taken to ensure the site's code is clean and remains clean? Some examples:
- placing the code on a test server and having an expert examine the code
- crawling the site and examining all links
- upon completion of the code analysis, implement a system which detects any coding changes and notifies you of the change
- ensure you are using professional development services with professionally developed extensions
- check your hosting. At a minimum, VPS hosting should be used. Do you have a firewall in place? What type of precautions does the host take (i.e. are you with a major host such as Rackspace, HostDime, etc? Or a host no one has heard of?)
- Use a service such as Symantec or McAfee SSL which offers daily site malware scanning
Every time I have worked with a compromised site, there have been major gaps or a complete lack of site security.
With respect to the links, the Disavow Tool can be used as a means of last resort. Google is very clear the tool should not be used until all other methods have been exhausted.
Have you tried contacting any of the webmasters to inquire about the links? That would be a start. You stated they are from independently owned sites. If that is true, then some of those webmasters will likely be cooperative and help you understand why they are linking to you.
We are happy to help Matthew. There is a lot more detailed information required which is missing from your question. There are dozens of possible causes and solutions.
-
Hi Matthew,
Sorry to hear this, and it's not good news. As to how/why it's happened, I can only guess one of two resaons. Either someone who knows nothing about SEO has decided s/he would "help" the whole SEO process and buy some links in. Or, and possibly more likely it may be a competitor who is doing a negative SEO campaign with the desire to lower your organic rankings, ensuring you will be penalised by Google.
You can now use the Google Webmaster tools and use the disavow tool to tell Google to ignore those links.
Hope that helps and all the best.
Gordon
Got a burning SEO question?
Subscribe to Moz Pro to gain full access to Q&A, answer questions, and ask your own.
Browse Questions
Explore more categories
-
Moz Tools
Chat with the community about the Moz tools.
-
SEO Tactics
Discuss the SEO process with fellow marketers
-
Community
Discuss industry events, jobs, and news!
-
Digital Marketing
Chat about tactics outside of SEO
-
Research & Trends
Dive into research and trends in the search industry.
-
Support
Connect on product support and feature requests.
Related Questions
-
Spam Score & Redirecting Inbound Links
Hi, I recently downloaded a spreadsheet of inbound links to my client sites and am trying to 301 redirect the ones that are formatted incorrectly or just bad links in general (they all link to the site domain, but they used to have differently formatted urls on their old site, or the link URL in general has strange stuff on it). My question is, should I even bother redirecting these links if their spam score is a little high (i.e. 20-40%)? it already links to the existing domain, just with a differently formatted URL. I just want to make sure it goes to a valid URL on the site, but I don't want to redirect to a valid URL if it's going to harm the client's SEO. Also not sure what to do about the links with the --% spam score. I really appreciate any input as I don't have a lot of experience with how to deal with spammy links.
White Hat / Black Hat SEO | | AliMac260 -
Sitewide nav linking from subdomain to main domain
I'm working on a site that was heavily impacted by the September core update. You can see in the attached image the overall downturn in organic in 2019 with a larger hit in September bringing Google Organic traffic down around 50%. There are many concerning incoming links from 50-100 obviously spammy porn-related websites to just plain old unnatural links. There was no effort to purchase any links so it's unclear how these are created. There are also 1,000s of incoming external links (most without no-follow and similar/same anchor text) from yellowpages.com. I'm trying to get this fixed with them and have added it to the disavow in the meantime. I'm focusing on internal links as well with a more specific question: If I have a sitewide header on a blog located at blog.domain.com that has links to various sections on domain.com without no-follow tags, is this a possible source of the traffic drops and algorithm impact? The header with these links is on every page of the blog on the previously mentioned subdomain. **More generally, any advice as to how to turn this around? ** The website is in the travel vertical. 90BJKyc
White Hat / Black Hat SEO | | ShawnW0 -
Too many dofollow links = penalty?
Hi. I currently have 150 backlinks, 90% of them are dofollow, while only 10% are nofollow. I recently hit position #10 for my main keyword, but now it is dropped to #16 and a lot of related keywords are gone. So I have a few questions: 1. Was my website penalized for having an unnatural backlink profile (too many dofollow links), or maybe this drop in positions is just a temporary, natural thing? 2. Isn’t it too late for making the backlink profile look more natural by building more nofollow backlinks and making it 50%/50%? Thank you!
White Hat / Black Hat SEO | | NathalieBr0 -
Is this campaign of spammy links to non-existent pages damaging my site?
My site is built in Wordpress. Somebody has built spammy pharma links to hundreds of non-existent pages. I don't know whether this was inspired by malice or an attempt to inject spammy content. Many of the non-existent pages have the suffix .pptx. These now all return 403s. Example: https://www.101holidays.co.uk/tazalis-10mg.pptx A smaller number of spammy links point to regular non-existent URLs (not ending in .pptx). These are given 302s by Wordpress to my homepage. I've disavowed all domains linking to these URLs. I have not had a manual action or seen a dramatic fall in Google rankings or traffic. The campaign of spammy links appears to be historical and not ongoing. Questions: 1. Do you think these links could be damaging search performance? If so, what can be done? Disavowing each linking domain would be a huge task. 2. Is 403 the best response? Would 404 be better? 3. Any other thoughts or suggestions? Thank you for taking the time to read and consider this question. Mark
White Hat / Black Hat SEO | | MarkHodson0 -
Pinging Links
Interested to know if anybody still uses the strategy of pinging links to make sure they get indexed, there are a number of sites out there which offer it. Is it considered dangerous/spamy?
White Hat / Black Hat SEO | | seoman100 -
Should You Link Back from Client's Website?
We had a discussion in the office today, about if it can help or hurt you to link back to your site from one that you optimize, host, or manage. A few ideas that were mentioned: HURT:
White Hat / Black Hat SEO | | David-Kley
1. The website is not directly related to your niche, therefore Google will treat it as a link exchange or spammy link.
2. Links back to you are often not surrounded by related text about your services, and looks out of place to users and Search Engines. HELP:
1. On good (higher PR, reputable domain) domains, a link back can add authority, even if the site is not directly related to your services.
2. Allows high ranking sites to show users who the provider is, potentially creating a new client, and a followed incoming link on anchor text you can choose. So, what do you think? Test results would be appreciated, as we are trying to get real data. Benefits and cons if you have an opinion.2 -
Tags on WordPress Sites, Good or bad?
My main concern is about the entire tags strategy. The whole concept has really been first seen by myself on WordPress which seems to be bringing positive results to these sites and now there are even plugins that auto generate tags. Can someone detail more about the pros and cons of tags? I was under the impression that google does not want 1000's of pages auto generated just because of a simple tag keyword, and then show relevant content to that specific tag. Usually these are just like search results pages... how are tag pages beneficial? Is there something going on behind the scenes with wordpress tags that actually bring benefits to these wp blogs? Setting a custom coded tag feature on a custom site just seems to create numerous spammy pages. I understand these pages may be good from a user perspective, but what about from an SEO perspective and getting indexed and driving traffic... Indexed and driving traffic is my main concern here, so as a recap I'd like to understand the pros and cons about tags on wp vs custom coded sites, and the correct way to set these up for SEO purposes.
White Hat / Black Hat SEO | | WebServiceConsulting.com1
