Battling seo hackers

May 12, 2008

job board software battles Earlier this year I commented on Matt Cutts SEO hacker prediction:

"Would you notice if a strange link appeared somewhere inside your website? How long would it take you to see it? Hacking is a reality for everyone in our industry at one time or another but this is one that could be difficult to detect."

Well, his prediction was right on target. But if this happens to you, you will not notice any of the links the hackers install on your website -- they are invisible. Our Drupal sites were hit a couple weeks ago and it has cost us plenty of time and energy to disinfect these websites.

Here is how it was done:

<div style="display:none">
<a href="http://www4.army.mil/otf/eCal.php?id=-106...26970743E/*&q=buy-vi*a*gra.htm">buy v*ia*gra</a>
etc...


So if the links are invisible, what will you notice? If you are running adsense, you'll notice advertisements for the products mentioned in the anchor text above. If you happen to be looking at your code, you may see hundreds of links like the one above on any given page.

How can you protect yourself?

  • use a website monitoring service that checks your code for v*ia*gra and ci*a*lis
  • keep the operating software on your servers perfectly up-to-date
  • register with Google's Webmaster tools and review it regularly

Although we were not notified by Google Webmaster tools, Matt Cutts says that they try to alert webmasters when they know you've been hacked. Here is a video of the presentation he made on the topic:

 

 

Job board software and technology is an important subject and one I will cover again. I know a job board owner who sold his business partly because of technology frustrations and another whose business failed when the servers crashed and there was no backup.

 

related stories:




It's a brave new world we live in. I appreciate the looking out for the little guy. I deal with Job board software and technology on a daily and the aggravation. Now, we have to deal with hackers inside our websites opens up a new set of worries to think about. We need to constantly stress how important security issues are to companies that work online.

 

** ejs ** thanks Alex!

May 13, 2008 - 9:45am

from Helping hacked sites:

 

Getting hacked is not fun. It’s just not. But I think Google does the right thing for our users by removing hacked sites from our index temporarily. I also think we do a pretty good job of trying to alert site owners that they’ve been hacked — more than any other search engine does. We alert many webmasters about hacked sites not only via email but also with our webmaster console.

May 26, 2008 - 10:36am

Last night, I discovered that dozens of DNN dotnetnuke sites have been unknowingly hacked and then blessed with hidden links, many of which point to the current #1 site (in Google) for the search phrase "download movies." Google had brought it to our attention by emailing a website owner notifying him that his site was about to be removed from Google for having an invisible link on it. The scale of this one particular SEO hacking job is pretty crazy. I'm sure that position (however long they've been at the top for related terms) has been worth a fortune. Makes you wonder how many other sites are out there which are being secretly milked.
February 28, 2009 - 3:14pm

Post new comment

The content of this field is kept private and will not be shown publicly.

More information about formatting options

CAPTCHA
This question is for testing whether you are a human visitor and to prevent automated spam submissions.
login