Tag: Google Webmaster Tools

How Long Does It Take to Recover Your Site From Being Hacked, Google-Wise [Case Study]

Karol K.

Recover Your Site From Being Hacked

Recover Your Site From Being Hacked

UPDATE. This whole thing happened at the turn of 2013 and 2014. However, I’m still experiencing some SEO consequences of this and that’s why I consider this study a valuable read for any online business owner. At the bottom, there are takeaway lessons on how you can avoid something similar happening to your site.

A couple of months ago, my domain got hacked. Kind of. I mean, the domain itself didn’t get hacked directly, but the problem was the server it was hosted on.

Back then, I was a HostGator customer, a mistake I will never make again.

Just to give you a quick heads-up on that situation, HostGator doesn’t care that much about their customers’ safety. So in my case, they allowed for a spam forum to get installed on my domain without my knowledge.

You could see it by navigating to https://newinternetorder.com/forum/ (no longer there, so don’t bother checking the URL). The forum featured a ton of spam phrases and links. As we all know, those things are not good for SEO…not good at all.

So how did I discover the problem? Well, I’m not an IT security ninja or anything. I was simply informed by vBulletin update service that “my forum needs to be updated.” Can you imagine?

I quickly found that the forum is quite big, and what’s even worse …

525 pages of it were indexed by Google

This is visible on the screenshot I took on the day of the discovery:

google-listing

Oct 15th 2013

This was Oct 15th 2013.

Today’s Jan 17th 2014 and 2 of the pages are still indexed

… despite being nonexistent for months:

forum-google

Jan 17th 2014

This means that Google still didn’t manage to fix things on their end.

(By the way, for future reference; if you want to check out what’s the status of the spam pages on Google this very moment, click here.)

I’m saying this not to complain about my own personal situation but to provide some educational value. What I mean precisely is that Google is obviously not as good at indexing stuff as we’d like it to be.

And what that means for you is that you will likely be forced to wait a similar amount of time, should you get hit by a similar problem.

What did I do about the index?

Apparently, I didn’t just sit patiently and wait for Google to do its magic on their own, so I took some steps to help them out.

First of all, here are the things I didn’t do.

I didn’t go to the index exclusion tool available in Google Webmaster Tools. The reason why is simple, in my book, using this tool would just like admitting that I’m guilty of placing the forum there, which I wasn’t.

Now, I’m not entirely sure whether such reasoning makes sense or not, but that’s what I did nevertheless.

Here are the three main things I did:

1. Changed my webhost

HostGator failed to even acknowledge the problem so I moved over to IX Web Hosting. One of the nice surprises right off the bat was that they gave me a dedicated IP for no extra charge (it has its values for SEO, I’d advise always going for a dedicated IP if you have the chance).

Changing my webhost ultimately killed the forum since the problem was on the previous server. This also confirmed that it was exactly the case, by the way.

2. Researched .htaccess files

The .htaccess file is a small text file that sits in your server’s root (main) directory and deals cards as for who gets to see what on your site, more or less.

In other words, you can prevent anyone from accessing a given area of your site by creating a new rule in the .htaccess file.

What I did was block all access to https://newinternetorder.com/forum/.

3. Tuned my robots.txt file

Robots.txt is another text file sitting in your server’s root directory. This one is responsible for regulating what gets accessed by search engine robots (hence the name, robots.txt).

This was another place where I blocked access to the forum.

Could I do anything more?

 
Maybe, I don’t know. I should have probably reached out to some security specialist. Too bad I didn’t.

Nonetheless, I thought that the above was just enough for Google to get a grasp and deindex those old and non-existent forum pages.

It wasn’t.

As I already mentioned here, I still have 2 pages indexed in Google.

The takeaway and lessons for the future

A handful of them:

  1. Always keep a close eye on what’s going on on your domain/site. Do it through rank tracking tools like Market Samurai, Moz, or even Google Webmaster Tools.
  2. Use additional security plugins like BulletProof Security.
  3. Perform frequent site backups. You can use Online Backup for WordPress for that.
  4. In case anything bad happens, make fast decisions. Like my decision to flee from HostGator.
  5. (Something I didn’t do.) Ask around on expert forums online. In hindsight, this could have saved me a lot of hassle and wandering in the dark.

Similar articles

How Long Does It Take to Recover Your Site From Being Hacked, Google-Wise [Case Study] | NewInternetOrder.com

How a Hosting Company Can Kill Your Google Rankings Without You Even Knowing // HostGator Problems

Karol K.

A couple of months ago, I published not one, but two posts about my adventures with hosting companies and hackers. Well, mainly hackers.

One of those posts was a quick publication here on newInternetOrder. I described the situation that happened to me and the dreary results it had on my Google rankings: Once Upon a Time … There’s Some Malware on Your Site.

The other post was a more in-depth tutorial on how to save your WordPress site from malware and hacker attacks. Published on ThemeFuse: Having an Adventure Time with Malware in WordPress … How to Handle It.

Both worth a read, by the way. This is still very relevant information for anyone who seeks security for their site. If you don’t have the time to check them out now, there’s a short summary of the story at the bottom of this post.*

The thing I didn’t know back then was that it wasn’t the end of my struggles with hosting companies, that the new set of HostGator problems was just around the corner…

HostGator and infected https; i.e. why you should avoid HostGator

Just like that, out of the blue, about two weeks ago I got an automated email telling me that I should update my vBulletin forum.

The only strange part is that I don’t use vBulletin for anything. Moreover, I don’t actually own any forum at all…

So instead of just reporting this as spam, I decided to investigate the situation some more. The mail said that there was a forum under:

https://newinternetorder.com/forum/

I followed the link, and lo and behold, there’s a forum… on my domain, except I didn’t put it there. Here’s what it looked like:

forum

Scratch that, not a forum, a spam forum.

It was full of words like: insurance coverage, louis vuitton, open spine surgery (what?), gucci outlet, facial cleanser, chanel sunglasses, ralph lauren polo, and many more.

The actual forum had more than 500 pages of spam content. All on my domain. All with followed links to spam sites.

How do I know how big it was? Because 525 of those pages were indexed on Google (they still are; I do hope they’ll vanish soon):

google-listing

Guess what linking to spam sites does to your rankings? It kills them. Although I didn’t notice a sudden drop, I was losing rankings steadily since August. Something had to be done.

By the way, there are thousands of domains infected with this forum. If you do a quick search on Google for “louis vuitton Bug Eyed Bastards” you’ll get over 65,000 results:

google

  • Here’s one: https://www.learningdisability.com/forum/,
  • here’s one: https://dailydoseofexcel.com/forum/,
  • here’s one: https://rssanet.com/forum/, literally tens of thousands of those forums.

All with the same content. All hosted on HostGator:

gator

HostGator and their inability to act

To fix this as quickly as I could, I went to HostGator and contacted their support team.

I explained what was going on and demanded the forum to be removed from my domain.

What they said was:

“This is only visible under HTTPS** so there’s no problem for your site.” (paraphrasing; I don’t have the actual log)

To which I said that the forum is visible on Google under my domain and it’s certainly hurting me. Their reply was even better as they said:

“Your account doesn’t have HTTPS enabled so we can’t do anything about it.”

To which I disconnected, got an account elsewhere and canceled my HostGator plan, effective immediately, and put an end to my HostGator problems.

So my episode with HostGator is over. I will surely never return to a company that doesn’t give a damn about their customers.

How to check if you’re affected by this problem

Do this:

  • Go to your Google Webmaster Tools and check if there was any unusual spike in indexed pages lately.
  • Do a search on Google for “site:yourdomain.com/forum”
  • Do another search for “louis vuitton site:yourdomain.com” or “Bug Eyed Bastards site:yourdomain.com”

If the above return positive results (positive meaning bad) then you have HostGator problems too. Just switch to another hosting company. Sorry, but HostGator proved that they can do nothing about this issue, so I don’t see any other solution.

For the sake of your site:

Avoid HostGator at all times!

It’s not only me who reports disturbing news like this and more HostGator problems. Check out this post by Yoast.

Finally, where do you go if your site’s affected?

Well, your guess is as good as mine, but I’m on IX Web Hosting now. Mainly because they gave me a dedicated IP for no extra cost (which is great for SEO). We’ll see how things play out in the future.

_______

* Some hackers or automated software took advantage of the server’s vulnerabilities and infected my site with malicious code. My web host at that time – WP Web Host – did nothing to remove this problem and spent most of their time telling me that there was no problem at all. I can’t remember exactly if they managed to remove the bug or not, but I decided to move my site to another host which was the quickest solution.

** HTTPS (Hypertext Transfer Protocol Secure) is a communications protocol for secure communication over a computer network. – as told by Wikipedia.


How a Hosting Company Can Kill Your Google Rankings Without You Even Knowing // HostGator Problems | newInternetOrder.com

Related posts:

  1. What is Google Webmaster Tools & How to Use it – Beginner’s Guide
  2. Sexiest WordPress Plugins: flickrRSS
  3. 29 WordPress Terms Explained – Handy WordPress Glossary
  4. How to Add “nofollow” to Non-Homepage Blogroll Links – WordPress SEO Tip of the Day