Battling seo hackers

May 12, 2008

job board software battles Earlier this year I commented on Matt Cutts SEO hacker prediction:

"Would you notice if a strange link appeared somewhere inside your website? How long would it take you to see it? Hacking is a reality for everyone in our industry at one time or another but this is one that could be difficult to detect."

Well, his prediction was right on target. But if this happens to you, you will not notice any of the links the hackers install on your website -- they are invisible. Our Drupal sites were hit a couple weeks ago and it has cost us plenty of time and energy to disinfect these websites.

Here is how it was done:

<div style="display:none">
<a href="http://www4.army.mil/otf/eCal.php?id=-106...26970743E/*&q=buy-vi*a*gra.htm">buy v*ia*gra</a>
etc...


So if the links are invisible, what will you notice? If you are running adsense, you'll notice advertisements for the products mentioned in the anchor text above. If you happen to be looking at your code, you may see hundreds of links like the one above on any given page.

How can you protect yourself?

  • use a website monitoring service that checks your code for v*ia*gra and ci*a*lis
  • keep the operating software on your servers perfectly up-to-date
  • register with Google's Webmaster tools and review it regularly

Although we were not notified by Google Webmaster tools, Matt Cutts says that they try to alert webmasters when they know you've been hacked. Here is a video of the presentation he made on the topic:

 

 

Job board software and technology is an important subject and one I will cover again. I know a job board owner who sold his business partly because of technology frustrations and another whose business failed when the servers crashed and there was no backup.

 

related stories:




It's a brave new world we live in. I appreciate the looking out for the little guy. I deal with Job board software and technology on a daily and the aggravation. Now, we have to deal with hackers inside our websites opens up a new set of worries to think about. We need to constantly stress how important security issues are to companies that work online.

 

** ejs ** thanks Alex!

May 13, 2008 - 9:45am

from Helping hacked sites:

 

Getting hacked is not fun. It’s just not. But I think Google does the right thing for our users by removing hacked sites from our index temporarily. I also think we do a pretty good job of trying to alert site owners that they’ve been hacked — more than any other search engine does. We alert many webmasters about hacked sites not only via email but also with our webmaster console.

May 26, 2008 - 10:36am

Post new comment

The content of this field is kept private and will not be shown publicly.

More information about formatting options

CAPTCHA
This question is for testing whether you are a human visitor and to prevent automated spam submissions.
login