SEO Tricks: New Wordpress Hacking Strategy Using Cloaking to Target Google IP Addresses

[SEO Manager]

New Wordpress Hacking Strategy Using Cloaking to Target Google IP Addresses
 

<h3>Stay Protected</h3>
<p>An ounce of prevention is worth a pound of cure.</p>

<p>If you want to prevent any of your Wordpress blogs from getting hacked make sure you keep your software up to date, and follow other basic You are not allowed to view links. Register or Login, like - securing your admin folder, removing the Wordpress version number from your theme's header.php file, creating an index.html file in your plug-ins directory, and removing other common Wordpress oriented footprints like a "powered by Wordpress" signature in the page footer.</p>

<h4>Get an Early Warning</h4>
<p>Another thing you can do to protect yourself is to get an early warning if/when your blog does get hacked. You can subscribe to a You are not allowed to view links. Register or Login for You are not allowed to view links. Register or Login, and so on...as You are not allowed to view links. Register or Login. </p>

<p>If one of your blogs gets hacked fix the others before it is too late. Some plug ins make it You are not allowed to view links. Register or Login. </p>

<h4>Stopping Comment Spam</h4>
<p>Not quite as bad as full hacking, but comment spam is still annoying. There are a couple good plug ins to help prevent comment spam as well, including You are not allowed to view links. Register or Login and You are not allowed to view links. Register or Login. </p>

<p>Other easy suggestions on this front are to require a captcha and force first time comments to be moderated before appearing on the site.</p>

<h3>Google IP Address Targeted Hacking + Cloaked Spam</h3>
<p>One of my blogs was recently targeted by a blog hacker that inserted links into the site that could *only be viewed by GoogleBot*.  You typically would not notice such a hack unless you subscribed to a Google Alert for your site, saw yourself ranking for some of the spam terms, and/or when your Google Search Traffic started to fall. </p>

<p>The issue with such a hack is that it is hard to know if you wiped it out, even if you update everything. When you use You are not allowed to view links. Register or Login you still will not see the links because you are not surfing from one of GoogleBot's IP addresses. </p>

<p>In fact, for this particular hack you can't even see the links on Google's cached version of a page unless you view the text cache version of the page. </p>
<p></p>
<p>Once you click the text only cache link tons of pharmacy links appear in the page footer. This screenshot was taken from a Texas Instruments blog post on security and safety</p>
<p></p>
<p>Google currently <a href='You are not allowed to view links. Register or Login and/or weird new files that were added to your site. Some hackers may also add files to the root of your site, or above it hidden somewhere on your web server. </p>

<p>Some hacks may be via a Wordpress plug-in. If you have inessential plug-ins installed see if others have complained about them getting hacked, and see if you can remove them. I think some hackers that get into Wordpress go so far as adding plug-ins that position spam throughout the blog.</p>

<p>If your database contains spam in it then you can run the following MySQL query (from You are not allowed to view links. Register or Login) to find many of the most common types of Wordpress link hacks.</p>

<p></p>

<p>If you can't find any spam in your Wordpress database, then...</p>
<ul><li>look for files that have been added or modified</li>
<li>back up your files and database</li>
<li>disable plug ins</li>
<li>delete all files (except for maybe your config file and .htaccess file - and verify those have not been edited as well)</li>
<li>update your blog to the newest version of Wordpress</li>
<li>change your MySQL password and your Wordpress password</li>
<li>install a new theme</li>
<li>download necessary plug-ins from their original sources if you want to keep using them</li>
<li>make sure you performed all the steps at the top of this article to try to keep your blog safe.</li></ul>

<h4>If The Hacker Was Using IP Cloaking...</h4>
<p>If the hacker was using IP cloaking you can't be 100% certain that the spam is gone until Google tries to index new pages on your site and/or re-indexes old pages that were hacked.</p>

<p></p>

<p>You can find files that have been indexed in the last day or last week by You are not allowed to view links. Register or Login.</p>

<p>If you updated your blog a few hours ago you can also do a regular site:www.example.com search on Google and set the results to 100 per page to find any pages that have been re-indexed in the last few hours. Once the search results come up you can search the search results page for hours ago. </p>

<p>One note of caution is to check the actual page's cache date at the top of the page. Sometimes when a cache is really new clicking on the link will show you the new page, but sometimes it will show you a cached page from a few days back. When you see a new cached page without the spam links hopefully your spam problems are almost over and your site is on the road to recovery, with rankings improving as Google caches more pages from your site.  </p>

<p>Remember to set up a Google Alert for your site so you can track if any spam links magically re-appear. </p>

<h3>Your Turn</h3>
<p>I have only had a couple blogs hacked in my many years of blogging. Did I miss any obvious tips and/or wisdom you can add to the above post?</p>
<!--break-->
 

You are not allowed to view links. Register or Login