The Internets


Jan 15, 2009

I had several WordPress sites hacked last month including this one. I first noticed it on one of my other websites when my traffic completely dried up in my analytics. I tried googling some of the terms that the site was number 1 for and it was no where to be found. Then I logged into google webmaster tools and noticed that the first 50 words or so under “what googlebot sees” were all spam. I knew instantly I had been hit with some kind of spam link injection hack but was scratching my head as to where the links actually were. They weren’t obvious from looking at my page, I checked my source code and there was nothing in there out of place.

Then I thought maybe they had been taken off so I checked the cached version of my page in google, nothing there. Finally I looked at the source code of google’s cached page and saw them! Apparently the hackers are using the user agent information to only show them to googlebot and even then what they’re showing is hidden links through CSS using display:none.

I found where they exploited WordPress, deleted the spammy code and updated WordPress to the most recent release. It was really disconcerting to not be able to understand how they injected their spammy code into WordPress though and to not know for sure that it couldn’t happen again. Sure enough, they hit me again today, the bastards!

I again deleted all my files and am running this and a few other websites on fresh WordPress installs. But here’s the most frustrating part: It’s been over a month and google still hasn’t crawled my sites and updated their cache. My traffic and rankings still haven’t returned even though I asked google through webmaster tools for re-inclusion and apparently other websites have had their penalties removed in about that much time.

Really makes you rethink the viability of using open source software for mission critical web development projects. Luckily I’m not loosing any business or money thanks to these jokers, but if I was.. I’d hate to think about that. Sucks that you can build a site, optimize it, promote it, get it ranking with traffic and have some hacker come by and sink all your SEO efforts for who knows how long all to get some hidden backlinks for spam that have NO SEO value for them since they’re hidden!