I had several WordPress sites hacked last month including this one. I first noticed it on one of my other websites when my traffic completely dried up in my analytics. I tried googling some of the terms that the site was number 1 for and it was no where to be found. Then I logged into google webmaster tools and noticed that the first 50 words or so under “what googlebot sees” were all spam. I knew instantly I had been hit with some kind of spam link injection hack but was scratching my head as to where the links actually were. They weren’t obvious from looking at my page, I checked my source code and there was nothing in there out of place.

Then I thought maybe they had been taken off so I checked the cached version of my page in google, nothing there. Finally I looked at the source code of google’s cached page and saw them! Apparently the hackers are using the user agent information to only show them to googlebot and even then what they’re showing is hidden links through CSS using display:none.

I found where they exploited WordPress, deleted the spammy code and updated WordPress to the most recent release. It was really disconcerting to not be able to understand how they injected their spammy code into WordPress though and to not know for sure that it couldn’t happen again. Sure enough, they hit me again today, the bastards!

I again deleted all my files and am running this and a few other websites on fresh WordPress installs. But here’s the most frustrating part: It’s been over a month and google still hasn’t crawled my sites and updated their cache. My traffic and rankings still haven’t returned even though I asked google through webmaster tools for re-inclusion and apparently other websites have had their penalties removed in about that much time.

Really makes you rethink the viability of using open source software for mission critical web development projects. Luckily I’m not loosing any business or money thanks to these jokers, but if I was.. I’d hate to think about that. Sucks that you can build a site, optimize it, promote it, get it ranking with traffic and have some hacker come by and sink all your SEO efforts for who knows how long all to get some hidden backlinks for spam that have NO SEO value for them since they’re hidden!

Yes I host this site and many others with Dreamhost, and yes Dreamhost sucks! In fact they’re the worst webhost of any I do business with. They’re lucky I host so many domains across multiple accounts for myself, freelance clients and my work that it would really be a hassle to switch hosting companies. But one of these days enough will be enough and I’ll take all that business with me elsewhere. They have this handy dandy blog where you can check their status to see if they’re experiencing any downtime, which is a complete joke because they are ALWAYS down. Go ahead, click it and see which cluster is down right now, I’ll wait. I guarantee there’s a greater than 50% chance they have something not working right this second.

Since myself, my clients and my work have multiple accounts across multiple clusters there’s always some downtime issue I’m dealing with with Dreamhost. ARRRRRRRGH!!!!! So today is link-love Monday for Upstartblogger, I hope he gets a big fat affiliate check from AN Hosting this month.