intelligent graphic design for print and screen

Identifying and fixing 'spammy pages' on a compromised website

Surprising as it may seem, it can sometimes be difficult to know if your website has been hacked – it is often not until a third party notifies the webmaster that the site has is behaving malevolently that you are alerted to a problem. In this article we look at how to identify if your website has been hacked with spam pages.

The hacking of websites is depressingly common with large numbers of sites being targeted all over the web with the aim of exploiting the sites' users or the good name of the website. When a site has been compromised a common way the hackers take advantage is to add 'spammy pages'. These pages can be used in various ways by the hackers, for example redirecting users to undesirable or harmful destinations like fake shopping sites.

If you identify that your site has been compromised it is important to take immediate action to sort out the problem as soon as you can. A hacked site can literally hack off visitors to your site and may lead to a black listing by the major search engines.

Google has long recognised that nothing is more annoying to bonafide users of their search engine than being directed to dubious web pages many of which will have been put there by disreputable outfits. To counter this Google have built up a comprehensive set of free web tools for anyone managing a website to make use of which will ensure your search results do not return a result indicating that your website is compromised. Locating and eliminating erroneous material on your website is a worthwhile activity and straight forward using the tools provided by the web's leading search engine.

Google shows this message in search results for sites that they believe may have been compromised.You might not think your site is a target for hackers, but it's surprisingly common. Hackers target large numbers of sites all over the web in order to exploit the sites' users or reputation.

Three ways using Google to find hacked content on your website

 

1 - Look out for unexpected urls and directories

Perform a 'site:' search of your website using Google – enter in the Google search field site:yoursite.com - a list of all the the pages will be displayed along with each page description – an inspection will reveal any pages that have been added surreptitiously.

You can also use Google to set up an Alert for your site. To set a Google Alert enter site:yoursite.com ("unlikely keywords for your site" viagra "pay day loans" etc.)

Google tips on entering Alert keywords

Try to be as precise as possible. The more precise your search terms are, the more relevant your alerts will be. Use quotes around a group of words if you are looking for them together.
Examples: "white house" "Mike Smith"

Put quotes around a single word to match that word precisely as you typed it, excluding synonyms and spelling variations.
Examples: "foard" (to stop Google including results for Ford)
Michael "Jacson" (to stop Google including results for Michael Jackson)

Use a minus sign (-) in front of words that you want to exclude.
Examples: paris -texas apple -fruit

Use the site: operator to limit your search to specific sites.
Examples: physics site:.edu congress site:nytimes.com

Use the site: operator with a dash to exclude specific sites.
Example: "joe bloggs" - site:twitter.com

2 - Check out the search strings being used to locate your website

Using Google's webmaster tools you can identify search terms that have been used to locate your website. Looking for unusual queries can be an indication that the site has been hacked. Don't dismiss queries in foreign languages because it could be that foreign language pages have been installed on your site.

3 – Activate email forwarding in the Google Webmaster Tools

Google will send email alerts out to you as webmaster if their systems detect unusual activity and actions on your website. Make sure that you activate the email forwarding option within the Webmaster Tools section.

Repairing and hacking prevention

Using the Security Issues section in Google's Webmaster Tools will identify compromised pages that their systems have detected on your website. You will also find a wealth of material detailing ways to rectify your hacked website.

Prevention is preferable to spending time fixing a compromised website. Hackers take advantage of security holes in website management software which can be effectively countered by always keeping the software running your website up-to-date. If your website is hosted and managed by a third party provider make sure you select a provider that has a recognised track record in maintaining a high level of security and customer support.

positional positional positional positional positional

TBK Design - some points of interest

TBK Design - some points of interest


Making your video work on YouTube

Identifying and fixing 'spammy pages' on a compromised website


image of the day

picture of the day

The daily photograph, graphic or illustration posted here are images that made us stop, look and think. In some cases the images influenced us and our design work. copyright status: PD

lead pencil

TBK Design - some points of interest

TBK Design - some points of interest

Making your video work on YouTube
May 12th, 2014
The two questions that I get asked more than any others with regard to online videos is 'how can we increase the number of views on YouTube and how can we make it go viral?’

Identifying and fixing 'spammy pages' on a compromised website
April 22nd, 2014
Surprising as it may seem, it can sometimes be difficult to know if your website has been hacked – it is often not until a third party notifies the webmaster that the site has is behaving malevolently that you are alerted to a problem. In this article we look at how to identify if your website has been hacked with spam pages.