For at least the last six months, one of my blogs has been hacked and I didn’t know about it. For all I know, it is still hacked.
As Aaron Wall pointed out over at SEO Blog, there is a sophisticated new method of link cloaking that hackers are using where only GoogleBot sees the hacker’s spammy xanax links.
I had guessed that my site was hacked around last August because the site was de-indexed from Google. However, I went to Google’s webmaster tools at the time to look at “What Google Sees” and didn’t see any spammy keywords. Then, I checked all the files on my webserver and didn’t find any obvious changes. Then I scanned the database for common spam hacker tactics. Nothing. So as a last resort, I simply deleted all the WP files off the server and re-installed a fresh installation of WP.
In the past, this methodology has solved all my spamhacks. But not this time. And to this day I still don’t know if I’ve solved the problem. What I do know is that the site has actually been hacked because now when I go to Webmaster Tools “What Google Sees” and look at the cache of pages on my site, I see lots of spammy phrases.
So, 6 months later, I’ve gone ahead and rechecked everything. I’ve run the Exploit Scanner plugin and it doesn’t see a problem. I’ve looked through the theme files, including functions.php and still don’t see the issue.
What makes the problem especially tough to identify is the cloaking aspect. Because it’s impossible to test whether you’ve fixed the issue in real time. Instead, you are left waiting for the next time Google caches a page on your site.
So here’s the request for Google’s Webmaster Tools…
- Provide immediate email notifications if spamlink hacking is detected on a site.
- Because of the cloaking issue, allow a webmaster to request an immediate site review (just like you do for initial site authentication)
- Provide webmasters a robust toolkit of actions that they can take to remove the specific spamlink hack that’s detected on their site.
The fact of the matter is that spamlink hacking has gotten too sophisticated for even the average webmaster to keep up with. With widely distributed CMS software like WordPress and sophisticated attack methods, web security is not as simple as it used to be. It’s time for Google to help us out. And this post is my plea for help