News for Geek

Best Realm To Get Updated .

Popular Posts

Featured Posts

Sports

Games

Saturday, 28 February 2015

How to fix hacked site issue to stay away from google penalties?

3 comments :
Webmaster Level: Starter

Hello Reader !

Recently we posted Why Google Has Penalized Your Website? and  today we are back with the hot topic "How to fix hacked site issue to stay away from google penalties" does it sound interesting ? Yes we hope so.

Every day Hackers are penetrating and exploiting the vulnerability of almost 0.85 % of total availability of websites on the Internet. As you know how hacked sites could harm your visitors by serving malicious program, collecting sensitive information, or redirecting them to some other sites they didn't wanted to visit , web site owners are really in hurry to fix the hacked site issue but its not easy to find out altered code that is changed by the attackers.


Recently Google has talked to two web site owner with hacked sites to explore more on how they were able to fix their hacked websites. We're sharing their stories with you to hope that they might provide ideas to other webmasters who have been victims of hacking. Google also using these stories and other feedback for improving their documentation for hacked sites to make the process easier for everyone going forward.

Case Study 1: Restaurant site with multiple injected scripts:

A restaurant website using Wordpress received a message from Google in their Webmaster Tools account, alerting them that their site had been altered by hackers. To protect Google users, the website was labeled as hacked in Google's search results. The webmaster of the site, Sam, looked at the source code and noticed many unfamiliar links on the site with pharmaceuticals terms such as "viagra" and "cialis." She also noticed many pages where the meta description tags (in the HTML) had added content such as "buy valtrex in florida." There were also hidden div tags (also in the HTML) of many pages that linked to many sites. None of these links were added by Sam.

Sam removed all of the hacked content she found and filed a reconsideration request. The request was rejected but in the message she received from Google, she was advised to check for any unfamiliar scripts in the any PHP files (or any other server files), as well as changes to the .htaccess file. These files are likely to have scripts added by the hackers that modify the site.

These scripts typically only show the hacked content to search engines, while hiding the content from a normal user. Sam checked out all of the .php files and compared them to the clean copies she had in her backup. She found new content added to her footer.php, index.php, and functions.php. When she replaced those files with the clean backups, she could no longer find any hacked content on her site. When she filed another reconsideration request, she got a response from Google notifying her that her site was free from hacked content!
    1. Even though Sam had cleaned up the hacked content on her site, she knew that she would need to continue to secure her site against future attacks. She followed the steps below to keep her site safe in the future:
    2. Keep the CMS (content management system like WordPress, Joomla, Drupal, etc) up to date with the most current version. Make sure plugins are up to date as well.
    3. Make sure the account used to access the administrative features of the CMS uses a difficult and unique password.
    4. If the CMS supports it, enable 2-step verification for login. (This might also be called two factor authentication or two step authentication.) This is recommended for the account being used for password recovery as well.
    5. Make sure the plugins and themes installed are from a reputable source - pirated plugins or themes can often contain code that makes it even easier for hackers to get in!

      Case Study #2: Professional website with lots of hard to find hacked pages:

      A small business owner named Maria who also manages her own website received a message in her Webmaster Tools that her site was hacked. The message provided an example of a page added by hackers: http://example.com/where-to-buy-cialis-over-the-counter/. She talked to her hosting provider who looked at the source code on the homepage but could not find any pharmaceutical keywords. When the hosting provider visited http://example.com/where-to-buy-cialis-over-the-counter/, it returned an error page. Maria also bought a malware scanning service but the service was not able to find any malicious content on her site.

      Maria then went to Webmaster Tools and used the Fetch as Google tool on the example URL Google had provided (http://example.com/where-to-buy-cialis-over-the-counter/) which returned no content. Confused, she filed a reconsideration request and received a rejection message which advised her to do two things:
      1. Verify the non-www version of her site as hackers often try to hide content in folders that may be overlooked by the webmaster. While it may seem like http://example.com and http://www.example.com are the same site, Google actually treats these as different sites. http://example.com is referred to as the "root domain" while http://www.example.com is called the subdomain. Maria had http://www.example.com verified but not http://example.com verified which is important because the pages added by hackers were non-www pages like http://example.com/where-to-buy-cialis-over-the-counter/. Once she verified http://example.com she was able to successfully see the hacked content on the provided URL with the Fetch as Google tool in Webmaster Tools.

      2. Check her .htaccess file for new rules. Maria talked to her hosting provider who showed her how to access her .htaccess file. She noticed right away that her .htaccess file had some strange content that she had not added:

      RewriteEngine On
      RewriteCond %{HTTP_USER_AGENT} (google|yahoo|msn|aol|bing) [OR]
      RewriteCond %{HTTP_REFERER} (google|yahoo|msn|aol|bing)
      RewriteRule ^([^/]*)/$ /main.php?p=$1 [L]

      The mod_rewrite rule you see above was inserted by the hacker and redirects anyone coming from certain search engines, as well as search engine crawlers, to main.php, which generates all of the hacked content. It's also possible that these rules can redirect users accessing the site on a mobile device. On the same day, she also saw that a recent malware scan found suspicious content on the main.php file. One top of that, she also noticed an unknown user in the ftp users area of her website development software.
      She has removed the main.php file, the .htaccess file, and removed the unknown user from her FTP users area and her site was no longer hacked!

      Anticipated Step To Prevent Your Website Being Hacked :

        1. Avoid using FTP when transferring files to your servers. FTP does not encrypt any traffic, including passwords. Instead, use SFTP, which will encrypt everything, including your password, as a protection against eavesdroppers examining network traffic.
        2. Check the permissions on sensitive files like .htaccess. Your hosting provider may be able to assist you if you need help. The .htaccess file can be used to improve and protect your site, but it can also be used for malicious hacks if they are able to gain access to it.
        3. Be vigilant and look for new and unfamiliar users in your administrative panel and any other place where there may be users that can modify your site.


          We hope your site never get hacked , but if it does , do not worry just follow the google webmaster tools step by step guide line to get rid of this issue very soon, we are also open for all to help out , keep post your thought and requests in comment and let we work for you. 
          Sources : Google webmaster tools , Google webmaster Blogs.

          Sunday, 22 February 2015

          Why Google Has Penalized Your Website?

          6 comments :
          Hello folks!
          Webmasters: Entry Level

          google penalty infographics


          So are you losing your visitors probably a pool of potential customers/clients one who may worth millions dollars for you ? nowadays most Webmasters, SEO's and so called Website owners are afraid of being penalized from the worlds most popular search engine Google.

          It's pretty simple if you are really a honest follower of Google webmaster guide-line, you won't get hurt by either Google or other search engines.  If you are optimizing your website in a proper way, then no fear of penalization will touch your mind.

          Here, I would like to aware you about several thin strategies you must avoid in warming year of 2015, because from now Google is on uncompromising mission. It wants to give to users an accurate information, relevant content and needy stepped up sized results. It will continually revamping and improving its algorithms (Context to follow, Google Panda, Penguin, etc.) so that major web get filtered and avail with precise information that everybody looking for.

          Here what I called is my experience and keep we all should avoid it to stay away from being penalized by Google and deliver a delightful hope to our respected clients/customers.

          Paid links (Link buying)
          Are you still outsources/buy link for your website or client website? Please avoid it because, now days Google has made very strong updates with penguin and google identified patterns to deal with these type of paid link services .

          Reciprocal links
          Are you aware what does it mean? ,
          Its means, if Site B places a link on site A, after Site A owner assess the posted link of Site B, then the link for Site B is will  be publicly available on site A. In short, A <-> B (look like compromised back link ). This type of cheap link will be identified on free directory submission site , you must avoid using this non-profitable strategy.

          Duplicate content
          I do not think to emphasize more specially on this topic , however If you are doing it , you are inviting search engines to penalize your reputed site.

          Multiple H1 tags
          I recommend you to use only one H1 tag that will serve your most important keyword in header tag . Do not use extensive amount of header tag as well, it will surely hit your site once you have extensive number of pages with the same strategies. You can keep focus on paragraph to full fill the Google webmaster guide line.

          Other Language Links
          Yes, it impact bit high when you are getting large number  of backlinks from the website that are not tied with the same language that you are using to post the contents on your site. It is okay with few but better to avoid this.

          Keyword stuffing
          Do not use extensive amount focused keywords in your article, Google will interpret as a spam. If you planning to post an article of more then 1000 worlds, keyword consistency should not be more than 2.5 to 3.5 %. You can even bold <b>, italic <i>, emphasize <em> in header tag and meta tag, but avoid the meta tag keyword stuffing .

          Keyword Focused Footer links
          If you are template or some thing same provider , party website, you must ask your template user to include your site link as no-follow in htm tag i.e <a href="example.com" relation="nofollow" title="Web site template provider">website template provider</a>

          Incorrect XML sitemap
          Yes, it will be a bad signal if your xml sitemap redirect Google crawler to page not found (404) error , you can use several automated tool to build your web site xml site map with sufficient accuracy .

          Duplicate Meta Data 
          Duplicating some of meta tags in your website pages may lead your site to get ranked low, it is can be problem while you drove with CMS system. You must have some question regarding this, like how knows that they serve duplicate meta tag? Yes I have clear and very simple answer for that, drive to your verified website Google webmaster tool account for further managing the site, and simply click on HTML improvement to get some delightful results :)

          Keyword Stuffed Blog Commenting
          Do not comment regularly on the blog, it does not make any sense to click your link, rather you can focus on leaving URL without href tag in the comment that are followed by the anchor text.

          Duplicate Article Submission
          Are you spun articles to the free/paid article submission website ?, that will lead your site in trouble , Google panda will surely penalize for the duplicate content to the respective sites and penguin for you to duplicating the backlink with the same pattern .

          Getting Links from Poor PR Sites
          Avoid getting the backlink from the poor PR site. Now days Google will updating the PR since December 2013, so I recommend to you check the page author as well as a domain authority of the future backlink website.

          Irrelevant Forum linking
          This can be the another stupid reason to get penalized by the search engines. Please avoid the forum post link which are useless. If you are recommending a useful and relevant link, you will get link juice else it will poison your website .
          Incorrect Robots.txt
          A single mistake in Robots.txt file is enough to get your site banned by search engines , you must be aware of it. I recommend beginners to get away of outrageous glitch and try to contact the expert to make changes in this file. Here https://support.google.com/webmasters/answer/6062608  is the best resources available to take care of your website robot.txt file

          Having lot of Error codes
          Having lots of error in PHP code, html code and css file will certainly not optimize to get better ranking , you must make your webpage neat and clean so it should be w3c validated .

          Having broken links
          Broken link causes the low ranking because when some one landed to your site but they are not getting what they requested, you better make .htaccess redirect or html meta refresh redirect to avoid this instance .

          Hidden Links/Hidden content
          Are you hiding links/contents with you css skills?
          If yes, then you should be ready to receive the penalty from google penguin, this means you are intensionally blocking resources from public, it is only available for the code scraper alike bots.

          Low/thin quality content
          So are you are posting regularly on your blog or site, it is quite interesting and what search engines loves is fresh contents, but are you posting what type of content and what is the quality ratio? must ask yourself before publishing the post because posting five to ten lines of information does not make any sense. If your webpage has lower text to html ratio then it generates penalize signals i.e your site may get penalized.

          Anchor text Linking
          Articulated placed anchor text link will definitely grow your business with natural traffic beside you will catch the search engines bots to crawl your site frequently and algorithms to make your rank higher in the organic results. Dear readers the only problem is a huge amount of single focused keyword anchor text links that cause the penalties

          PBN (Private Blog Network)
          Now day this is bold and hot topic need to be discussed. Does google penalize the website which is directly high ranked due to the private blog network?
          My so called answer is , it depends on several points which is listed below.

            • Are you hosting all your site on the same server ?
            • Are you registering all the PBN domains with the same details ?
            • Does your Whois Information available in Public ?
            • Are you marketing only single site on all the blogs/sites ?
            • Are all your PBN sites has a same themes, same niches, same categories that cater user need ?
            • What is the PA and DA of all the blogs/sites ?
            • Does some of site has a PR ?
            • All links are single tier ? 

            hmm , Now its seems like you are ready to create your own PBN and rank your site better then ever, but first you must solve above listed problem before starting your own private blog network.


            Conclusion: So readers now are you aware of common seo glitch to avoid in future , if i forget something to get listed above, i would really be thankful for your comments and odds as well.