Ack, it’s a Hack!
According to BlogStorm, “Every month thousands of websites get hacked into and have hidden links inserted into the pages by people wanting their spam sites to rank highly in the search engines.” That’s a pretty big problem.
When this happens, the majority of site owners aren’t even aware of it and suddenly Google traffic is completely gone. Why? MickMel says that “if you get hacked, Google will stop sending traffic to your site but they won’t tell you about the problem.” Ack!
How to Save Your Site
Google Alerts to the rescue. Get notified instantly if you’ve been hacked because a majority of hackers use some common terms in their inserted links. It’s actually really simple. First, go to Google Alerts:
Under “Type” select Comprehensive so all types of sites are searched. For “How often,” select as it happens so you’re emailed immediately. Be sure to enter an email address you have open on your desktop so you don’t miss out. For “search terms,” create alerts for the following terms (which I’ve made in image form so Benn doesn’t have 10 trillion spam comments for this one post!):
TIP: don’t set up 100 alerts, do it all at once by using “OR” in caps between each term, so it’ll look like this: “bugs OR dogs OR cats OR fish site:yoursite.com” (make sure it says “site:yoursite.com” so it searches JUST your site, not the entire interwebs)!
Hooray!
So now you’ll know if any icky hackers have planted their flag in your site, hooray!
original image by boboloo
originally published August 17, 2008
Kim Wood
August 17, 2008 at 6:36 pm
Wow. I have some Google Alerts set up, but I just learned that you should specify the “icky” words and that you can have it search just your site!!!
You ROCK, Ma’am! I know I tell you that – but there it is again….. something may have been so simple for you – but so helpful for some of us others!!!!
THANKS!
Heather Tawes Nelson
August 17, 2008 at 7:02 pm
Lani-
Hooray to you! Thank you for the important info. This is a great and easy way to stay on top of any unsavory activity. Thanks again for the head’s up – my alerts are up and running now!!
Mark A.
August 17, 2008 at 7:19 pm
Pretty big headache, and you haven’t even touched on SQL injection problems, thousands of nasty bots pretending to be Google bot, cross-site scripting, fake user agents, the list goes on and on.
For WordPress blogs, there is a nice security plugin which can be found here. Together with Akismet or Bad Behaviour, it should keep blogs rather safe. Until the bad guys find a new loophole.
Amy Webb
August 17, 2008 at 7:26 pm
Cna you clarify the instruction please: My understadning of Google Alerts is that they send you notification when the topic is mentioned on ANY website, blog, news item etc…anywhere on the internet. If I set a Google alert for the word s-x, surely I am going to get one very LONG email from google once a day: but how do I specifiy that I only want Google to search MY site for mention of that word?
Lani Anglin-Rosales
August 17, 2008 at 7:30 pm
Here’s how ya do it:
Hope this helps safeguard your site, Amy! 🙂
Kim, this is new to me too, I just share with you the knowledge nuggets I seek out online. 🙂 Thanks for the compliments- now get to hack-safeguarding your site!
Amy Webb
August 17, 2008 at 7:41 pm
Got it, Thanks!
Paula Henry
August 17, 2008 at 9:13 pm
Thanks Lani – Ack is right! I have added to my Google Alerts; hopefully, I won’t have receive any alerts for this.
Linsey
August 17, 2008 at 9:18 pm
I have a question that maybe you can answer. I have a Google Alert set up for my name and my company’s name – Belterra Fine Homes.
I recently received an alert with 3 sites – 2 I recognized as my own and one was definitely not related to me but had my company name tied to it. It looked fairly innocuous but when I clicked on the link, I almost fell out of my chair. Is this along the lines of what you are talking about and if so, what the heck do I do about it?
Jay Thompson
August 17, 2008 at 9:59 pm
Linsey –
What you’re referring to sounds like “scraping”. Certain lowlifes take content from others and republish it on their own site. Usually they throw in a bunch of ads and try to make money off your work.
They’re a pain in the rear. There are ways you can get them shut down (sometimes), but it entails some work. The “DMCA Notice” is the best weapon against these idiots. I talk a little about it here.
Jamie Geiger
August 17, 2008 at 11:50 pm
thanks for this info- I have been getting so much spam email for all those “big” words haha- off to google alerts
Thanks!!
Missy Caulk
August 18, 2008 at 5:35 am
I couldn’t live without my google alerts, never thought about this, but the ones I get so far, cross fingers are legit, I do get some from my blog sent to splog sites, but askmet catches the majority.
Jennifer in Louisville
August 18, 2008 at 6:13 am
Great tip. If you are around long enough, your site will probably get hacked (or at least attempted to get hacked) at some point. Excellent little trick to make sure you keep an eye on your site and get rid of the offending code almost as soon as it gets put in.
Holly White
August 18, 2008 at 7:44 am
Sweet little tip there Lani. My site has been hacked a couple of times and this would have been a great tool to use to at least know that I been so I could correct it in a timely manner. Thankfully I don’t think it hurt my Google traffic, but still would have been nice. Thanks!
Matt Thomson
August 18, 2008 at 8:33 am
Does anyone know the next step? I was hacked about 3 months ago, but didn’t know it was a hack (I”m not tech savvy as was posted on AG a few days ago). All I know is that I started getting about 25 requests daily from my “Contact Me” form on my website from people selling all of the above mentioned “keywords.”
How do I get rid of them? How do I unhack myself?
Amy Webb
August 18, 2008 at 8:45 am
@ Matt: You probably were not “hacked” per se but you more likely have been found by the “spambots” because of an unencoded email address on your site. You have your email address written out in the sidebar of your real estate website and it does not look properly obscured or encoded in the source code to me ( but I am not an expert )….and that is likely the problem.
Jay Thompson
August 18, 2008 at 9:12 am
Matt – I concur with Amy. Not hacked, but your contact form has been “discovered” by the spammers. They are likely using automated bots to populate and submit your form. If your web provider provides some sort of “anti-spam”, it should be enabled (a “captcha” works pretty well. One of those things where you have to type in some letters or answer a simple question).
Incidentally, I found it very difficult to find your contact info on your blog. You may want to add a “contact us” page or button. cFormsII is a great WordPress plugin for forms, and it includes captcha capability.
Elaine Reese
August 18, 2008 at 11:33 am
Here’s a question. On my WP blog, I have it set to moderate all comments. Once I ‘ve approved a person, they can comment without being held. I only approve people that I know or trust which can be Realtors or the public. If there’s even just one hyperlink, the comment gets held in Akismet until I review. Given the way I have it set up, am I likely to avoid the hackers???
Benn Rosales
August 18, 2008 at 11:40 am
Elaine, keep up with your wp updates on your site, that is the best way to combat trouble.
In the dashboard of wp, at the very bottom, you see updates from wp- follow them. That is the fastest communication from wp of known issues there is- check it daily.
Besides protecting often changed passwords, limiting exposure of the admin side, removal of meta links to the admin side, making sure that subscribing is limited only to that of subscriber are also very basic, but important solutions.
I would also advise that you are careful of the types of topics you write about. There are obvious keywords folks are looking for.
Elaine Reese
August 18, 2008 at 9:30 pm
Benn, thanks. I’ll take your advice.
Doug Devitre
August 19, 2008 at 6:29 am
Great post and response to comments. Very nicely done.
Google alerts can also be a useful tool for both you the agent, company, service provider, etc., but can also be a good tool for seeing what your competition is doing in your market place. This includes keywords, names, geographical points of reference etc. If you add your competition to your Google Alerts then you can be knowledgeable about what they are doing are what they are not doing. This gives you a competitive advantage on the web, especially when clients ask.
Vicki Moore
August 19, 2008 at 1:25 pm
Thanks Lani. I didn’t even know this was possible. I’m ready for them now though!
Joe Loomer
August 3, 2009 at 9:53 am
Thanks Lani – I hadn’t set this up but I did it in five minutes following your explicit and easy to apply instructions.
Navy Chief, Navy Pride
Ken Montville - MD Suburbs of DC
August 3, 2009 at 10:55 am
This is seriously good information!
Ian Greenleigh
August 3, 2009 at 12:45 pm
Never thought of using Google alerts in this way! Neat trick!
Judy Peterson
August 3, 2009 at 1:48 pm
Lanni, I have Google Alerts set up but never knew about this. A helpful tip I hope not to need. Thanks!.