Site being targeted by hardcore porn links
-
We noticed recently a huge amount of referral traffic coming to a client's site from various hard cord porn sites. One of the sites has become the 4th largest referrer and there are maybe 20 other sites sending traffic.
I did a Whois look up on some of the sites and they're all registered to various people & companies, most of them are pretty shady looking.
I don't know if the sites have been hacked or are deliberately sending traffic to my client's site, but it's obviously a concern. The client's site was compromised a few months ago and had a bunch of spam links inserted into the homepage code.
Has anyone else seen this before? Any ideas why someone would do this, what the risks are and how we fix it?
All help & suggestions greatly appreciated, many thanks in advance.
MB.
-
"in a case like this is it sensible to preemptively remove the links with the disavow tool?"
Once again, the Disavow tool was offered as a last resort by Google. Many webmasters seem frustrated the tool is not working as they expected, and the issue is typically they ignored Google's instructions for the tool's usage.
Prior to using the Disavow tool, you need to make an exhaustive effort to remove the links. Send a polite letter to the WHOIS address for the domain explaining the problem and identifying specific links from that domain which are pointing to your site. If there is no response within 3 days, send the same letter to an email address found on the site itself. If you still do not receive a response, check for a Contact Form on the site.
Try to learn what is going on with the site. Ask site owners how these links were created. It surely can be the result of negative SEO, but in the overwhelming majority of cases I have worked with, it is either the client or an agent acting on behalf of the client. Try digging a little deeper.
-
Hi again Ryan/Gordon,
Sorry to bring this one up again, but we could use some more input if possible. It turns out the number of referring URLs is way higher than we originally thought. I've also done some digging in OSE and have found a huge number of links from dubious sources. It's going to take some time to refine the list but we're probably looking in the thousands.
There's no doubt that this is malicious as we have never done anything to build links like these.
We've not yet noticed any penalty or received any warnings but in a case like this is it sensible to preemptively remove the links with the disavow tool?
One other thought: it seems suspicious that this has happened around the same time that the site itself was hacked with similar links inserted into the homepage.
My best guess is that the site hasn't been specifically targeted but has been caught up in some kind of automated spam attack. I've looked at some of the other offending sites and all the links are in odd places - hidden in the code or in strange anchor text. Is it possible that a robot has crawled all these sites and inserted spam links to create some kind of massive "link wheel"?
In this case what's the best preemptive solution before we get slapped with a penalty?
Thanks again...
-
There are not any general endorsements I can share. Your chosen expert may vary depending on your hosting environment, site software and budget.
-
I appreciate your time & help Ryan. I will pass all those suggestions on.
If they choose to bring in a security expert in to take a look, do you have any recommendations?
-
"As for the client's site hacking, as far as I'm aware their webmaster & in-house team dealt with that when it happened."
The webmaster and inhouse team likely had a gap which was exploited. It may be best to bring in an outside security consultant to review the matter.
"if our messages go unacknowledged, what else can we do about it?"
In my experience, 25 - 60% of removal requests are honored, depending on the site. If you are working with numerous site owners, either some of them will respond or you are likely doing something wrong. Ways to contact a webmaster:
-
use the WHOIS information to send an email
-
use information from the site. Before you say they don't have anywhere, check thoroughly.
-
use the site's Contact Us form
-
call the site with the number on the site or their WHOIS phone number
-
mail the site
-
check for social pages such as facebook and contact them via that method
You shared there are around 20 sites linking to your client's site. Some of them should respond.
-
-
That's good. Sorry, but I had missed the part where you said your clients site was compromised previously....
-
Thanks Gordon,
The links are no-follow so for the time being I'm not too worried about link spam penalties. We'll try to contact the site owners first and will then disavow the links if nothing else works...
Cheers, Matt
-
Thanks for your detailed reply Ralph As for the client's site hacking, as far as I'm aware their webmaster & in-house team dealt with that when it happened. I will pass your notes on to the team and check they are 100% confident that the security lapses are fixed. We are in the process of identifying & contacting the webmasters of the referring sites to requests the links be remove. However, if our messages go unacknowledged, what else can we do about it? The links are mostly no-follow which is a minor blessing and we haven't seen any link manipulation warnings in GWT yet. Still confused on their motives/reasons though.
-
"The client's site was compromised a few months ago and had a bunch of spam links inserted into the homepage code."
Has the issue been fully resolved? What steps have you taken to ensure the site's code is clean and remains clean? Some examples:
- placing the code on a test server and having an expert examine the code
- crawling the site and examining all links
- upon completion of the code analysis, implement a system which detects any coding changes and notifies you of the change
- ensure you are using professional development services with professionally developed extensions
- check your hosting. At a minimum, VPS hosting should be used. Do you have a firewall in place? What type of precautions does the host take (i.e. are you with a major host such as Rackspace, HostDime, etc? Or a host no one has heard of?)
- Use a service such as Symantec or McAfee SSL which offers daily site malware scanning
Every time I have worked with a compromised site, there have been major gaps or a complete lack of site security.
With respect to the links, the Disavow Tool can be used as a means of last resort. Google is very clear the tool should not be used until all other methods have been exhausted.
Have you tried contacting any of the webmasters to inquire about the links? That would be a start. You stated they are from independently owned sites. If that is true, then some of those webmasters will likely be cooperative and help you understand why they are linking to you.
We are happy to help Matthew. There is a lot more detailed information required which is missing from your question. There are dozens of possible causes and solutions.
-
Hi Matthew,
Sorry to hear this, and it's not good news. As to how/why it's happened, I can only guess one of two resaons. Either someone who knows nothing about SEO has decided s/he would "help" the whole SEO process and buy some links in. Or, and possibly more likely it may be a competitor who is doing a negative SEO campaign with the desire to lower your organic rankings, ensuring you will be penalised by Google.
You can now use the Google Webmaster tools and use the disavow tool to tell Google to ignore those links.
Hope that helps and all the best.
Gordon
Browse Questions
Explore more categories
-
Moz Tools
Chat with the community about the Moz tools.
-
SEO Tactics
Discuss the SEO process with fellow marketers
-
Community
Discuss industry events, jobs, and news!
-
Digital Marketing
Chat about tactics outside of SEO
-
Research & Trends
Dive into research and trends in the search industry.
-
Support
Connect on product support and feature requests.
Related Questions
-
Consolidating small sites into one big site
Hi I have several small review sites in multiple categories and want to consolidate them into a single review site(aged domain I just bought) I'd redirect the old sites to the new one. If I just copied all the old articles onto the new website with solid DA, would this work or would Google think Im trying to start a PBN? Thanks! Eddie
White Hat / Black Hat SEO | | calentador20190 -
Leveraging A Second Site
Hi, A client of mine has an opportunity to buy/control another site in the same niche. The client's site is the top-ranked site for the niche. The second site is also often top half of page one. The second site has a 15 year old design that is a really bad, almost non-functional, user experience and thin content. The client's site (site 1) has the best link profile and dominates organic search, but the second site's link profile is as good as our nearest competitor's link profile. Both sites have been around forever. Both sites operate in the affiliate marketing space. The client's site is a multi million dollar enterprise. If the object were to wring the most ROI out of the second site, would you: A) Make the second site not much more than a link slave to the first, going through the trouble to keep everything separate, including owner, hosting, G/A, log-on IPs, so as not to devalue the links to 1st site, etc? Or... B) Develop the second site and not worry about hiding that both are the same owner. Or... C) Develop the second site and still worry about it keeping it all hidden from Google. Or... D) Buy the second site and forward the whole thing to site 1. I know the white hat answer is "B," but would like to hear considerations for these options and any others. Thanks! P.S., My pet peeve is folks who slam a fast/insufficient answer into an unanswered question, just to be the first. So, please don't.
White Hat / Black Hat SEO | | 945010 -
Scraped site, hijacked searches for business name.
Hello, I have a site that was scraped (possibly by a competitor's seo company), who then built links to the duplicate site. When people do a search for the name of the business the scraped site is all that comes up along with the usual third-party sites. They seem to take the site down and put it back up every couple of weeks to maintain the rankings in Google. Has anyone ever dealt with something like this? Any advice or recommendations would be appreciated. Search: LIC Dental Associates Scraped site: old-farmshow.net Legit site: licdentalassociates.com Thanks, Emery
White Hat / Black Hat SEO | | tntdental1 -
Is a Link Wheel Safe If I Control the Wheel?
Hi, folks. Our company operates over 50 disease-specific, nice websites. Currently, we're building resource/landing pages for some therapies and other related topics. One experimental therapy is being investigated across four different disease types: cystic fibrosis, Muscular Dystrophy, Hemophilia, and cancers. We have sites for all of them, and have created original landing pages for each site. Question: is it safe / does it make sense to "link wheel" these pages, especially since the wheel is composed of all our own sites? The other option of course is to simply interlink all of them, but will I get more visibility with a cyclical linking scheme? I'd love to hear your thoughts on this. Thanks!
White Hat / Black Hat SEO | | Michael_Nace1 -
Spam signals from old company site are hurting new company site, but we can't undo the redirect.
My client was forced to change its domain name last year (long story). We were largely able to regain our organic rankings via 301-redirects. Recently, the rankings for the new domain have begun to plummet. Nothing specific took place that could have caused any ranking declines on the new site. However, when we analyze links to the OLD site, we are seeing a lot of link spam being built to that old domain over recent weeks and months. We have no idea where these are coming from but they appear to be negatively impacting our new site. We cannot dismantle the redirects as the old site has hundreds, if not thousands, of quality links pointing to it, and many customers are accustomed to going to that home page. So those redirects need to stay in place. We have already disavowed all the spam we have found on the old Search Console. We are continuing to do so as we find new spam links. But what are we supposed to do about this spam negatively impacting our new site? FYI we have not received any messages in the search console.
White Hat / Black Hat SEO | | FPD_NYC1 -
1 business targetting multiple local locations
When researching a new client - I just came across a site in the same field which is ranking really well for all the local towns/cities/villages in the area. Each page for each town is a duplicate only changing out the town name (which appears 13 times on the page) - all pics and videos are the same. His url structure is along the lines of: budget-business-domain.com/budget-business-area/budget-business-town/ The domain was registered in 2012 - all backlinks are internal - anchor text is the same. I think it shouldn't be working.... but it is 😞 Why is this working?
White Hat / Black Hat SEO | | agua0 -
Untrusted site - malware!
I recently had my link profile done as I was badly effected by something in 2012 (Penguin, Panda.. who knows? never got a message from google in webmaster about anything). Loads of INBOUND links were identified as being 'dodgy'' and the person highlighted them in different colors. However, another seo éxpert' told me to leave them (perhaps remove just 3 of them) and don't bother with the rest. Now I am not sure what to do? Any opinions? RED
White Hat / Black Hat SEO | | Llanero
3 were highlighted as being from untrusted malware. I think I should disavow them but really, would 3 make that much difference for a fall in my site? ORANGE
240 were said to be spam articles and I was advised:
The following pages highlighted in orange are on sites created for the purpose of publishing articles for link building. Since the same articles appear on multiple sites, Google views this as duplicate content. Links to Monteverde Tours in these articles should be removed or tagged "nofollow." Where this is not possible, the domains should be disavowed. YELLOW
85 were said to be from Low-quality directories
The following pages highlighted in yellow are on low-quality directories and link farms. Links to Monteverde Tours on these pages should be removed or the domains disavowed. GREEN
340 were said to be from sites were the page was not found , Account suspended, Problem loading page, Link removed, domain expired
The following pages highlighted in green include pages whose links to Monteverde Tours have been removed and pages that were inaccessible for various reasons, as shown in the Comments column. These pages or their domains should be disavowed to remove them from the Google index. I have read (and asked on this forum) about disavow but the more I read the more I am getting confused about the next action. I tried for one year to get rid of any bad outbound links, did blogging, social media, improved content, landing pages etc but all to no avail. Any opinions appreciated. I am not looking for a magic bullet, I know there isn't one. I know I need to keep improving content etc but after a year of NO improvements should I consider the link removal route? <colgroup><col width="215"></colgroup>
| Untrusted site - malware! |0 -
Google authorship and multiple sites with multiple authors
Hi guys :). I am asking your help - basically I would like to know what would be the best way to set all of this up. Basically I have two main (e-commerce) sites, and a few other big web properties. What I would like to know is if it is ok to link the main sites to my real G+ account, and use alias G+ accounts for other web properties, or is that a kind of spamming? The thing is that I use a G+ account for those e-commerce sites, and would not necessarily want the other web properties to be linked to the same G+ account, as they are not really related. I do hope I was clear. Any insight would be appreciated. Thanks.
White Hat / Black Hat SEO | | sumare0