Hacked Server IP Range Penality?
-
I use a justhost.com reseller account to host about 15-20 of my own websites. None of the sites are related, nor do I interlink or do anything blackhat with any of them. All of the sites have unique content. Some of it isn't great, but I didn't use a writing service on any of then, it was all written by myself.
Recently I found a list of my sites (as well as about 200 others hosted by justhost) on a hacker website that listed the cpanel usernames. I alerted the host and the issue is being fixed. I am changing all of my usernames and passwords for all of the sites.
Anyway, I recently took a look at some analytics and rankings and noticed that I lost a lot of my rankings on a handful of those sites recently. I know there was the big de-indexing of junk blogs recently, but I don't think that is the case. I can still find all of my sites in Google, they are just out of the first 50 results, when a majority of them were ranked from 5-20 in the SERPs.
Here are three of the sites and their phrases:
http://nintendoconsoles.com/ "nintendo consoles" - This domain I bought from someone so there could be some sort of sandbox period for it.
http://webhostingfordrupal.com/ "web hosting for drupal" - This was a new register.
http://seotirical.com "seotirical" - we don't show up, but all of the tweets and links to us do. - This was a new register.
I realize these sites aren't perfect, and might not have been ready for the first page. The Nintendo site is about 3 months old, but the Drupal site has been around for 8+ months. I might try adding a fresh piece of content tonight to see if that helps, but I thought it was curious that it happened across the board with about 5-6 sites on my one reseller account. I don't even know if the top portion of this post has anything to do with the problems, but I thought I'd see if anyone has insight.
Cheers,
Vinnie -
Shane,
Thanks again for the response. I agree those pages aren't the strongest, and don't have a ton of great content. A few of my other sites have more than 2-3 articles, and the content is rich with media.
I guess time and content will tell. If after a few weeks of adding some new content and building a few links nothing has improved, I will start to worry. It just seems shocking that one of my sites that has been holding the 6th position for it's exact match phrase (and has some links/social) dropped completely out of the top 50.
The sites and pages are still indexed, but only come up when you search the exact URL.
Vinnie
-
by hit, do you mean de-indexed or just bumped down aggressively?
Cause the ones you gave seem to be affiliate sites, with thin content, and light design elements, so I can definitely see how these could have been devalued.
Here is the reason I am pretty sure it is not a "Hack Penalty"
First, I am not sure that exists - Google cannot interpret if you have been hacked or not, only if their is malicious intent on your site due to or after the hack.
And as to your password being readily available.. anyone could create a site like this, with passwords, and without google going through each page on the web like this, they would not know if it was real or not. (it is also very easy to brute-force or rainbow a commercial host)
This creates a whole new realm for Google as web avenger, as well as SERP integrity protector.
I am just not sure the password release could be involved.
UNLESS!
A penalty was leveraged against justhosts ENTIRE commercial subnet, due to a issue that was caused due to this password release.
But I do not think you or the sites would be singled out due to the password release, only if something bad enough happened that got Google's attention..
BUT then i believe you would be de-indexed, not de-valued.... (blacklisted)
hopefully this opinion was clear as mud
-
Shane,
Thanks for the input. I agree about securing down the site first. I have checked webmaster tools, and no messages are coming up. No suggestions at all are coming up.
I looked into it a bit more, and it seems like 90% of my sites on that one host were hit, but none of my other sites on different hosts were affected at all. I am gonna try to add a piece of fresh content to each site this week, and maybe get a few social signals. I am not panicking yet, but when I see that 10 sites have all lost all of their rankings (and aren't even showing up for their title tags), it's slightly concerning to me.
-
I believe they are coincidental...
I am not sure Google would take action on the entire Subnet range, for a password breach.
I believe it is only when malicious intent is found or suspected, and the release of passwords was not a malicious act in its own.
Check your Webmaster Tools for Malware messages, and see if there are any other messages. As say, you might have just fell victim to the latest round of quality checks from algorithm - You may have just been bumped -
The idea of first making sure you are protected - then trying to get some fresh content and social signal/links is probably the route I would take.
Shane
Browse Questions
Explore more categories
-
Moz Tools
Chat with the community about the Moz tools.
-
SEO Tactics
Discuss the SEO process with fellow marketers
-
Community
Discuss industry events, jobs, and news!
-
Digital Marketing
Chat about tactics outside of SEO
-
Research & Trends
Dive into research and trends in the search industry.
-
Support
Connect on product support and feature requests.
Related Questions
-
Does having a sub-domain on a different server affect SEO?
I'm working with a company that has a hard-coded website on the root domain, and then a WordPress blog on a subdomain on a separate server. We're planning on implementing a hub and spoke model for their content, hosting the main hubs on the root domain and the linked articles on the blog. Is having the blog on a different server going to hinder our SEO efforts?
Technical SEO | | KaraParlin0 -
Manual action due to hack
We have had some issues with one of our websites getting hacked. The first time it happened, we noticed it the next morning and cleaned it up before Google even realised. However, the same thing happened again over the weekend, and I came into the office to an email from Google: Google has detected that your site has been hacked by a third party who created malicious content on some of your pages. This critical issue utilizes your site’s reputation to show potential visitors unexpected or harmful content on your site or in search results. It also lowers the quality of results for Google Search users. Therefore, we have applied a manual action to your site that will warn users of hacked content when your site appears in search results. To remove this warning, clean up the hacked content, and file a reconsideration request. After we determine that your site no longer has hacked content, we will remove this manual action. _Following are one or more example URLs where we found pages that have been compromised. Review them to gain a better sense of where this hacked content appears. The list is not exhaustive. _ We have again cleaned up the website, however, my problem is that even though we have received this email, I cannot find any evidence of the manual action having actually been applied. I.e. it doesn't show in the Search Console and I am also not getting a warning in the search results when searching for our own website or clicking on the result for our website. That means I cannot submit a reconsideration request - however I am not sure at all there was actually a manual action applied at all based on my test searches. Has anyone here experienced the same issue? What do you suggest doing in this case? Thank you very much in advance for any ideas.
Technical SEO | | ViviCa10 -
Will Google Also Penalize Desktop Rankings If Your Site is Not Mobile Friendly?
Apologies if this question has already been answered. I was unable to find it. For desktop organic rankings: Will Google take into consideration mobile-readiness as a ranking factor? Thanks in advance for any reply, Kind regards,
Technical SEO | | Eric_Lifescript
Eric Darby1 -
Should I delete a page or remove links on a penalized page?
Hello All, If I have a internal page that has low quality links point to it or a penality. Can I just remove the page, and start over versus trying to remove the links? Over time wouldn't this page disapear along with the penalty on that page? Kinda like pruning a tree? Cutting off the junk limbs so other could grow stronger, or to start new fresh ones. Example: www.domain.com Penalized Internal Page: (Say this page is penalized due to keyword stuffing, and has low quality links pointing to it like blog comments, or profiles) www.domain.com/penalized-internal-page.com Would it be effective to just delete this page (www.domain.com/penalized-internal-page.com) and start over with a new page. New Internal Page: www.domain.com/new-internal-page.com I would of course lose any good links point to that page, but it might be easier then trying to remove old back links. Thoughts? Thanks! Pete
Technical SEO | | Juratovic0 -
Linux Server recognizing ASP Pages (301)
Greeting, I am in the process of 301 a group of pages on our site. We are thinking about switching from ASP to a Linux Server. Question 1. - Would anyone have any information of creating a Sever Spoof so that the Linux Server will recognize asp pages for a 301? Question 2 - How will this style of 301 Effect SEO rankings? Thanks, Tony
Technical SEO | | Tonyd230 -
IPs and Domains
If a domain loads on the domain and the IP is that a problem? So it loads on domain.com and 69.16.....com Thanks!
Technical SEO | | tylerfraser0 -
How do I check if my IP is blocked?
We changed servers and where our sites once ranked very highly (page 1 for all sites), they now are nowhere to be seen. Someone suggested that our IP might be blocked. Someone else suggested SEOMoz was the place to go to get it checked. Any help would be GREATLY appreciated. With thanks. Bryan
Technical SEO | | FortressLearning0 -
IP address URLs being indexed, 301 to domain?
I apoligize if this question as been asked before, I couldnt' find in the Q&A though. I noticed Google has been indexing our IP address for some pages (ie: 123.123.123.123/page.html instead of domain.com/page.html). I suspect this is possibly due to a few straggler relative links instead of absolute, or possibly something else I'm not thinking of. My less-evasive solution a few months back was to ensure canonical tags were on all pages, and then replaced any relative links w/ absolutes. This does not seem to be fixing the problem though, as recently as today new pages were scooped up with the IP address. My next thought is to 301 redirect any IP address URL to the domain, but I was afraid that may be too drastic and that the canonical should be sufficient (which it doesn't seem to be). Has anyone dealt with this issue? Do you think the 301 would be a safe move, any other suggestions? thanks.
Technical SEO | | KT6840