SitePoint Sponsor

User Tag List

Results 1 to 9 of 9
  1. #1
    SitePoint Enthusiast
    Join Date
    Sep 2006
    Location
    UK
    Posts
    91
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Recovering from being hacked

    My website got hacked a couple of months ago. The hacker tried to insert a load of hidden links to various rogue sites but only succedded in breaking the coding so that the result was an error message rather than anything nasty being displayed.

    I've rebuilt the site and downloaded a new ftp client which I think may have been the security flaw.

    However, in analytics I still seem to be getting visitors to my site via adult keywords and in webmaster tools, the list of external links includes a lot of similarly dodgy adult terms.

    Is this just a hangover from the hacking and is there anything I can do sort this out properly? If I search using the same terms, my site does not appear in the google listings and I can't seem to find any dodgy links myself. However, using my standard google tools, I can't help thinking that something is amiss that I don't understand at all.

    Many thanks in advance if anyone can supply any help on this one.
    Last edited by arthur_negas; Sep 16, 2008 at 07:13.

  2. #2
    SitePoint Zealot
    Join Date
    Sep 2008
    Posts
    197
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    It is not because your are hacked.

    adult site that are in top for certain keywords advertise search terms by showing these search terms in results of many sites.

    They do it by requesting pages from your server with fake refer field with fake search queries.

  3. #3
    SitePoint Enthusiast
    Join Date
    Sep 2006
    Location
    UK
    Posts
    91
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Appreciate the feedback although I'm not entirely sure I understand.

    Is the whole point of this that I type in these search terms into google to try to work out why they are appearing in my analytics and they think I will visit their sites? Or does this somehow result in customers looking for my website coming across links to theirs?

    My concern is that my website's reputation, both in terms of visitors and for google search ranking, will be affected by this. If it is just a fairly desperate attempt to get a couple of hits, presumably I have nothing to worry about.

    Many thanks.

  4. #4
    SitePoint Zealot
    Join Date
    Sep 2008
    Posts
    197
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Yes. They wish you to type these search queries on search engine to see their site on the top and click it and then I guess they wish you to subscribed for their content.

    They advertise "search queries"
    It does not relate to issue when you was hacked.

    Real visitors do not see such queries.

  5. #5
    SitePoint Enthusiast
    Join Date
    Sep 2006
    Location
    UK
    Posts
    91
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Appreciate the info - that has put my mind at rest.

  6. #6
    SitePoint Evangelist ghurtado's Avatar
    Join Date
    Sep 2003
    Location
    Wixom, Michigan
    Posts
    591
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    That makes absolutely no sense, Max7.
    Garcia

  7. #7
    SitePoint Zealot
    Join Date
    Sep 2008
    Posts
    197
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Why?

  8. #8
    SitePoint Zealot
    Join Date
    Jun 2008
    Posts
    126
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    They send a request to your site with a fake referrer. They hope that when you see that referrer in your logs, you'll wonder why "people" are coming to your site from that dodgy site, and you'll go there to check it out.

    If you do decide to investigate, never do it by clicking on a link in cPanel's Latest Visitors report or on any live link in a stats report. If you do that, the referrer in your visit at their site will be your Latest Visitors page, which may expose info about your cPanel account that you don't want others to see. You can try it by clicking a link to your own site in Latest Visitors and seeing what the referrer looks like in your logs.

    If you investigate such a site, copy the link and paste it fresh into your address bar.

    Another reason they may do this is "referrer spam". If you publish your access logs or stats reports on a public page, their site gets a backlink on your stats page.

  9. #9
    SitePoint Zealot
    Join Date
    Sep 2008
    Posts
    197
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    I seen people clicking these links many times it is discussed many time.
    One dedicated server may do 10 million fake referrer hit a day.

    You hit 1000 site and get 1 hit back.
    It is 10000 a day.

    How much site with 10000 hits a day cost on sitepoint ?

    Dedicated server costs $100 per month.

    So you can spend 10 on domain, upload some site, $200 fake hits for 2 month and sell site for $$$$

    People who read webstats are webmasters and they often have alexa bar. So Alexa rating will show traffic even higher for such fake traffic.

    -----------

    Web Logs in public is possible to find on google. Such sites often get fake refer hit also.


Tags for this Thread

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •