Curated by: Luigi Canali De Rossi

Friday, December 5, 2008

Traffic Drop? WordPress Site Hacked? What To Do And How To Protect Your Blog From Sudden Disaster

Sponsored Links

Every web publisher knows the importance of Google traffic and of avoiding the risks of being penalized. All too often, a sudden traffic drop may be the symptom of a hacking attack to your web site, and until you realize what has exactly happened and what to do to correct it, you may lose lots of traffic and its associated revenues. WordPress in particular, the most popular blogging platform today, is increasingly targeted by spammers and malicious attackers trying to exploit each and every code vulnerability.

Matteo Ionescu and Daniele Bazzano

Are you sure your web site is completely under your control? Spammers and hackers easily add fake web pages and malicious links to your web site without you even knowing it. Then they steal your content and redirect your visitors to bad web neighborhoods. When the Google bot find out all of this, you know your site will not be among the first set of search results anymore.

To better understand how to prevent your web site from suddenly losing its traffic or authority within the Google SERPs, I have asked in these two short videos Matteo Ionescu, Robin Good's personal SEO advisor, to suggest some basic guidelines to follow to prevent such situations from happening and to protect your content from being used in ways that may damage the credibility and visibility of your web site.

Here the two videos with a full text transcription with all of Matteo's advice:

Intro by Daniele Bazzano


Sudden Google Traffic Loss: Possible Causes And Remedies

Duration: 4' 41"

Full English Text Transcription


Daniele Bazzano: Hello everyone, this is Daniele Bazzano for MasterNewMedia, and I'm here today with Matteo Ionescu, which is Robin Good's personal SEO, search engine optimizer.

Hi Matteo, how are you doing?

Matteo Ionescu: Fine Daniele, thank you. How are you?

Daniele Bazzano: I'm doing great, thank you.


Google Traffic Failing Issues

Daniele Bazzano: Matteo, I just contacted you because I wanted to know... What can I do if I see that Google traffic is failing on my site?

Matteo Ionescu: If your Google traffic is going down, I'd suggest to look for all your recent changes in your web site, especially regarding outgoing links.

Maybe you've put some links to a bad neighborhood, or maybe there's a link on your web site to a bad web site and you don't even know anything about it.


Keep a Good Security Level on Your Web Site

Daniele Bazzano: So, there can be links to bad neighborhoods in my web site that I don't know anything about? How this could be possible?

Matteo Ionescu: Unfortunately today hacking is very common.

Hackers use some tricks to put links to spam web sites, like using some comment forms or mailing forms, or also using some FTP magic in order to put some web pages that you don't know anything about on your web site.

So, check your FTP and be careful about keeping a good security level on every aspect of your web site.


Check Your Web Site For Duplicated Or Stolen Content

Matteo Ionescu: Another thing I would suggest to look closely is the web site's navigation.

If you've made some changes to navigation menus, I'd suggest to turn off Javascript and have a look around and check if all pages are still reachable also with Javascript disabled.

Besides this, duplicate content problems can also be critical. if you've introduced some new features on your web site, that allow to see content in a different way, be careful not to create too many useless pages or take care of this with a noindex tag.

Also, go on Google and search for your main keywords and your articles' titles and see if some scraping has been done.

Maybe some other web sites are ranking with your keywords, using your stolen content. This can be a serious issue especially if your domain is not too strong.

Pretty much that's it.



Daniele Bazzano: Matteo, you mentioned scraping. What is that exactly? I've never heard about it.

Matteo Ionescu: Yeah, content scraping is an old technique which unfortunately is used by spammers which steal text, or content from web sites, and then put it on another domain, on another frame, and try to steal your traffic using your work.


Helpful Resources When Building A Web Site

Daniele Bazzano: I see. There are many things to care about when you build up a web site, but are there any tools that can help me out when building a web site and checking its integrity?

Matteo Ionescu: For sure, there are lots of them. Building a complete list is very hard, also because this is a fast-moving world.

But I'd personally start from Google Webmaster Tools, which can be an excellent tools for diagnosing some kind of problems early.

Regarding the duplicated or stolen content problem, I also suggest, and to read the most popular SEO blogs, like Matt Cutts', which gives good advices on how to build web sites and how to make sure nothing goes wrong.

Daniele Bazzano: Thank you very much Matteo, these sure were great advices.

I think that's pretty much it, so thank you very much, and talk to you later. Bye, ciao!

Matteo Ionescu: Ciao!


WordPress Site Hacked: What To Do And What To Check

Duration: 4' 54"

Full English Text Transcription


Daniele Bazzano: Hello everyone, this is Daniele Bazzano for MasterNewMedia, and today I'm here with Matteo Ionescu, which is Robin Good's personal SEO.

Hi, Matteo, how are you?

Matteo Ionescu: Fine, thank you Daniele. How are you?

Daniele Bazzano: I'm doing great, thank you.


How to Prevent Hacker Attacks on WordPress Sites

Daniele Bazzano: Matteo I wanted to ask you today... If I have WordPress installed on my web site, how can I prevent any hacker attacks?

Matteo Ionescu: WordPress hacking has been quite a problem a lot of times, even on famous blogs, like on all open source software.

I suggest to keep your WordPress updated, always to the latest version. Be careful that upgrading WordPress is easy, but you should make sure first that all your plugins are compatible with the new version, or you might experience some problems in some functionalities of your blog.

Another big advice is to try to hide which WordPress version you are using. This is almost easily accomplished with a small plugin which is called WordPress Version Remover. Just install this plugin on the head section of the page. The version will not be shown anymore.

Be careful also to have a closer look to the source code of your blog pages.

See if the WordPress version is shown, even in the footer, because sometimes, some themes call the WordPress version tag in the footer. If this is the case on the footer.php file of your theme, clean the WordPress version part.


What If Your Site Has Already Been Hacked?

Daniele Bazzano: Ok, Matteo, thank you. But I was just thinking... these were advices to prevent hackers to attack my site, but what if hackers have already screwed up my site? What can I do after?

Matteo Ionescu: The best thing would be to replace a backup.

This is why I strongly encourage everybody to install automatic database backup. There are many plugins which can accomplish this task.

And backup your FTP at least once a month. This is a very good practice.

But if you've been hacked, and you don't have a backup, you can try to recover the situation upgrading to the latest version of WordPress, making sure that there are no more backdoors for the hackers like usernames that are not created by you.

If present, remove some malicious strips in folders that are not standard WordPress folders. You can download WordPress again and have a look at the structure of the folders and check that everything matches to your own website.

Then, obviously change the password after upgrading, edit your wp-config.php, and change or create the secret key definition.

Also a good practice on a new log might be to insert random code or random word in the secret key definition, to make life more difficult for hackers.

Pretty much that's it.


WordPress Plugins

Daniele Bazzano: Thank you Matteo, so you mentioned that using plugins I can accomplish many things on my site.

Would you mind just naming a few that can be useful?

Matteo Ionescu: There are a lot of WordPress backup plugins.

I think there's a good one which is called WP-DB-Backup. But if you Google for "wordpress database backup", you'll find lots of plugins which do this.

Besides that, you can also do it by hand, or using phpmyadmin, which is a very popular interface that you find on most hosting packages.

Daniele Bazzano: Thank you very much Matteo, this was surely useful. I thank you, and I'll talk to you later. Bye, ciao!

Matteo Ionescu: Ciao!

Originally shot by Daniele Bazzano for MasterNewMedia and first published on December 5th as "Traffic Drop? WordPress Site Hacked? What To Do And How To Protect Your Blog From Sudden Disaster".

Readers' Comments    
blog comments powered by Disqus
posted by Daniele Bazzano on Friday, December 5 2008, updated on Tuesday, May 5 2015

Search this site for more with 








    Curated by

    New media explorer
    Communication designer


    POP Newsletter

    Robin Good's Newsletter for Professional Online Publishers  



    Real Time Web Analytics