Here’s how I found out my WordPress-based website was hacked.
One day in January 2014, I had to find an article on my website. I’m a freelance journalist, among other things, and I republish most of my articles on my website once they’re no longer in the current issue of the magazines I write for.
As I was saying, I had to find an article on my website. So I popped open a web browser and googled my url plus a few keywords that I know are in the article. Here’s a sample of what came up.
Umm… since when do I advertise for these places?
Check out the difference between the title of each page (blue links) and the urls on my site (green text just below the blue links). The titles of these links ought to reflect what’s in the links themselves. In any case, the titles don’t fit what typically goes on my website. Trust me.
Take a look at the results of this search. The last three results were similarly hijacked.
The theme goes on regardless of the search term:
This unwanted redirect happens when I use Google from browsers like Firefox and Safari. Chrome also displays the same titles, but the links actually go to the right articles on my sight. Let’s see… Google makes the search engine, and Google makes the Chrome browser… hmmm….
The titles may still be corrupted when they come up in Yahoo or Bing search, but the links lead to the right places. That said, they don’t come up as much as they do in Google. That difference may be evidence of Google’s superior search results, although I would not imagine they should be as easily gamed.
Here are a couple of the pages that the url hijacks lead to:
A site brought up by an unwanted link redirect from luigibenetton.com
A site brought up by an unwanted link redirect from luigibenetton.com
What do I think happened? Quite likely, somebody snuck into my website and inserted what appear to be link redirects on a number of my pages. As a result, whatever little SEO that I’ve built up over the years is being siphoned off by these so-called businesses.
I suspect that the people behind these sites may have hired “SEO experts” that guarantee great search rankings for their clients without explaining how they accomplish those rankings, but I don’t have any proof. Queries to the contact pages of these websites went unanswered.
So now…
I’m looking for ways to both clean this unwanted corruption off my site and protect it from such corruption in the future. I’m muddling through a number of concepts that have me baffled at present, but which I hope to master sooner rather than later. (Somebody else created my site – I’m NOT a WordPress expert, by any means.)
Meanwhile, if you have any suggestions, let me know in the comments below. I plan to one day publish a post that details how I dealt with this issue.