Just a few days I was sitting in my living room when suddenly I get this email from my smartphone. I had received an email from Google that had alerted me that a hacker had broke into my site. What I was about to experience would become a life experience for me in the cyber world. Learn from this and it could save your SEO from diving like a dying duck.
It all began with this message from my webmaster tool in Google:
I glanced at my phone and saw this email, and I was like…
I’ve experienced hacks before, but not quite at this level. The hacker had inserted a file within my client’s site that was “malicious” to Google. It was a simple PDF with words that didn’t make sense, and not even sure how it was malicious. Someone who has done this before knew something I didn’t and knew that this would bring my rankings down in SEO. Whatever it was, Google didn’t like it. So I had better change it quick, or my work was lost.
I’ll explain a little.
This website that was hacked was actually for a client of mine. I do SEO for clients (from time to time) and I had this site at position #2 and they were making bank from it. We had dominated the search terms in their area and jumped up high rather quickly. We were even conquering areas around us in and was expanding. I was doing good.
I’m afraid someone wasn’t happy about my success. There’s no other explanation for it. Google, in the email, stated it would damage my SEO if something wasn’t done quickly. I can’t prove who, but it gets even better.
The hackers shut down my logins from all directions. They didn’t nicely change my password for me ( like I wished) so I could reset passwords from email. But nooo. They killed all logins and left my login page blank. At this point I’m steaming and I wanted to explode something.
Much better. No one was hurt I promise 🙂
Not sure how they did this, because well, I’m not a hacker. I believe in working for what you have, not destroying those above me. And that’s what I feel like was happening here.
I logged into my hosting and thankfully that password wasn’t changed. I talk with Godaddy (the client’s hosting) for about 2 hours, but they couldn’t help me. Why would someone do this to me?
That’s when I remembered Godaddy’s backup storage. I went to restore my site from a day ago to reset it, and nothing happened, everything is still locked down. I thought I was doomed at this point. I try to reset the site like it was back three days in the past, and that’s when I checked on the logins.
I was finally in! By resetting my site like it was before the hackers came, I was able to get into my site once more.
I get inside my wordpress site and look around to see all what happened. They had damaged my media file section to where I couldn’t upload or delete anything (the malicious file). Once I realized it was a direct attack, I went for my Godaddy account again and looked for extra FTP accounts.
There was a mysterious account I had never seen and was registered without an email. Not sure what that was about, but I didn’t want to find out. I destroyed it and changed passwords to everything.
After resetting the site, I realized that the malicious file was gone. We resetted all passwords, downloaded Sitelock, and monitored everything closely. My SEO rankings didn’t drop and I got confirmation from Google that everything was clear. Good thing I check my email.
So how can you learn from this?
- Biggest thing you can do is add Webmaster to your site. Webmaster is a tool created by Google to alert you about things like this. You can do that here. It helps keep track of attacks, of SEO rankings, and your keywords.
- Understand everyone isn’t happy when you rank, and they’ll do anything to stop you.
- “Password” the word doesn’t make a great password. I didn’t do this, but I’ve heard of those who have. Make that password a good one.
- Understand hacking is becoming a thing now, and you could be hit next.
- You need to have your site on backup.
You need to also download some plugins and make sure your site is more secure. These will help fight for you from the WordPress side. They can scan your site if you’re secretly hacked (like I was), block any activity, and strengthen security.
The WordPress Security Plugins
2. BulletProof Security
3. Sucuri Security
6. All In One WP Security & Firewall
Why would someone do this to me? I can’t prove who did this, but the fact that I was ranking high makes me believe this was an attack on my SEO. They killed my logins.
I believed this was to keep me from getting to files in time before my rankings tanked. They started tearing my wordpress site apart and dislocated my media files so I couldn’t get to the malicious file. That takes lot’s of work and it’s why I believe this was a deliberate act. Another reason I believe this was done was to simply help someone else rank higher. What’s easier? Paying thousands and maybe get results? or shooting the ducks flying over? You got it.
Don’t be a victim and learn from this. If you start to see your rankings drop and you haven’t been doing black hat SEO… You may want to look into this.