There were reports over the weekend that some payday loan companies were using so called ‘dirty tricks’ to gain rankings and position themselves high up the natural rankings in Google UK for core keywords such as “Payday Loans”.
Obviously, there are a lot of issues around this but the core thing for you is whether or not your site is affected and what you can do about this.
How do you know if you’ve been affected?
Generally, the kind of thing that is happening in these reported instances is the insertion of links on your website. The first thing you can do with this is to run an external link checking tool to ensure that the links to other websites which you have on your site are the ones you want to be linking to.
There are a number of ways of doing this – my preferred method is using the Screaming Frog crawling tool to review external links. This also then tells you where the links are on the site so that you can look at removing them.
It’s worth looking at your rankings as well, as you might find that these have been affected if your site was hacked.
You can also check on your FTP server to see when files were last edited.
How to repair your site
Take your site down during the initial phase of recovery. I know this goes against the grain, but having the site down for 24 hours is better than having it live and riddled with spammy links to other websites. Make sure your site server has a 503 during this time, if you can’t do this.
Ensure you have a backup of your website from before the date you’ve identified as the point you were hacked.
If you have been hacked there are a number of things which you can do.
Firstly, talk to your hosting company. They also play a part in the security of your website. You may find that the whole server you are hosted on suffered hacking issues recently, in which case it is wise to move servers.
Secondly, remove all the links and inserted code that you find on your website.
Thirdly, it might be worth requesting removal for the affected pages whilst you repair them, so Google doesn’t count these pages against you.
Lastly, change ALL of your website admin passwords. Make sure that you include things like WordPress logins, FTP details etc. Remember not to save these in insecure places and make sure that your passwords are secure. There’s a great site called How Secure is My Password? which you can use to check this.
If you run an ecommerce site (or other site which has a database of customer information sitting on it) you MUST ensure that your customer data has not been compromised.
Once your site is back up and running tell Google to stop using the removal requests you set up and if you received a malware report, request reinclusion.
How to ensure that you don’t get affected again
As mentioned above, changing passwords and possibly servers might be needed in the short term and making sure that any passwords you have aren’t easily guessable is a good start.
Additionally you could monitor your website using a tools such as ‘Change Detection Log’ or the Google Chrome Plugin ‘Page Monitor’, both of which will inform you if a page has been changed. If you didn’t make a change, you’ve then spotted an issue.
If your hosting company is able to locate the IP address which is likely to have caused the hack on your website, you can set it up so this IP is blocked from being seen by Google.
It’s also important to keep an eye on the Google Webmaster Tools account for your website as Google may email you if they feel that your website is hosting something it shouldn’t be.