My WordPress website was hacked and this is what happened

8 replies
  • SEO
  • |
My agriculture and livestock blog had around 500k organic traffic, and I started receiving these "guest posting offers" emails. Since I only deal with agriculture, livestock, and poultry, I reject most of them. Google Search Console was very clean and then all of the sudden, there ar more than 100k of non-indexed links, then another 100k the next day, and so on and so forth. After a week, I had more than 2 million non-indexed pages.

The pages were generated using search function of the site. I contacted my host (Namecheap) and the support told me that my Cpanel was hacked and they had to reset it without losing my site.

The number of non-indexed pages had increased to 5 million. I couldn't take it anymore so I exported the whole content and removed the whole website.

I did some research and I found out that it was some kind of Japanese hacking but I could not find a clear answer. I rested the site for 3 months hoping that the links will disappear from Google Search Indexe. I also remove the account from Google Search Indexed.

I reinstalled the site after 3 months. I lost traffic but the links disappear as well.

Anyone has ever experienced the same. Thanks
#hacked #happened #website #wordpress
  • Profile picture of the author Komilla Shin
    It is because the wise SEO professional suggest to take backup of your website at least twice a month.
    {{ DiscussionBoard.errors[11790819].message }}
  • Profile picture of the author Monetize
    Originally Posted by silveraden View Post

    My agriculture and livestock blog had around 500k organic traffic, and I started receiving these "guest posting offers" emails. Since I only deal with agriculture, livestock, and poultry, I reject most of them. Google Search Console was very clean and then all of the sudden, there ar more than 100k of non-indexed links, then another 100k the next day, and so on and so forth. After a week, I had more than 2 million non-indexed pages.

    The pages were generated using search function of the site. I contacted my host (Namecheap) and the support told me that my Cpanel was hacked and they had to reset it without losing my site.

    The number of non-indexed pages had increased to 5 million. I couldn't take it anymore so I exported the whole content and removed the whole website.

    I did some research and I found out that it was some kind of Japanese hacking but I could not find a clear answer. I rested the site for 3 months hoping that the links will disappear from Google Search Indexe. I also remove the account from Google Search Indexed.

    I reinstalled the site after 3 months. I lost traffic but the links disappear as well.

    Anyone has ever experienced the same. Thanks

    I don't understand why you would host your business website at
    Namecheap. I can see maybe using it as a domain registrar, but
    not for hosting as it doesn't seem very secure.

    If you are using Namecheap as registrar and hosting, you should
    probably move your hosting to elsewhere. It is not a good practice
    to use the same provider for both.

    To answer your question, this has never happened to me, but
    I have had some other episodes over the years.

    I hope that everything works out for you.
    {{ DiscussionBoard.errors[11790841].message }}
  • Profile picture of the author evilclown
    Add a clean sitemap to GSC, generate fresh new links, and add rules to your robots.txt file to prevent crawling and caching of search pages. Add no-crawl headers to search pages. Most of this can be accomplished with an SEO plugin for WordPress.

    For cPanel, the majority of security issues are due to weak passwords. Use strong passwords with 10+ characters that combine letters, numbers, and both lowercase and uppercase letters for a strong password.

    Good Luck

    P.S. Keep everything updated!
    {{ DiscussionBoard.errors[11791267].message }}
  • Profile picture of the author pssajit
    While I have not encountered the exact issue you have described, I experienced frequent hacking incidents with a previous hosting service provider. After switching to a different host, these security breaches ceased, underscoring the importance of the hosting provider's security measures.

    Once you hit something like 500K organic traffic, like someone already suggested, it's imperative to select a robust hosting provider, install a firewall plugin if it's a WordPress website, take daily backup of your website and keep a constant watch on GSC, Google Analytics.
    Signature

    Our World of Dogs

    Dog Boarding Bangalore

    {{ DiscussionBoard.errors[11792015].message }}
  • Profile picture of the author kevingoodson
    I am not experiencing these types of problems while working with the website. However, I recommend that you use the best hosting service for your business and make no compromises. There should be numerous plugins accessible on the market that safeguard your website, send you reminders, and backup your website on a daily basis. Also, monitor your Search console activity on a daily basis to see what changes have occurred and take action if anything is incorrect.
    {{ DiscussionBoard.errors[11792191].message }}
  • Profile picture of the author Alora Carl
    First of all, i honestly suggest you to get rid of wordpress because my website was also attached when it will be on the #1 and getting 20000 visitor per day. So, hire an professsional web developer and start creating website custome on php, laravel, node js etc
    {{ DiscussionBoard.errors[11792293].message }}
  • Profile picture of the author medfayz
    I have been managing WordPress websites for the news company I work with, each receiving more than 1M in traffic. Most hacking attempts come from plugins and themes, which is why I create most plugins in-house. I only use trusted plugins, but sometimes even trusted plugins use third-party code and libraries that could be compromised by contributors or hackers.
    {{ DiscussionBoard.errors[11797859].message }}

Trending Topics