Recently, there has been an increase in the number of SEO hacks, a type of site tampering that is difficult to recognize as tampering, rather than hacks or tampering that are easy to understand.
In this article, we would like to explain how this type of tampering affects sites.
What is a WordPress SEO hack?
An SEO hack is an attempt by hackers to achieve search engine optimization (SEO) primarily by defacing your site, often with unobtrusive alterations to your site in order to increase traffic to your site or improve your search rankings.
Since SEO is designed to be recognized by search engines and to gain traffic over time, it is often done discreetly so that even if your WordPress site has been tampered with, the tampering will not be exposed to the administrator.
SEO hack tampering can unintentionally embed the following SEO tampering on your site
Links to sites that the hacker wants to improve search rankings
Redirects to sites where hackers want to increase traffic and search rankings
Fake sitemaps
Fake Robots.txt
HTACCESS that misdirects users to unintended sites
Loading malformed JS scripts
etc.
Sign of WordPress tampering 1: Dramatic decrease in access
If your site has been tampered with by an SEO hack, it will misdirect users to the incorrect site only when they visit your site in the search engine results.
In this case, the number of accesses from search engines will decrease dramatically. If your site is still displayed correctly, but search engine traffic has suddenly dropped dramatically, try displaying your site in the search results of various browsers and check to see if users click through from the search results and are not redirected to an unintended site.
Sign of WordPress defacement 2 When accessing the site, you are redirected to a sweepstakes, or in rare cases, a virus check site or a visitor survey site.
Malware may be embedded that uses cookies to ensure that redirects to other sites occur only rarely (once a week) due to unauthorized tampering.
In this case, the site will appear as if nothing has happened when you access it again, so you may miss this unauthorized tampering.
If you experience an unauthorized redirect when accessing the site, even once, you should suspect that you have been subjected to an SEO hack. Try accessing the site using a different browser, clearing your cache and cookies, or changing your IP to see if the unauthorized redirects occur again.
Sign of WordPress defacement 3: Searching for the title of your site results in a large number of unrecognizable pages in the search results.
In this case, your site’s sitemap XML (the file that tells search engines about the structure of the pages located on your site) may have been improperly rewritten, or your site may have malicious content embedded in your server that mimics the design of the page only.
Reference
WordPress, your site’s content is replaced and displayed in search results
WordPress tampering sign 4: Clicking on a link on a page on my site takes me to an unintended site on a different domain.
This type of tampering is caused by embedding an invalid JAVASCRIPT file, so that when you click on a link that takes you to another page on your site or a link in a menu, you are taken to an invalid site instead of a page on your site.
In this tampering, the malicious JAVSCRIPT program scans the link tags after the page has finished loading and rewrites some or all of the links to link to the hacker’s intended site.
In advanced cases, there is also malware that dynamically pulls a series of changing JAVSCRIPT programs from another site each time it is accessed and rewrites the link destinations.
Sign 5 of WordPress tampering: Unrecognized link strings are output in the footer or header of the site.
If there are keywords and links embedded in the footer of your site that you do not remember, or if there is suddenly an unnatural blank space under the footer, there may be a link to an unauthorized site there.
Because search engines increase search rankings based on the number of links, hackers will try to increase search rankings by tampering with your site to create links to sites they want to increase their search rankings.
This type of tampering is often difficult to detect and goes undetected, so some sites have not taken any action for several months.
Detecting tampering and malware through SEO hacks
40,000 sites use this plugin/ Plugin to investigate, detect and remove tampering and malware caused by WordPress SEO hacks from files and databases.
Free WordPress:Malware Scan & Security Plugin [Malware and Virus Detection and Removal].