FUD about hacked WordPress blogs
Lets dispell a little FUD about WordPress blogs being hacked into and used to dish-out porn, link-scams or pharm spam whatever.
- It’s unlikely you’re going to receive any attention from Hackers including automated scripts, unless you have high PageRank and big PageView numbers.
- If you keep up with the updated versions of WP this ‘unlikely’ wanes to near zero.
Anonymous : “Yes but updating’s a pain in the neck, I get FUD just thinking about it”
- WP 2.7 is out in its final release by the end of the month, it has automatic updates included – so no more excuses.
- Anyone can find out what version of WP you’re using by a simple right-click ‘view page source’. This should’nt be a problem from 2.7 onwards. There’s a simple plugin that takes that info out as well if you feel the need, over at blog.security.net – direct link for download.
- Old plugin versions can be a way in for hackers, but WP already notifies you when a new plugin version is available with a little red signal next to ‘plugins’ on the dashboard and from the plugin page new versions can be installed directly now.
Anonymous : So how come, when I go into Google Webmaster Tools and click ‘What Googlebot sees’ I’ve got lots of anchor text porn words linking to me?
@Anon : (is there a name for people who write to themselves?) I have this and when I noticed it it gave me the screaming abdabs which I’m sure you all know, is far worse than a simple dose of FUD. A lot of other people have noticed it too and as usual there’s quite a bit of contradictory advice on the subject. A good pointer is the Google team that were asked about it (concerning how this could affect PR) during the live Q&A session last month:
Valentin, Oltenita: If i have backlinks from porn sites do this affect my PR or anything else ?
JohnMu: Hi Valentin, those links might be positively affecting your PageRank (PageRank does not go down from “bad” links like those from adult sites). In general, you don’t have to worry about bad links like that which point to your site which aren’t under your control.
Those backlinks are used in external links to your blog, the reasons they are there could be varied – like possible credibility from linking to ‘normal’ blogs instead of splogs perhaps?
From Google Webmaster Help Groups:
“What Googlebot Sees” is the anchor text of externallinks to your site, so it is out of your control. If someone links to your site with the words “porn spam,” then that will show up there. It’s probably scrapers that are linking to you that is causing this problem.
If you still have FUD knocking on your neurons and you need some kind of extra protection then have a look at the 3 tips to protect your WordPress installation from Matt Cutts. He suggests a quick tweek of the /.htaccess file to filter IP addresses. Relax – he’s a doctor.
Finally, here’s a little tip I came across recently from BlogStorm: How to use Google Alerts to find out if your site gets hacked The idea is to set up a Google alert looking for suspicious words that could be hidden in your site somewhere – like this “viagra OR cialis OR levitra OR Phentermine OR Xanax site:yourSiteNameHere” Not sure about the real value of this but I thought I’d thow it in!
August 27th, 2009 at 9:01 pm
it’s very useful
November 13th, 2009 at 10:05 pm
very useful post and information much thanks!