It has been a real “updating spree” in the WordPress universe for the past few weeks. There are a lot of different ways your wordpress blog could be hacked but chances are you could find a lot of spam on your blog if you haven’t updated your software recently.
As a lazy webmaster, I have old websites that are ten years old, and sometimes I skip on installing an update on all my blogs. But as the problem looks tough and as I love to save my time, I thought about using Oncrawl to detect if I was exposed to malicious spammers.
First I crawled all my websites
Crawling a website is really easy as 1,2,3 with Oncrawl so in just a few clicks I was all set up, waiting for the results to come. And there they came:
Nothing too bad at first sight. In this case it’s my old personal blog where I used to share new services on the web and stuff on cool new startups. So it has followed external outlinks but the proportion of those is fair.
But I was about to discover that spammers managed to do their thing…
Even if Akismet is doing pretty well in detecting spam comments. But spammers are getting better and better at hacking WP sites. A guy managed to create a user with admin rights on my WP set up. The crook decided to copy/paste a big <div> with a lot of spammy content. I didn’t notice that because he used a damn text-indent: -9999px on that <div> so that I wasn’t able to detect it even from the visual editor of my articles. Plus the spammer was smart, he only puts bad links on my old popular articles that are far away from my blog’s homepage. On the previous chart you can see a huge number of average outlinks starting at depth 11.
So what can I do to be spam-proof?
1. Get the right picture
After a crawl of your website you have the total number of external outlinks. In the “Outlinks” section of Oncrawl, you can click one of the top metrics as shown:
2. Find your most spammed pages
Then you access our URL viewer where you can drill down your outlinks and their sources. The main thing to check quickly if something is wrong is to filter by anchor your outlinks. If someone has spammed you, you will see some weird anchors. As we give you the URL source for each outlink, you know where to correct that issue.
3. Eradicate that Sh**
Now plan to do something really painful: check every source code of your spammed pages and delete those bad outlinks.
The main thing here is not to wait for GWT to send you a scary message or in worst cases having a grey pagerank in your favorite toolbar, it’s about having everything under control. We make it easy with Oncrawl so you only need to push the button.