homepage Welcome to WebmasterWorld Guest from 54.226.180.223
register, free tools, login, search, subscribe, help, library, announcements, recent posts, open posts,
Pubcon Platinum Sponsor 2014
Home / Forums Index / Google / Google SEO News and Discussion
Forum Library, Charter, Moderators: Robert Charlton & aakk9999 & brotherhood of lan & goodroi

Google SEO News and Discussion Forum

    
Reconsideration Request Before Getting a Penalty?
maximus12




msg:4017925
 3:07 am on Nov 3, 2009 (gmt 0)

Ok Guys, want to hear everyone's opinion on this.

Today we noticed 75,000 links in our WMT (Originally only had 710). We immediately checked where all the links where coming from and noticed our server was hacked and someone placed about 80 doorway pages on our site and spammed them out. We noticed FTP was left enabled from a backup we did a few weeks ago and it seems this is how they got in. It was an honest and silly mistake but it happened.

Now, we just recovered from a penalty 5 months ago and our rankings are doing great. The good news is there is no penalty yet but the bad news is we are afraid that it will come soon.

If this happened to you would you:

a) Go ahead and send in a recon request now and explain to google what happened?
b) Wait until you get slapped with a penlaty and then submit recon to google?

Thanks

 

whitenight




msg:4017953
 4:04 am on Nov 3, 2009 (gmt 0)

A)

conor




msg:4018022
 8:45 am on Nov 3, 2009 (gmt 0)

Clean up, lock down then a).

leadegroot




msg:4018047
 9:47 am on Nov 3, 2009 (gmt 0)

as per conor
Clean up, lock down then a).

maximus12




msg:4018217
 3:03 pm on Nov 3, 2009 (gmt 0)

Hmm ok so everyone is one A. I want to do this to but:

My only question on that is why would google want to read a recon request for a site that does not even have a penalty yet? And what can they do about a site that just thinks its going to get a penlaty for this? There is nothing to lift?

bwnbwn




msg:4018423
 7:05 pm on Nov 3, 2009 (gmt 0)

maximus12 send nothing to Google until you see a filter. You will most likely not be under a penlaty but a filter and there is a big difference. Doesn't make sense to ask for a review when your in the index. Like crying wolf when there isn't a wolf.

Wait till you see something before sending in the request.

Robert Charlton




msg:4018473
 8:01 pm on Nov 3, 2009 (gmt 0)

My only question on that is why would google want to read a recon request for a site that does not even have a penalty yet?

They did report that you had 75,000 links, and it's probable they'd noticed the 80 doorway pages.

Let them know that you saw the report in WMT, that you realized you were hacked, cleaned things up, and that you hope that there's no problem because of this. Thanks Google for alerting us to the links.

maximus12




msg:4018474
 8:01 pm on Nov 3, 2009 (gmt 0)

bwnbwn,

Thanks for that comment? This is what I was initially thinking, but everyone here recommends that I go ahead and do option a). The hacks and doorway pages have been removed but they were live for about 4 days so they are already cached in Google and the backlinsk in my WMT show over 73,000. I thought that warning Google (by doing a recon) that this happened might prevent them from giving me a penalty?

maximus12




msg:4018477
 8:04 pm on Nov 3, 2009 (gmt 0)

Let them know that you saw the report in WMT, that you realized you were hacked, cleaned things up, and that you hope that there's no problem because of this. Thanks Google for alerting us to the links.

Wow I am really confused now. This was my intention, to tell google. Everything is clean now and I want to tell google what happened by doing a recon but as bwnbwn said, "Like crying wolf when there isn't a wolf"

tedster




msg:4018489
 8:15 pm on Nov 3, 2009 (gmt 0)

they are already cached in Google and the backlinsk in my WMT show over 73,000

That sounds like a wolf to me ;)

I'd go with A - it cannot hurt you, unless you don't want a manual inspection of your site.

swa66




msg:4018504
 8:34 pm on Nov 3, 2009 (gmt 0)

There are many sites who get hacked every day and get abused.

  1. Clean up (immediately)
  2. make sure the hackers can't get back in the same way (immediately)
  3. harden all of your server and scripts (soon, and continue doing this "forever" staying one step ahead of the hackers)

Google is used to seeing sites getting hacked, they also know what a fast cleanup is and will appreciate it. Don't get hacked too often or they'll feel not so confident sending their users to you.

I'm not sure either way about contacting them. I'm very sure about hardening your stuff.

maximus12




msg:4018512
 8:39 pm on Nov 3, 2009 (gmt 0)

swa66

Thanks for the tips. In your honest opinion, would you do option a or b

Rosalind




msg:4018545
 10:13 pm on Nov 3, 2009 (gmt 0)

I read one guide to hack recovery and I was surprised at just how many steps the author had to take, not even counting changing hosts. So my advice would be don't file that request before you're on top of all of the more urgent security tasks.

[edited by: tedster at 10:42 pm (utc) on Nov. 3, 2009]
[edit reason] remove specifics [/edit]

tedster




msg:4018547
 10:29 pm on Nov 3, 2009 (gmt 0)

The main reason I would suggest filing the Reconsideration Request is all those spammy backlinks that were auto-generated overnight. I would get the message over to the 'plex that you want no part of them.

I assume, however, that those links all point to the pages that you nuked, so that should also help avoid troubles. But I'd still get it "on record" and into the very l-o-o-o-ong memory that Google is known for. You may well not see a penalty or filter at this time, since you cleaned it all up - and then this incident begins to fade from your mind. Off in the future, some little data bug at Google could kick in and have you scratching your head about why your rankings suddenly disappeared.

Again, I can see no downside to filing the request.

johnnie




msg:4018580
 10:48 pm on Nov 3, 2009 (gmt 0)

If you have a suspect, I'd at least return the favor by 301-ing their 'links' to them.

rajivatre




msg:4018773
 6:37 am on Nov 4, 2009 (gmt 0)

hi maximus12,
Is your site ranking in google SERPs is showing "This site is harmful to your compuer"?

I have been through this situation few times when this type of attacks were not very common few years ago.(Atleast we did not knew about it at that time).
Now a days i can see it happening very often.

Few of the sites of our clients were hacked and it showed in google SERPs as "This site may be harmful to your computer".
We removed all the suspicious material and restored the pages. We had to try 3-4 times before we could fully protect the site from recurring attacks. (Site was really big with lots of coding over the years).

Every time we cleared the bad contents from the site we used to send Reconsideration request through WMT.

We have never faced any bad effect for this.

So I will recommend if it is showing in WMT as site is having harmful contents or something like that. Then you clear the site and put a recon request through WMT.
In my experience there is no adverse effect.

Also if you put the request through WMT the action is taken very fast (normally within 24 hours as per my experience) and even SERPs are cleared of "Site is harmful" tag from your site's ranking.

Thanks
Rajiv

maximus12




msg:4019038
 3:34 pm on Nov 4, 2009 (gmt 0)

Rajiv , No we did not get this error "This site is harmful to your compuer". This situation is different as it evolves a hacker creating doorway pages on our site and spamming our links out to other sites...

BTW everyone, we know jumped from 75,000 back links to 212,000

tedster




msg:4019104
 5:09 pm on Nov 4, 2009 (gmt 0)

This is sometimes called "parasite hosting" and it is a very destructive spammer tactic. It works for them for a short time - that's all they want or expect - and it can leave the website itself with a penalty for hosting those spammy pages.

rajivatre




msg:4019461
 6:52 am on Nov 5, 2009 (gmt 0)

Mamximum, ok sorry i did not understand the issue fully and correctly. Let us know what solution you come out with.

Thanks
Rajiv

TheMadScientist




msg:4019465
 7:13 am on Nov 5, 2009 (gmt 0)

a) Go ahead and send in a recon request now and explain to google what happened?

A, with a twist... I'd ask a question or two even knowing I'm probably not going to get a reply.

This is what happened... blah...
This is what I've done to fix it... blah...

If you want or need to have a look at my site, go ahead, it's:
www.example.com

Is this something I need to worry about since I've reversed the situation and do not see a penalty / filter yet, or is the fact I've fixed the issue enough?

What's the best way to handle this? 404 the pages? 410 the pages? What if they go to live pages on my website, so I cannot do either, is there some way I can notify you our site did not ask for or endorse certain inbound links in GWT without completing a re-inclusion request, like a 'remote nofollow' tag, so I can easily tell you to just discount them while I work on getting them removed?

(Then I'd redirect all the inbound links to Google and see if they slap themselves with a penalty. LOL :)

maximus12




msg:4019668
 2:53 pm on Nov 5, 2009 (gmt 0)

This is what happened... blah...
This is what I've done to fix it... blah...

This is exactly what I am doing an preparing. Planning on sending the recon request out today. But stragnely enough after 7 days of this happening my rankings are still where they were before this happened..

elsidney




msg:4024987
 7:14 pm on Nov 14, 2009 (gmt 0)

< moved from another location >

Last month someone built about 5000 spam links to one of my sites, which is more than the site had altogether before that. The links are surrounded with other links to pharma and other nasty sites and sometimes contain keywords that I could be targetting, but had not been.

The site has not been penalized yet; in fact, I have seen a nice increase in traffic.

I understand that I can file a reinclusion request if I get penalized, but my question is, what can I/should I do before that happens?

[edited by: tedster at 5:46 am (utc) on Nov. 15, 2009]

tedster




msg:4025162
 5:48 am on Nov 15, 2009 (gmt 0)

As you can see earlier in this thread, there are differing opinions. My own view is to file right away and get it on record with Google. Part of my reasoning is that trust calculations seem to run a lot less frequently than ranking changes. If you wait until whatever week a penalty kicks in, you don't look nearly as "clean" to a human reviewer.

elsidney




msg:4025236
 1:14 pm on Nov 15, 2009 (gmt 0)

Thanks for the reply (and sorry for not finding this thread in the first place).

I think I'll go ahead and file, and take my chances with a human review. My backlink profile wasn't squeaky clean before this though, but I don't think it is too bad.

The other question is would there be any point in trying to find who did this? It must be someone in the same niche as me, so I guess I should see who would benefit by this.

tedster




msg:4104479
 3:18 pm on Mar 25, 2010 (gmt 0)

Matt Cutts has now given his video response to this question - see this video [youtube.com].

As a quick summary, Matt says that if you catch and fix the hack pretty quickly, and if your rankings are still fine, then you "might" not need to submit a reconsideration request.

Bewenched




msg:4105410
 8:05 pm on Mar 26, 2010 (gmt 0)

I recently had to to this myself.
We moved our servers and I accidentally blocked some of googlebot (the ones that run stealth got a 403). I hadnt seen a penalty yet because of it. I went ahead and put in a reconsideration request and told them what had happened. The day after putting in the request I saw that WMT was showing some of the 403 errors in their crawl stats.

Not sure if I averted a penalty, fearing that they might think we were cloaking, but we havent missed a beat in the rankings.

Global Options:
 top home search open messages active posts  
 

Home / Forums Index / Google / Google SEO News and Discussion
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved