Your first concern should be what the comment being left is. I had this happen to me, and they took my content, broke it up into chunks and left it as comments on hundreds of thousands of blogs. Your content will be destroyed, and cannot rank because literally every sentence is duplicate content.

I wouldn't really consider that negative SEO, it's more like comment spam collateral damage.

There are plugins that will reduce the overall amount of comment spam down to a manageable level. You can also turn comments off after a week or two since most "real" comments happen fairly quickly after a post.

Sounds like another case of not protecting content before the cows are out of the barn and now trying to herd it all back in, which is way worse than if you protected it to start.

Based on a couple of comments posted her i think some people are confused, these are not comments posted on her site, these are comments posted on OTHER sites.

If I understand the proper properly, they've scraped her content and spammed it elsewhere to POSSIBLY damage her rankings, but I think it's more likely they're trying to use your content to simply get some of your traffic without doing any of the work. Not negative SEO the way you're thinking about it as it normally would rank below you site if Google has correctly identified the author, but it still steals readers and has the potential as others have mentioned to render your content duplicate content and useless if they spam it all other the place as Google might mistake it for being from an article farm or worse.

The solution to your problems are:

1. Start Bot blocking ASAP to stop the proliferation of your content from appearing all over the web. There are some good scripts out there that just plug right in, get one yesterday.

2. Set your pages to NOARCHIVE and block the internet archive from copying your site to eliminate alternative sources of your content. See [noarchive.net...] for an enlightening read.

3. Start filing DMCA complaints with Google and the host of those sites hosting your comments, get them knocked offline

4. If they actually link to your site, go into Google's WMT's and disavow them all. If you have a budget, find and SEO company with power house disavow tools or a disavow service to wipe them out for you.

If you really want to stop it for good it's WAY more complicated than this, I've gone over the topic many times as have others, esp. in the spider forum here on WebmasterWorld, lots of reading.

I think the list of sites the spam is being hosted on my be interesting to know, esp. if they're an actual ring of garbage sites being used just for negative SEO comments.

Perhaps try writing to a few of these sites and ask them why they aren't using such tools like Askimet to stop the spam from showing on their sites. Perhaps they aren't aware of it, or perhaps the site is abandoned or neglected and they aren't aware of the problem which is often the case. Sending a few emails and waiting for some replies for a week might answer that question.

Check the IP of the sites hosting the comment spam and see if there's anything in common, if yoy find clusters of sites on the same IP then you know it's possibly done on purpose or even worse, someone set up a network of sites now abandoned. Either way, I'd try to DMCA them out of Google and off the host, send to both.

Been preaching the bot blocking content control message for years now and everyone ignores me, it's not a big deal, no need, until it hits the fan, which it always does eventually, and suddenly I'm their best friend as well as someone else with powerful disavow tools to clean up the mess ;)

Good luck with fixing this!

Based on a couple of comments posted her i think some people are confused, these are not comments posted on her site, these are comments posted on OTHER sites.

Since I am apparently confused, can you explain the issue based on the OP's original post/information.

No confusion required: "I can disavow the links"

You would not be concerned about disavowing links that did not point to your own site, right? If they were on her site, why disavow them - they must be on other sites, pointing to hers.

hey IncrediBILL - is this a comprehensive enough list of bad bots to block?
[github.com...]

Also - Are these bots how multiple sentences of my content wind up posted to some weird sites with random #*$! on them?

When you file DMCA Complaints, do you report sites that copied only a paragraph? Or do you report only full copies? Do you know of any affordable service that will DMCA these for you?

Blocking bots by UA is not the most efficient way to do it. The User Agent is the most easily faked piece of information left in your logs. ANY list copied and pasted into your htaccess file without understanding what you are doing can cause more problems than it fixes. Just sayin'. There is a ton of useful information in the SE/Spiders forum here: [webmasterworld.com...] (hint: there is no set-it-and-forget-it method, it evolves all the time.)

As to DMCAs "a paragraph" is considered fair use. Google does remove DMCA copyright content from serps but it can take time, they deal with millions a month.

My site had been ripped sentences and paragraph level too... sorry but your sites gonna disappear for all your weaker keywords now.

Dmcas on thousands of hacked and spam pages that are constantly being made is impossible and plus your right about the stupid fairuse rule...

Thanks for the tips.

A couple of clarifications to my question here:

1. Yes, these are external links that are the concern. I am not receiving comment spam on my own site.

2. No, the comment spam does not contain my own website content.

So these are the types of spam programs we see that will typically crawl the web and leave mass comments on numerous wordpress blogs and such with flattering commentary and a spam link in the comment. For example, the bot might say "I really enjoyed reading your article. You make a lot of great points. Blah blah blah. http://www.spammylinktomysite.com/.

I know I can disavow these and most of them will probably not affect my site. But I am worried that I'll have to disavow them on a near-daily basis if they continue to pour in. There is a lot of suspicion that we could see a Penguin update within the next few weeks.

In short, there's no concern here about protecting my content, and no need to install Askimet. I'm mostly curious if anyone knows how to "stop the bleeding" so to speak so that I'm not wasting resources with ongoing disavow.

Any ideas, maybe, on tracking down the source? Maybe there's a way to find the IP, or figure out which competitor is sending the spam? If so, what actions would you recommend once the source is identified?

[edited by: Robert_Charlton at 5:21 pm (utc) on Oct 3, 2014]
[edit reason] delinked example url [/edit]

There really is no way to avoid the disavow process unless you stop the spam links from being created. To stop the links from being created, you have to determine why you were targeted. Does your site rank well? Disgruntled employee? Dissatisfied customer? Negative SEO can occur from more than just competitors, but from people you know with an axe to grind.

Sometimes spammers will link to other sites in their spam to make their links look clean. If you find that your links are appearing in posts where other links are also present, you may be able to ascertain the website that is being promoted and locate the registrant's information for a personal follow-up. Though I think this is not as common anymore as Penguin has changed the techniques that spammers are using to game the system.

Most link spam will be generated from an offshore server and/or bounced through proxies to hide the origin. Just like spam email, the people producing this garbage hide in anonymity.

Hopefully someone here can give you more than a "sucks to be you" response, but disavowing links is about the only sure fire option people have to mitigate the harm from negative SEO. Good luck to you!

Thanks mrengine. I am currently doing disavow already, but I am primarily trying to figure out what I can do to prevent more automated spam comments from increasing in the coming weeks and months.

If it persists, I will need to do disavow over, and over, and over again, until I can get to the root of who is generating the links.

Also, the site is a good quality site. We only do white-hat SEO for the site, and I do believe that it is coming from a competitor. We rank very well for this site. We don't have any disgruntled employees or dissatisfied customers to speak of and we have excellent processes to help any employees or customers that have concerns.

Yup, disavow is all you can do here, you have no other recourse.

n short, there's no concern here about protecting my content

WOW.

Look a little deeper in the web, you're being scraped and even if they aren't using full paragraphs, trust me, your stuff is out there working against you.

I already explained it many times, ignore it at your own risk.

Sadly, I get a LOT of people that come back asking for help when it's way beyond too late for their existing content.

Good luck.

@ SEODiva:

It would be a good idea to check and double check that your site HASN'T been hacked - or doesn't have a lot of comment spam ON your own site (if your site even allows comments).

The usual reasons that someone would create a lot of links to your site would be because they either:

1) Hacked some of your pages and added links to their money pages from YOUR pages, and now they are creating links to those pages on YOUR site that link out to THEIR site, or

2) They dropped links in comments from your site to their money pages, and again, they are creating links to those pages on YOUR site that link out to THEIR site.

Anyway, good idea to make sure you weren't hacked.

Good suggestion from Planet13, Google has some tools to help you find out if that is the issue: [support.google.com...]
There is another simple scenario that might cause ahrefs to report something that isn't really there: if your access logs are inside the public area in the domain root and are crawlable, all that referrer spam generated by spam bots in your logs will appear as inbound links to your site from spammy sites. It would naturally increase dramatically when the spambots have success with their referrer spam.

In that case you do NOT disavow them because they don't really exist, but find a host that doesn't have your logs in the domain root. Just look at your logs and see if that's what you see.

I once spent a long time to see who was behind these scrapers and contrary to popular opinion they are well funded and well organised backends to some major names online. They are not kiddie scrapers.

That said your best bet is a spider trap, reverse dns googlebot then cloak the spider trap and place spider traps all over.

We rank very well for this site.

If your rankings have not been effected by this then why are you worried? This could happen to an important educational resource and if google penalised the site it would be a loss for the public. The user experience would be harmed if our webmaster is messing around disavowing random links on the web when they could be working on more compelling content or getting links that could help more people find the important resource.

If google were penalising for something you didn't have anything to do with it would fly in the face of the entire basis of civilisation. Like the presumption of innocence and freedom of expression. If there really was the ability to change rankings using comment spam the Kremlin or some other agencies could be shaping the political and philosophical nature of the entire world by manipulating the rankings using comment spam and the entire educational establishment would be up in arms about the issue and recommending alternate seach engines.

Thanks for the ideas everyone. All of you have really great comments and suggestions, but overall, I don't think this conversation is going in the direction of answering my original questions.

I've looked at the links and my site is not being scraped. And there is no comment spam on my own site. The cause for concern is that despite ranking well, there is some risk in losing rankings when another Penguin update comes around.

As of now I'll leave it there and plan on repeating our disavow on a regular basis unless I can find a solution to actually rooting out the source of the comment spam, which doesn't seem likely at this point.

Thanks again everyone. Please respond if you can directly answer my question, but otherwise forgive me for stepping out. I'd like to participate, but only if we can keep the conversation focused on solving my question.

Cheers!

The short answer is no, there is no way to AUTOMATICALLY protect yourself from someone linking to you - whether they link to you from forums, comments in blogs, blogrolls, scraped wikipedia / dmoz results, or not.

So aside from either hiring someone to update your disavow file or updating it yourself, then I don't think there is an option.

Heck, there is probably someone out there selling some automatic service that will look at all your backlinks and disavow whichever ones that it THINKS are bad, but I wouldn't trust an automatic solution at all.

Have you checked to see whether these comment spam links are dofollow links... ie, not "nofollow"?

I ask because WMT does not distinguish between nofollow and regular links in its backlink reports. You should check out the actual links. Most blog platforms "nofollow" backlinks by default, and it is not necessary to disavow the links that are nofollowed.

Google says that it's not necessary to disavow backlinks that you didn't place yourself, but I'd tend not to fully trust that at the moment. Detecting these may in part be what Penguin 3.0 is about.

A clear indication in WMT of which links are nofollow vs which transmit PageRank is also long overdue.

Most blog platforms "nofollow" backlinks by default, and it is not necessary to disavow the links that are nofollowed.

Great point. Thanks for bringing that up.

Likewise, many of the copycat "wiki" sites that scrape results from wikipedia also use nofollow links.

Yes, most are "nofollow" links, but a percentage is also "non-nofollow," or regular indexable links. We are doing disavow already. Just trying to hunt down the source of the spam.