Welcome back Google Visitors

Written by newmediamike

Topics: WordPress, WordPress Training

Last week I was marveling at the volume of traffic I was getting from organic search on multiple blog posts. I had reached the conclusion that my popular blog posts were the really generic information kind.  Not that people didn’t like my tales of driving coffee trucks. But finding out who was calling from 750-760-8888 was more pressing.

My most popular posts are listed in the sidebar.  Or were my most popular posts.  Something happened around the 29th of June to cause my traffic to drop pretty dramatically.   Being a search geek the first thing I did of course was consult Google Webmaster Tools (GWT) to verify my site was still listed with Google. Check. I also checked my pages to see if  I still had as many pages indexed as I did the week prior.  Check. All my pages were still being crawled and I was still showing up in the rankings according to GWT.  I did not check my rankings manually as there are too many factors to skew my search for that term to give me an accurate gauge of where I rank. Trust me; I’m a search professional, checking rankings like that doesn’t work anymore but that’s a topic for another blog post.

By eliminating these variables I eliminated the possibility of a Google penalty. A Google penalty was my first thought. So if it wasn’t a Google penalty, what was it?

Something wonky was up. I didn’t know what, but something hit my heavily trafficked newmediamike site on the 29th of June. Since I was depending on newmediaMike to drive traffic to wptrainingonline.com I decided to verify my posts on wptraininonline.com were being crawled.  I could log onto wptrainingonline.com with no problem.  I typed wptrainingonline.com directly into the search box so I could see the pages.

I clicked to the site from Google and received this error message:

The web page at http://wptrainingonline.com/wp-admin/htttp://reltime2012.ru/frunleh?9 has resulted in too many redirects.

Say what?

I immediately logged onto my webhost and checked the redirects were OK. They were all pointing to the correct directories. I then checked my .htaccess file as it is used for 301 and 302 redirects.

First off, my htaccess file for wptrainingonline was last modified on June 29. Which is odd since I set the site up in January. When I opened it the first thing I saw was the rewrite engine had been changed so traffic from any of these sites:

Google, Ask, Yahoo, YouTube, Wikipedia, Excite, AltaVista, MSN, AOL, GOTO, Infoseek, Lycos, Search, Bing, Dogpile, Facebook, Twitter, Live, Myspace, Linkedin, Flickr

would be redirected to htttp://reltime2012.ru/frunleh?9

The {expletive redacted} who wrote this wasn’t taking any chances … Excite and AltaVista? I’m having 1999 flashbacks. So essentially anyone accessing the site through a major search engine or social media site would be redirected to this guys site in Russia.

I tried to delete the portion of the .htaccess file that contained the script to redirect it but I wasn’t able to save it. I downloaded the htaccess file to my hard drive and tried to edit and save it to no avail.

The only way to get rid of it was to delete it and add in a new .htaccess file.

Rewriting an htaccess file for my WordPress is tricky. Rather than get into details, I have uploaded a clean .htaccess file to WP Training with newmediaMike for you to download.

UPDATE 07/08/2012 3:40 pm 
I have posted a video on WP Training with newmediaMike on how to identify a WordPress htaccess hack.
I also posted a video on how to fix a WordPress htaccess hack.

UPDATE 07/08/2012 6:15 pm

I have posted a video on WP Training with newmediaMike on Activating the BulletProof Security plugin. A ways of accessing your htaccess files if you are not comfortable editing your root directory. This plugin also prevents any rewriting of the htaccess files so you are in effect safeguarding this from happening again.

Once I had wptrainingonline.com fixed I checked out my other sites. EVERY .htaccess file had been hacked. Including of course this one.

This explained the traffic drop! If no one could access the site that’s why I had such a dramatic traffic drop and explained why I was still showing up well in Google searches (according to GWT).

To recap here is what was happening. Any traffic from major search engines, Twitter, Facebook or LinkedIn were getting multiple redirects which meant they were not getting access to my WordPress site. This was the result of a hacked .htaccess file.

All of the WordPress sites I host on 1and1.com have been hacked.  I have modified every one of my htaccess files and installed Bullet Proof Security on all my WordPress sites.  I will be monitoring my .htaccess files closely and will post updates if necessary.

So, welcome back organic traffic visitors from Google, Ask, Yahoo, YouTube, Wikipedia, AOL, Search, Bing, Dogpile, Facebook, Twitter, Live, Linkedin, Flickr.  For any visitors from Myspace … really? MySpace still?

And to my visitors from Excite, AltaVista, MSN, GOTO, Infoseek and Lycos, welcome to 2012.

Related Posts Plugin for WordPress, Blogger...

4 Comments For This Post I'd Love to Hear Yours!

  1. magoo says:

    Same thing happened to me over the weekend 7th July to be precise.
    Looks like its happened to a few others around the place too.
    The big question is how did this happen and what is the fix so it doesn’t happen again.

  2. TJ says:

    Your video’s helped. My web host couldn’t figure it out over the last 24 hours and I managed to fix it in less time than it took to figure out how to access the ftp.
    But how did it happen in the first place and how can I prevent it from happening again? If it happened once, it can happen again and my “professional” web hosts obviously do not have the skills I would expect.

  3. newmediamike says:

    Hi Dee,

    On my WordPress training site I have created two videos, one on how to identify a WordPress htaccess hack and two how to fix a WordPress htaccess hack. If you are still having challenges, there is a word press support form on the site as well.

  4. DeAnna says:

    http://www.deannadifabio.com/htttp://reltime2012.ru/frunleh?9
    hi there, read your article and the hacking part alerted me..  my site is now not being picked up at all from any search engine..  Can you share with me in basic terms what happened and the best resolutions? 
    I am using the them Ultra Panel and Really like how I designed the site.. However, will admit I am a 4 in compared to a 10 in the scale of understanding the back end.. It also wiped out all of my SEO etc..  ???  🙁 
    Please advise.. and sending waives of gratitude.
     
    Dee

Leave a Comment Here's Your Chance to Be Heard!