Recently there’s been a WordPress hack going around which has been using cloaking to target Google IP addresses. That means, the spammers/hackers are somehow getting into your WordPress blog, and generating a bunch of spam content and links that only Google can see.
This particular hack uses some particularly dirty methods which include inserting spam keywords into your own content, which is probably to control your keyword density.
Also they don’t seem to place more than a couple spam links on the page, which is probably because they don’t want you to get banned (so you can still pass link juice to them). Kind of like a parasite not trying to kill it’s host.
I’ve made a quick screencast to go over what the hack does and how to see if it’s happened to your site.
What We Know So Far
- Altered content is only visible to search engines like Google and Yahoo, regular visitors won’t notice.
- There are probably “rogue” files on somewhere on your WordPress install that need to be deleted.
- Existing WordPress files may be altered with encrypted code added.
- There might be duped admin accounts on your WordPress install as well that need to be removed.
- Update: There is a discussion going on about this hack at the WP Tavern forums.
If you have any other information, please leave a comment below. I’ll update this post with new information periodically.
Looking for web hosting?
Question: What's the best type of web hosting?
Answer: The kind you don't have to worry about.
And that's precisely why I recommend HostGator. I've been using them myself for years and they've been nothing short of superb.
Fast load times, great support, WordPress-friendly, and good prices. Not much more you can ask for.
New customers can get 25% off of any HostGator web hosting package with the coupon: themelab25percentoffNote: I am a HostGator affiliate, but that doesn't make my recommendation any less genuine.