Webmaster Logo.Learn HTML and CSS.  
Click to see the benefits of becoming a member.Read the current issue of Almost a NewsletterCool webmaster products.Contact us.   Log in to the webmaster's member area.

Lost Rankings Report

This special report details how BoogieJack.com plunged in the search engine rankings, which led to a catastrophic drop in traffic, naturally resulting in a serious drop in sales and loss of income.

This could happen to your site!

The search engine trouble and resulting loss in traffic could happen to any web site, whether a commercial, personal, non-profit, or other type of web site. It's more likely to happen to popular web sites, but any web site is a potential target.

The Early Warning

My web site was receiving between 2,000-4,000 unique visitors per day, averaging about 80,000 unique visitors per month. Then out of nowhere my unique visitor count went from that average of 80,000 per month to less than 5,000.

Obviously something went disastrously wrong. I went to Google to search for my site using keywords and keyword phrases I have traditionally ranked highly for (on the first or second page) but my site had seemingly disappeared. I clicked down into the search results for 50 pages without finding my site for any keywords I previously ranked highly for. It seemed as if my site was no longer indexed.

It had either disappeared or had seriously dropped in rankings at many other search engines too.

So I browsed my site looking for something wrong. I thought I may have inadvertently violated a search engine rule or two, but didn't notice anything obviously wrong.

Sidenote...
To search for pages only within your domain at Google, format your search query like this:

site:www.boogiejack.com

...of course, you need to change "boogiejack.com" to your own domain.

Next I went back to Google and searched only for pages within my domain. The search returns brought results from my site so I knew it was still indexed, but why did it fall completely out of search results for keywords I usually dominated?

After clicking a couple of pages deep into the search results I started seeing pages listed for my site that I knew I didn't create. As I kept going, hundreds of pages not of my own making turned up. When I clicked the links for these pages to see if they were actually on my site all I got was 404 errors (file not found).

After discovering all these odd pages in Google search results for my site, I logged into to my site via FTP to look for the specific pages the search engine said were on my site, but they weren't there. I did make an important discovery though. Hidden in a directory I seldom opened once it was set, I found a strange file. It was a PHP script I didn't place there.

In studying the PHP script I determined it was probably supposed to redirect people who clicked the bogus links in search engines to a Chinese web site, but apparently the script had a glitch so all the bogus links ended up being broken links.

So then I looked at the source code of a few pages and soon discovered thousands of links I didn't put on my pages. The links were placed after the </html> tag so they weren't visible if you were viewing my site in a browser, but the search engines picked them up. The links were for all kinds of things: shoes, porn, celebrities, MP3 downloads, pharmaceuticals, and hundreds of other topics unrelated to my site.

Sidenote...
Link rot is why most search engines long ago banned sites hosted at free web hosts and many only allow the submission of a domain's main page, because of all the dead links that polluted their search results because of abandoned free sites.

To the search engines, my site had a couple hundred good pages and thousands of broken links to pages that didn't exist — the very thing search engines hate — link rot. With all that link rot on my site, its search engine rankings fell like a rock into a bottomless pit for ANY legitimate search.

With about 200 times as many links to scattered topics than my real site's focus, it also meant my site had lost any semblance of having a theme or purpose. My site had lost all credibility with the search engines.

I'd found the answer to why my traffic had suddenly died.

My Theory

It appears the hacker was trying to siphon traffic from my site and at the same time, trying to boost his/her own site's popularity through the popularity and credibility my site had at the time.

All it did was kill my site as far as the search engines were concerned. Almost everything I've worked so hard to build up over the last 11 years, wiped out by one individual on the other side of the planet.

The Aftermath

The result of my site's search rankings falling so fast and far meant not only a drastic loss of traffic to my site, but also a devastating loss of income. When your site goes from up to 4,000 visitors a day to about that many in a month, it doesn't take much thought to understand how far my sales have fallen off.

I've got to be honest with you, we've put our home up for sale largely because of this. We don't want to become another statistic in the current mortgage crisis. My poor wife is in full panic mode. It hurts me to see her like this.

In looking for the silver lining, our youngest daughter is going back to college so we're looking for a home we can buy with our equity where she lives so we can help babysit more often. Homes and property taxes are lower there as well, so that will help if we can get this house sold.

If the hacker is a newsletter subscriber, I hope you now realize the damage you've done to my family with your selfish intentions.

It's my hope that by telling you, my loyal subscribers, my story, that you can prevent this kind of harm from coming to your web site's reputation with the search engines.

In all honesty, I also hoped you'd be more willing to help me in my recovery efforts if I humbled myself and told you the full truth. More on how you might do that later, first let's take care of you.

How to Prevent This From Happening To Your Site

I doubt if it can be prevented if someone is determined enough, after all, if the Pentagon and NASA can have their computers hacked, and they have been, I would think any computer online can probably be hacked.

Hacking can be made more difficult though, which may be enough to send potential hackers to easier prey. It's doubtful a hacker would be as intent in hacking one of our sites as a hacker interested in the Pentagon or NASA would be. Here are some tips that will make your site less vulnerable:

  1. Most hackers use software to hammer user name and password combinations at a web site until it gains access or exhausts its possibilities. As I understand it, most of them try eight characters or less for the password, so the first thing you want to do is make your password as difficult as possible for the software to guess.

    Ask your web site host how many characters can be in your password and if special characters are allowed, then change your password to one that uses as many characters as allowed and uses a healthy mix of upper and lower case letters, plus numbers and special characters if they're allowed. Making it as long as possible is crucial!

  2. Sidenote...
    You've probably seen "captcha" technology but may not have known what it was called. It's when you have to enter the text from an image into a text field in order to submit a form to a web site.
    Use a web site host that uses "captcha" technology to gain access to your control panel. This will help prevent software robots from gaining access through the control panel because they can't read the captcha image.

    You still want to use the max password mentioned in Item 1 because you have to protect FTP access as well, which is probably the most common entry point.

  3. In your control panel, disable anonymous FTP, or ask your host to do it if you can't find how. I never set my site up for anonymous FTP, but learned that it was set up that way by default. That may be how the hacker got in, but they could have used password attack software too.

    My web host couldn't tell me how they got in, and really wasn't concerned with how it happened because, as they said, security was my problem! Note that I use a different web host now. Maybe they should have at least faked some concern or offered advice.

  4. Visually inspect your web site directories, looking for files and folders you don't recognize as your own. Look in every folder on every level. How often you do this is up to you, but the sooner you can find hacker placed files the less damage will be done.

    Also visually inspect the source code of your web pages looking for inserted links or code, especially links placed after the source code, which will be invisible when the pages are viewed with a browser. I learned the hard way the search engine spiders don't stop reading the page when the HTML element is cancelled, they go all the way to the end of the file.

    If you have a lot of pages you'll probably want to break this task up and do a comfortable amount in several sittings, rather than making an overwhelming chore of it in one sitting. If you have too many pages to inspect them all, at least periodically make random checks.

Sidenote...
In my research I found hackers sometimes upload a software program called a "hacker tool" in addition to the other things they do. If opened, this tool may give them access to your home computer. So, you want to be sure you have your antivirus program running if you open any files you don't think are yours. A good antivirus program will prevent the hacker tool from opening, keeping your personal computer safe.

Recovery

I can only tell you what I've done in an attempt to recover my good standing with the search engines. It's too early to tell if it's working. It may just take time, if it's possible, but I list below what I've done so far. I'll let you know later if and when I see results.
  1. I redesigned my site from scratch to be sure I didn't miss any hacker files or hidden code. I'd actually already started this before my site was hacked, so the project simply took on a new urgency.
  2. I made changes to the content of each page so the pages would look updated to the search engines.
  3. I eliminated all my side topics and focused on my main theme (web site design) to help recover the strength of my site's theme.
  4. I created an XML site map to help search engines index my site and weed out the bogus links the hacker inserted. Search engines seem to like XML site maps these days. I signed up for a Google account and submitted my site map, which other search engines pick up from Google.
  5. I went to Google's Webmaster Central and asked Google to reconsider my site. Webmaster Central offers webmasters many different resources, including Webmaster Tools where you'll find the reconsideration request.

    > webmaster tools/dashboard/request reconsideration

    A reconsideration request allows owners of web sites that have been penalized or suffered a serious loss in rankings to ask Google to take a fresh look at the site so you can hopefully get any penalties removed. The reconsideration request allows you to explain what happened and state your case, so it's more than just an automated exercise, someone will apparently read your input and consider your explanation.

    Of course, you will want to correct the situation that resulted in the site being penalized in the first place. For me, it was removing the PHP script and all the dead links that the hacker added. Google has a list of things that can cause penalties which should help most folks understand what they might be doing wrong.

  6. Sidenote...
    There's a misconception that only links from similarly themed sites help your search engine rankings, but ALL links help unless it's from a site in a "bad neighborhood." Google considers any link a "vote" for your site. Links from similarly themed sites and from authority sites do carry more weight, but all links are a vote in favor of your site, unless, like I said, it's from a bad neighborhood.

    A bad neighborhood includes things like using a host with a bad reputation (allowing spam, for example), using a host that fails to enforce copyright violations, or fails to crack down on phishing sites, or has sites with viruses present, or hosts adult sites, etc.

    I've asked you folks to please link to my site. New links help with rankings in a slightly different way than established links because it shows a site is growing in popularity. Of course, long established links are the bedrock the new links rest on so they are highly valuable too.
  7. I offered a reciprocal link back, automating the process with link management software to help grow new links faster and minimize the time it takes to manage reciprocal links.

    Because my site traffic was way down and money is tight, I used a free script that did everything I wanted. Unfortunately, it apparently was not very secure — the site where I hosted the script was hacked and a phishing script was uploaded, causing my web host to shut down my account until I cleaned up the mess. This happened twice before I figured out it was the link management script that was the hackers doorway. These were separate incidents from the hacker that ruined my site's search engine reputation—it was a different site and a different host!

    8. Note: Web sites being hacked into is a growing problem. That's why you see an increasing number of web site hosts starting to use captcha technology for webmasters to login to their control panel.

  8. Sidenote...
    I'm looking for a good and SECURE reciprocal link software program so I can get those reciprocal links back in place. If your site was listed, please be patient until I find a better piece of software to use. If you know of a good script please let me know.
  9. I changed hosts to one that uses captcha technology to log into the control panel — that's not a search engine recovery tactic, but hopefully one that will help prevent a second successful hack attack.
  10. I disabled anonymous FTP — again, that's not a search engine recovery tactic, but hopefully will help prevent further attacks.

How You Can Earn Money Helping Me

Sidenote...
You might want to read the new sales pitch for eBook Farming, it's the craziest thing I've ever written to sell a product. I don't know how effective it will be, so if you want to offer any feedback about this approach I'd be very interested in what you have to say.
I've created an affiliate program and will be adding most of my products to the list. Click here or click the "Products" tab at the top of any page on this site to see which products have an affiliate program right now. I'll be adding more as they are approved by Clickbank.

You can promote any of the individual products shown, and no matter which one(s) you promote you'll get 35 percent of the sale of ANY and ALL products those you refer purchase.

This is probably the only thing that can keep me going at this full time until my site recovers at the search engines. With your help, I won't have to rely solely on search engine traffic for sales. You can promote any product on the products page via your web site, email signature file, via product reviews, or in your ezine if you have one. The affiliates page has more information, including instructions on how to get started.

You can start immediately, and in the meantime I'll be adding more products to the list and working on ideas to help you. We can BOTH win . . . you get to earn money on selected products and I get to stay self-employed and keep writing for you. I may be down right now, but I don't plan on staying down.

That's not all. Refer $300.00 in sales in any month and in addition to the 35 percent commission you'll earn, I'll give you your choice of one of the following products as a free bonus:

One More Thing...

While the affiliate program should help restore some sales (and put money in your pocket too), that won't help BoogieJack.com recover lost search engine traffic. For that, I need links pointing to it. So even if you, for some strange reason don't want to earn money as an affiliate while being a Good Samaritan, maybe you could still link to BoogieJack.com.

Click here to earn money as an affiliate.

If you'd be kind enough to link to BoogieJack.com to help in my recovery process, I've provided the code for it below:

Simple link...
<a href="http://www.boogiejack.com">BoogieJack.com</a>

Preferred link...
<a href="http://www.boogiejack.com" title="html and css tutorials">BoogieJack.com Web Design Tutorials</a>

Links With Descriptions

If you prefer offering a description with your links you may, of course, write your own, or use one from below:

Option 1...
<a href="http://www.boogiejack.com" title="html and css tutorials">BoogieJack.com</a> offers excellent web design tutorials written in plain English, as well as many other webmaster resources. Learn from a three-time published author on web design.

Option 2...
If you want easy-to-follow web design tutorials you MUST visit <a href="http://www.boogiejack.com" title="html and css tutorials">BoogieJack.com</a>. You'll also find free web graphics and other webmaster resources. Good stuff!

Option 3...
<a href="http://www.boogiejack.com" title="html and css tutorials">BoogieJack.com</a> is a cool webmaster's resource site featuring HTML and CSS tutorials, free web graphics, sound effects and other webmaster resources. Great site!

Thank you! I hope this report will help you from becoming another hacker victim. Good luck!