Posted on Friday, May 22nd (5450 days ago)

I want to share a “just-resolved” experience with you. A local real estate office that was coming up #1 in Google for the phrase “stone harbor rentals”. This positioning in Google is the backbone of their business model at this point.

One day (about 5 days ago), a client of theirs called to say that he could not find their website when searching. Sure enough, when the owner of the office tried searching Google himself, he saw that the entire domain had completely vanished! He called me in a panic. Google had completely dropped him!

The goofy part of that initial phone call was the fact that only the day before, the server this site was on had php4 removed and one line in the website’s .htaccess file was throwing errors in some browsers due to some mime type oddness that had sprung up.

Needless to say, the client thought it was all my fault so the first part of the conversation involved me sternly clarifying that there is no relation whatsoever.

That behind us, I began my investigation. Searching Google, it was true. The domain was GONE. Completely. Wow. Shit…  I checked Yahoo and friends. It was there! Great! Wait, no so great. Everyone uses Google…

What happened?

I went into my Google Webmaster tools account and added their domain name to my own account to see if that would shed any light on Google’s removal. It certainly did:

I read Google’s message and they were claiming that it appeared that the site had been hacked and was therefore removed from their index on April 22nd.  That means it had taken nearly 2 weeks for anyone to pick up on it! Ouch!  I looked at the source code of the live pages. Sure enough, someone had managed to force their way in and hide a bunch of Viagra links and crap all over the pages. I removed the hacked pages, uploaded fresh versions and reset all FTP passwords to more secure alternatives.

How did the hacking take place?

My guess is the weak FTP password that was given to the owner’s nephew so he could maintain the site. Apparently he had left the office about 6 months earlier than our incident. I’ll assume a dictionary or brute force attack cracked the password and gave the hacker access to the files.

That said, make sure to regularly check your live source code just in case.  Better yet, go through your FTP passwords and make them real tough to crack by adding numbers and symbols to them, not just letters.

Moving forward…

Google does seem a “merciful god” so to speak. They have a link for reconsideration. I had my doubts about this link, but I followed it, filled in the form and viola! In less than a week the website was right back in number one!  A victory for the little guys!

 

---

About Joseph R. B. Taylor

Joseph R. B. Taylor is a humble designer/developer who makes stuff for screens of all shapes and sizes. He is currently the lead UI/UX Architect at MScience, LLC, where he works to create simple experiences on top of large rich datasets for their customers and clients.