So today I get an email from Google :

  • Today I get an email from Google :
    https://commercialloansoftexas.com/: Increase in not found errors

    Google detected a significant increase in the number of URLs that return a 404 (Page Not Found) error. Investigating these errors and fixing them where appropriate ensures that Google can successfully crawl your site’s pages.
    So I notice 154 web pages on my site are returning a 404 but I don’t have more than 30 pages and they were all added 4/10/15. I look at the urls IE https://commercialloansoftexas.com/bisexual-youth/ and they are all sexually oriented. I ask Fatcow who hosts my site if they have a malware issue. Everything tested clean.I looked at Webmasters to see the error and who it is linking from and it looks like normal websites that have /SEXUAL-NAME file extensions so they are being targeted too. I included screen shots so you can see what I am looking at.

    Oddly enough,I received a solicitation from a toxic link removal company today warning me of toxic links. I do not buy or even trade links and we have been on Page1 of Google for years and were penalized for bad linking a year ago even though we do not trade links. I am wondering if this company bombs sites with bad links, gets paid to remove them and then re bombs the site. I am still on page 1 today and Adwords says I am in good standing but how do I stop this and not get penalized? Is this illegal and how do I prevent this? No such pages even exist on our server as Fatcow verified it too. Please advise.

    Update: Ran GOTMLS yesterday and pulled quite a few bad files out but had 3 it couldn’t clean. Trying again now but does this even look like a malware hack or is someone building fake links to my site in order to harm me with Google? I wish I could attach a screenshot of Google analytics.

Viewing 5 replies - 1 through 5 (of 5 total)

  • It seems you have two issues. As I understand your comments, you are receiving traffic for pages that do not exist on your site. Your server is returning a 404 not found.

    The other more troubling issue is GOTMLS is finding bad files. What exactly did GOTMLS call the files? Did they call the file malware and quarantine it or did it say it was potentially malware?

    GOTMLS is a good tool but it can have false positives. For the average user to determine if a file has malware you have to compare a known good file from the repo to the suspect file.

    So, depending on what GOTMLS really found, you may be hacked. And just because your site has no outward signs of hacking doesn’t mean it’s not damaged. Tell me more about the GOTMLS files.

    I would write off your link removal solicitation as a coincidence. You have checked your site for bad links and didn’t find any.

    And for the 404’s being returned you should not be punished. If that kind of thing worked, a competitor could sink a site by simply sending it bad traffic.

    Thread Starter texlend

    (@texlend)

    It quarantined 35 files. Here are some.

    Date QuarantinedDate Infected
    2015-04-15 17:382015-03-18 21:49Q…/commercialloansoftexas/wp-includes/js/tinymce/plugins/wpfullscreen/plugin_old.php
    2015-04-15 17:382015-03-18 21:49Q…/commercialloansoftexas/wp-admin/network/freedoms_new.php
    2015-04-15 17:382015-03-18 21:49Q…/commercialloansoftexas/wp-content/themes/twentytwelve/inc/custom-header_indesit.php
    2015-04-15 17:382015-03-18 21:49Q…/commercialloansoftexas/wp-content/plugins/form-maker/uploads/6d18681c_old.php
    2015-04-15 17:382015-03-18 21:49Q…/commercialloansoftexas/wp-admin/css/wp-admin_old.php
    2015-04-15 17:382015-03-18 21:49Q…/commercialloansoftexas/wp-content/themes/smallbizdynamic/nbproject/project_infoold.php

    Yep, that is a hacked site. You can continue to look for bad files or you can bite the bullet and delete most everything and load all new. I know that lots of folks don’t want to go to this level. But an enormous amount of time can be spent looking for malware and still miss a backdoor or two.

    I’m going to add the hacked info link but before I do, here is an overview. I suggest copying everything in the WordPress root to a file on your PC. It’s just in case you delete something you want back. If your theme has an xml dump of its setting download that.

    Then delete everything in the root directory except wp-contents and wp-config.php. Download a fresh WordPress version and upload everything but the wp-contents directory and the wp-config.php file.

    Now you can login to your dashboard and add new copies of your theme and plugins. All the setting on your plugins should still be there so usually there is nothing to do there. If your theme didn’t have provisions for a dump there will be some set up there.

    Then you can focus your malware scanner on wp-content and clean up your database.

    So here’s the link, follow this guide.

    When you’re done, you may want to implement some (if not all) of the recommended security measures.

    Let us know how it goes.

    Thread Starter texlend

    (@texlend)

    Looks like you are right. Gotmls and Sucuri are testing clean and the amount of porn links started to decline until today and now 700 new ones!

    I think I am in over my head. I hired a guy from Fiverr to fix my responsive theme and this is when it started.

    Any recommendations of someone reputable to fix this?

    I’m sorry that the problems are back. Sometimes it takes more than one try to locate and remove all the malware.

    If you want to look for a freelancer try posting at jobs.wordpress.net.

Viewing 5 replies - 1 through 5 (of 5 total)
  • The topic ‘So today I get an email from Google :’ is closed to new replies.