I always explain to clients that a website is just like your house. When it is brand new, it works beautifully, but it will need maintenance, security, and updates. Even when you keep on top of all this, there is always the possibility that someone is going to break in. Today, we will discuss the steps needed and how to stop a spambot attack on your site.
What Is A Spambot Attack
Spambots work similarly to web crawlers (like Google bot) to crawl your website. However, unlike search engine bots which are looking to index your content, spambots have more nefarious goals such as:
- Credential sniffing.
- Leaving spam comments
- Scraping your site to steal content
- Injecting SQL (structured query language) to access your database and steal information
- Insert links either for a site they are trying to rank or malicious sites to cause damage to your SEO rankings or visitors
- Generate redirects from your site to another site
- Add Google analytics spam which will skew your analytics
- Add user Generated Spam
How To Tell If My Site Is Being Attacked By An SEO Spambot
Sometimes it is quite obvious that your website is being attacked by SEO spambots. Other times, the attack is more subtle and done over a longer time. Here are a few signs of a possible spambot attack:
- Your traffic suddenly drops (either it is being funnelled to another site or search engines feel your site is dangerous and are reducing traffic to it.
- Google Search Console sends you warning notes.
- Your site is suddenly going to another website.
- Your site is suddenly in another language.
How To Stop A Spambot Attack
Before we get started, I will be mentioning paid tools below. Unfortunately, when a site is hacked, the need for reliable tools comes up. This is the same as if the boiler in your house broke. You may need a plumber and a new motor. But at the end of this post, I will also add recommendations to help you prevent future SEO spambot attacks.
Hopefully, you have a current back up of your site so that you can revert to a previous version. If you don’t things may be more dire, but if that is something you need to deal with, it can be dealt with.
1. Add Cloudflare To Your Site.
The first thing to do is to stop the bots from attacking your site. If you have not yet implemented Cloudflare, do so. We recommend Cloudflare to most of our clients because of its SEO and security features. If you don’t know how to configure Cloudflare, we are a company that specializes in Cloudflare configuration and security services.
How does Cloudflare protect your site?
- It monitors and analyses your traffic so that when weird traffic patterns occur, you can easily identify it.
- It takes the above data and uses it to discover spambot attacks as they begin.
- It can
- Cloudflare “fingerprints” and classifies bots to know which bots are benign and which are harmful without violating user privacy.
2. Scan And Audit Your Site.
You will need a few pieces of technology to help you with this.
- Check Google Analytics to see if there has been an abrupt change in site traffic. If there is, when was that date/time. Did something different happen during that date? While you are at it, see if there are any weird pages getting traffic since that time.
- Run a scan on Screaming Frog. This is a great diagnostics tool.
- Check FTP and see if there are any weird or manually created folders. If there are, these may be your culprits.
3. Figure Out How The Hack Happened
The audit should give you some ideas as to what made the hack happen. If you can’t figure it out from there (and you’re not to blame here, figuring out where a hack came from is not the easiest thing), here are a few things you can try on your own.
- Check & update your plugins. Are they all up-to-date? Not updating your plugins can result in you missing out on key security patches.
- Check & update your software. The case here is the same as with plugins.
- Check for SQL injections.
- Audit your admin and FTP passwords.
- If you have logs, go through logs to see when the issue occurred and what it was. You can use the data from Google analytics to help you in this part of the investigation.
4. Getting Your Site Back To Normal.
If the spambot created new pages, you will want to start by deleting them.
If this was a comment spam attack, you will want to delete all comment spam.
Search for new redirects and hidden links on the site, delete those.
5. Restore From Older Backup
All our clients’s sites are backed up server wise on a daily basis. If you have a similar set-up, restore your site from a backup from a date that is before the issue started happening. You may lose content that was created after that time, but you will get your site back.
Once the site is restored, you will still need to figure out what happened, since the restored copy may still house the vulnerability that allowed for the attack to happen.
Once the site is back and in tip-top shape, put in protections to prevent a similar spambot attack from happening in the first place.
If your site is under attack, or if you need assistance with protecting your site against SEO spambot attacks, contact us. We offer free consultations and will be more than happy to answer your questions and tell you about how we work.