1

Google search result of my wordpress site is different than original content. We have taken services of security expert and they have scanned the site and database but there is no modification in code and database. Neither they found any plugin vulnerability or similar type of attack. The code and and database was clean.

Only thing we found in access log that 10-20 requests are being sent daily on my server but the referer is either vulgar sites or pharma sites. We couldn't find it immediately because there are thousands of requests we get daily and these are only 10-20 but they hit regularly. Can this be a reason, my sites content is different in google search results.

We have cleaned every url using removal method of google but now we searched after a month, fake results start appearing again. If code and database is clean, fake referer attack can be a possibility for modified search results.

Please share some information on this front.

Thank You

Edit -- My concern to know how badly fake refers can damage search results of google. Are they slow poison? If yes so can anyone do this damage to any site because creating faking referer is very easy for anyone using curl.

Derek
  • 79
  • 1
  • 6
  • Did you verify the IP Address associated with your domain? – xandfury Apr 27 '18 at 07:52
  • If I directly open the site link in browser, it goes on my site but if I use google manipulated search results, it goes on pharma site. – Derek Apr 27 '18 at 08:54
  • Possible duplicate of [Being directed to hacked site only when searched through Yahoo](https://security.stackexchange.com/questions/182445/being-directed-to-hacked-site-only-when-searched-through-yahoo) – Nomad Apr 27 '18 at 10:01
  • 1
    Possible duplicate of [Google showing spam links on my site](https://security.stackexchange.com/questions/13059/google-showing-spam-links-on-my-site) – xandfury Apr 27 '18 at 11:57
  • SEO and SERP is not a security topic. Btw, when you say " 0 down vote favorite Google search result of my wordpress site is different than original content" , are you using "site:yourdomain" ? Or you just mean the SEO doesn't meat your expectation? – mootmoot Apr 27 '18 at 13:25
  • Does security not cover Referer manipulation,? Yes I meant site:mydomain, this shows all false results. – Derek Apr 27 '18 at 14:23

1 Answers1

1

The fake referrers in your logs have nothing to do with your problem, they are almost certainly just referrer spam, and they are harmless, except for polluting your analytics and statistics. And this was to answer your question about referrers.

As for the solution to your problem, if you are really sure your website is totally clean (which means all the files are exactly the same as the ones in a clean backup or default installation, and the same is true of the database, which might be more difficult to check thoroughly), then your problem is somewhere else. I'd tend to exclude the possibility of problems with DNS servers, because if your domain pointed to a different website you would be able to see the malicious site too (not only seen by Google but by everyone). The most likely point of infection is therefore your web server, either just the server software (Apache, Nginx, etc., all it takes is configuring some malicious redirections for exaple) or even the whole machine might be compromised. I find it strange that the "security experts" you hired didn't at least warn you about this and tell you to check your server. If you don't manage your own server, your web hosting provider might be infected and you should let them know.

reed
  • 15,398
  • 6
  • 43
  • 64