Comments on: Ways to Find Out if Your Site Has Been Hacked or Hijacked

By: Kerry Dye Vertical Leap

Kerry Dye Vertical Leap — Wed, 03 Sep 2008 11:44:08 +0000

And if your server logs have been deleted, that’s something that hackers do too. Unfortunately they are something that a lot of site owners don’t have access to though, which is why we are always investigating alternatives. Site owners may need to notify their web host that there is a problem, because webhosts don’t always spot it. And if they do spot hacking they don’t always fix the sites that got affected because it is more important to them to close the hole than fix the problems that got caused.

By: Rick Stone

Rick Stone — Wed, 03 Sep 2008 10:52:36 +0000

Two out of the 2 links I clicked on didn’t work. The last comment was the best thing of the whole article. CHECK YOUR FILE LOGS!

By: blu star web design services in tipperary, ireland

blu star web design services in tipperary, ireland — Mon, 11 Aug 2008 16:28:39 +0000

monitoring web server logs and the syslog on unix machines will show up any attempted hijacks..

By: Gavin Mitchell

Gavin Mitchell — Fri, 01 Aug 2008 10:19:26 +0000

Thanks for the SerpGuard reminder Ann – I meant to sign up when Nick first mentioned it was live but it slipped my mind :)

By: Ann Smarty

Ann Smarty — Thu, 31 Jul 2008 13:32:07 +0000

@Nick : thanks for stopping by for a great comment!

By: Chris Kieff

Chris Kieff — Thu, 31 Jul 2008 12:44:27 +0000

Ann,
Excellent ideas here. Several years ago I had a hacker set up a Bank spoofing site (Royal Bank of Scotland) on one of my servers. I felt terrible that my site could have been used for identity theft. I’m not sure how these methods would help to detect that. The only clue would possibly be a spike in traffic from email systems. But no external links were used.

Since then I’ve used one basic tool- Roboform, to generate random passwords and remember them for me. I’ve not had another problem.

Thanks,
Chris

By: Nick Wilsdon

Nick Wilsdon — Thu, 31 Jul 2008 10:11:25 +0000

Thanks for the link to SERPGuard Ann! I’m glad you got setup in there without a problem.

BTW, you can test your email address by going to the settings, that will confirm system emails get through to you. I didn’t build in a way to send false malware warnings – that maybe an idea for the future.

We have already had sites we are monitoring flagged as malware though so it does seem to be helping people.

@Software Testing

You can manually check the Google Blacklist database by following the instructions here at SEL:

http://searchengineland.com/080523-075927.php

Our tool just automates the process – push not pull. There is no way to query the database to get a list of compromised sites, unless you know the URLs already.

By: Kerry Dye Vertical Leap

Kerry Dye Vertical Leap — Wed, 30 Jul 2008 18:08:09 +0000

Oh, just found that SEO Chat has one too http://www.seochat.com/seo-tools/site-link-analyzer/

By: Kerry Dye Vertical Leap

Kerry Dye Vertical Leap — Wed, 30 Jul 2008 18:05:21 +0000

There are a few around, the bad neighbourhood tool does it http://www.bad-neighborhood.com/text-link-tool.htm, if you are only interested in a single page then try http://www.linkvendor.com/seo-tools/outbound-links.html. The one I was using to check whole sites isn’t live any longer, so we made our own http://www.vertical-leap.co.uk/seo-tools/external-links.asp

Hope this helps

Kerry

By: Ann Smarty

Ann Smarty — Wed, 30 Jul 2008 14:52:50 +0000

@Kerry : how exactly you are tracking your external links? thank for the tip btw!