Today I noticed that one of my web sites was hacked. I won't go into details but I had recently changed permissions on a file and forgot to change it back when I was done with it. Anyway this person about 5 days ago edited my index.php template and added a bunch of hidden links to some rather unsavory and outright gross web pages. Now these pages are actually on a edu domain that looks like it was hacked too as the pages are in a hidden directory e.g. /_cache/_rss/ My question is should I report this to Google? I don't want to be penalized for linking to this crap and I certainly don't want this person to gain anything out of doing this. Im not sure if this is what I should do or if there is any point. I appreciate any suggestions.
You have access to your ftp? or you have lost full control over your site. If you can access you ftp, simply remove those links or if you have lost control over your site, whats the point to report, its not your anymore.
I have full acess to my site. It's actually on a private VPS that I own. What I am asking is should i inform Google that this happened because the pages linked to were all about rape, bestiality and other gross things. I really don't want to be connected to this stuff as i had hidden links on all my pages to this stuff and I don't want to be penalized by Google for linking to bad content. Also Google can penalize you for blackhat type stuff "hidden links" using CSS and such.
For how long those links were placed on your site? If they were up for just 4 or 5 days, then I don't think so that I would effect your website, unless your website has a high PR (above 6).
do a site:domain.com in google and see if the site is already in google or not. if it is then report what happened, also do same for yahoo etc
Well the problem with that is that all the pages are on www.music.umd.edu. It appears this person has hacked their server and hidden these pages on it.
Google hasn't started the nazi-Google-takeover-the-internett campaign yet, so don't worry! Just remove the links and get some kind of security going! And find that ass who did it and bitchslap him!
Trust me I would like catch this POS! It seems this guy slipped in a php include around the beginning of April that was pointing to another url, so he was able to rotate the links he was hiding. All of the links he was pointing to appeared to be on other hacked domains on servers with writable directories so the domain he had the php include was probably on someone else's server to. So it looks like he got about 12 days worth of sitewide links to his crap. Oh well, live and learn!
If you report to google whether someone at google actually sees the report is another thing. Id be more worried about reporting rape and bestiality to the appropiate authorities rather than goog.
Well I only checked one page and all it appeared to be was a bunch of spammy text with spammy links everywhere. I didn't actually see any pictures or anything. I did report it to Maryland University webmaster and he removed it all pretty quick.
I found an interesting article on Matt Cutts blog that talks about this exact problem. The example he uses is pretty much what happened to me: http://www.mattcutts.com/blog/how-google-handles-hacked-sites/ This is why I was asking if I should be proactive and report what happened to Google before they possibly penalize my site because of those spammy links. Also with the PR update coming any time now, I would like to avoid any penalties for having those links whether they are temporary or not.
Is there something cypherus isnt telling us? But...yeh, I totally agree: just remove the links, report him to the U of M but dont bother with Google!