Hello, i have found out that someone added hundreds of directories on my server. For example : website.com/travel website.com/jobs etc... each new directory had hundreds of spam words that were related to each topic. my main keyword which is extremely difficult to rank on first page in Google went from 1st page to 5th in rankings. All of my other keywords have dropped by a lot too. I would like to now if this hacking was the cause of loosing position on Google rankings. I have deleted all the directories that the hacker has added and now if someone try's to access them it shows a 404 error page. Do i need to take any additional steps ? Any help would be very appreciated. Thank you so much .
Wow, a hacker that adds scripts to your server rather than adding in viruses or deleting the lot.... I'm sorry to hear about this happening but on the plus side, see yourself lucky that they didn't remove the whole of the site. I would say that it could have some bearing on the fact you have dropped in position but i wouldn't think it would be 5 pages worth, depends on the length of time that you have had the spam on your site.
Thank you for replying. i have had the spam directories for 2 weeks now and just now realized i had them. but my main keywords was ranked on 1st and 2nd page in Google for6 months now and suddenly drooped a lot of positions. I hope i didn't get penalized.
If you were penalized, it wont last forever. Google is pretty forgiving if you've removed the offending material; just give it time, your serps will resurface.
Once you've cleaned up your site (and good luck doing that, sounds terrible!), you can log into your webmaster tools account and requestion reinclusion of your site, if Google has dropped it from the SERPS. You can also check there for notices from Google.
Were there links from your original pages to the new directories? If not then those new directories could NOT have any effect, simply because googlebot would not find them. Have you checked to see if any of those new directories got indexed? ummm, absolutely. You need to determine how this happened. More than likely you are not the first, so research it. Go to your web host's support forum if they have one and see if anyone else is complaining of this. Change ALL your passwords. Make them longer and more secure. Brush your teeth after every meal. Bompa
You might scan your local pc too. Sometimes something ends up on your pc that messes with your ftp client and uploads things like this to your site. There are concerns with 777 folders/directories. If your script or site has any of these permissions they are writeable and can cause things like this. Many hosts tell you not to set 777's, but if your script allows uploads like images most likely you have to have them or it wont allow uploads. .htaccess modifications can help prevent a lot of things like this. Also if your script is out of date check for updates or security fixes/patches from the maker. If your script has some kind of support forum drop by and see if anyone else is talking about exploits in the script or has any tips and suggestions. Some hosts do a better job than others at keeping the server in general more secure. Hopefully you have a host that keeps up to date on the server side.
Yeah, just remove all those files from your server, fix your security, change passwords on ftp etc and give it some time, you will return to your old positions.
As others have said, it is important to find the security weakness that allowed this to happen. Otherwise, it will just happen again. In addition to the steps that others have advised, make sure all your scripts (such as Wordpress) are at their latest versions. The links in my signature discuss the various possibilities how it happened.
You can check if you are penalized by visiting the site called seopenalty.com. I am not sure how their algorithm works though, and what they consider as a 'penalty' and what is not.
you should also see if any backdoor script was left behind, i got hacked once or twice and on both occasions a backdoor script was left behind.
By reading this thread, I see you have your hands full. You need to worry about more important things then Google SERP's first. Good luck!