Most people are aware of Rick Santorum’s issues with Google, but he’s not the only politician having issues. Deb Fischer is a Republican State Senator running for a U.S. Senate seat in Nebraska. Like every other candidate in 2012 she has a professional looking website touting her views and abilities, and informing everyone of the latest Deb Fischer news.
While to the naked eye it looks fine, it’s only when you dive beneath the surface that you begin to see the issues. For instance, if you perform a search on Google looking for pages on her site that Google has indexed, you are inundated with pharmaceutical links.
Now, obviously State Sen. Fischer isn’t trying to make a cheap buck selling Canadian drugs on the side, her site has been hacked. Viewing the source code on any of the pages on her site it becomes evident where the search engines have found these links.
These links scattered across the site are absolutely affecting the quality score of her site, and will make it harder for her to rank for any of her targeted terms (although there are other issues with her site, beyond the hacking, that are also going to impinge on her ability to rank for key terms in the Nebraska Senate race).
The next question is how did these get there? There are several possibilities.
- The content management system (CMS) used for her site may have security holes, or not be the most recent (in fact her site currently runs on WordPress 3.3, while the latest version is 3.3.1).
- The hosting site may have been compromised.
- The passwords to her site may have allowed easy access (specifically if not changed from default passwords, or common, easily guessed passwords).
So what should State Sen. Fischer’s web staff do to resolve this?
The first step is to revert to a backup of the clean version of the site from before it was hacked. In lieu of that, they’ll need to go through every page and remove all of the insidious links. While that’s in progress they can upgrade to WordPress 3.3.1. to ensure that they have the greatest currently available level of security on the site.
Next they should change the WordPress admin password for the site, as well as their hosting password, just to be on the safe side.
The Webmaster should also set up a wildcard redirect so that any of these links go to an error page rather than resolving to an actual page on her site. That would help Google to realize that these pages should be pulled from the index.
Finally, the site needs to have a robots.txt file created (the robots.txt file is used by search engines to tell them what they can and can’t crawl on a website), and in the robots.txt add the line:
Disallow: /*cat=
Which would block all of the erroneous links from being crawled & indexed should they ever show up again.
If they do all of this, then anyone looking to find out about her or wanting to donate to her campaign will be able to find it and not instead see:
Post Script: Between writing and publishing it looks like cleanup has already been started.