Ash Nallawalla's blog

Old WordPress may be vulnerable to spammers

Ash Nallawalla

6 April 2008


A friend of mine who runs some quality sites got this email from Google:

Dear site owner or webmaster of,

While we were indexing your webpages, we detected that some of your pages were using techniques that were outside our quality guidelines, which can be found here: In order to preserve the quality of our search engine, we have temporarily removed some webpages from our search results. Currently pages from are scheduled to be removed for at least 30 days. Specifically, we detected the following practices on your webpages: * The following hidden text on e.g. payday loan (several more spammy links) […]

We would prefer to have your pages in Google’s index. If you wish to be reconsidered, please correct or remove all pages that are outside our quality guidelines. When you are ready, please visit: to learn more and request a reconsideration request.

Google Search Quality Team

This is enough to send a shiver down the proverbial. My friend suspected WordPress to be the culprit, as it is present on his sites and it is out of date. But he could not find the problem in the templates. I took a quick look.

First I suspected a proxy hijack. I searched for in Google and among a few results, there was this:

Turns out to be a proxy script with just a form on the home page. It was likely to be another site that contained a link to the above URL. The latter site was probably crawled and therefore the link was indexed.

Then I searched for his domain name with some of the spammy words and found a single article. In a single location in the first paragraph there was a long string of linked URLs whose HTML code looked like this (spaces deliberately inserted below):

<u style="display:none"><a href="http://www.spammysite .com/wp-content/1/ payday-loan-in-georgia.html"><font style="color:black; background-color:99ff99">payday</font> loan in georgia</a> (more than 100 similar links followed)</u>

My friend has cleaned out this code and upgraded WordPress to the latest version. I am waiting for Fantastico to catch up, as I am only one version behind, and will follow suit. Suggest that you check your version soon.

Ash Nallawalla

Search strategist experienced in large, complex websites. Ash's Google+ profile

Related Posts

Sherpa for Majestic Chrome Extension – Review

Ash Nallawalla

21 October 2017

SEO, SEO Tools

Feel free to share...Most professional SEOs I know use for reliable backlink data. Majestic provides a lot of data about the links to a site, including data about the quality of those links. I have used it for many years, from the time it was known as Majestic SEO. I usually enter the URL […]

Read More

President Obama’s pages archived

Ash Nallawalla

22 January 2017

Other, SEO

Feel free to share...After Mr Donald Trump became the president at noon today (USA EST), many reported that the website removed references to Climate Change and LGBT. That isn’t entirely accurate. The website up to that point has been archived and can be found at The LGBT URL was but it redirects […]

Read More

1 Comment

Comments are closed

Older Posts