Pharma Hacked a while back - still in effect?

Joined
Dec 17, 2015
Messages
161
Likes
89
Degree
0
So back in 2014 my main site had the infamous pharma hack which really caused massive issues in terms of cleaning it up and the consequent rankings tank.

Fast forward to today and I still see one or two links a day in ahrefs from sites pointing to pages on my site with the typical viagra keywords. Here's an example:

Order Viagra Paypal - Buy Drugs Online No Prescription Needed
luizcarlosgarrocho.redezero.org/order-viagra-paypal/ - no content on those pages!

which links to mysite.com/index.php?365-pills

Clicking on that link sends me to the homepage and the url mysite.com/?365-pills

At the time of the hacking the site was on opencart but a few months ago I moved it to wp.

So do I need to worry about these links, and what steps do I need to take if anything?
 
Joined
Apr 7, 2016
Messages
272
Likes
171
Degree
1
Did you try changing your user agent on the offending pages? They could be cloaking them.

I had a similar experience with a client site, I tried changing the user agent, didn't see anything on either page. Disavowed and moved on.
 

Ryuzaki

女性以上のお金
Staff member
BuSo Pro
Digital Strategist
Joined
Sep 3, 2014
Messages
3,414
Likes
6,232
Degree
7
Did you try changing your user agent on the offending pages? They could be cloaking them.
Similar to this, you can search your pages receiving the links on Google and check the cache, which shows you what googlebot see's, and often the links are set up to only be shown to googlebot. You can change your useragent to this too and browse your site.

But to answer your question, @Tucky, if those pages receiving the links no longer exist and throw a 404 error, then you have nothing to worry about. If they do exist or you are 301 redirecting them, then you should probably disavow the incoming links.
 
Joined
Dec 17, 2015
Messages
161
Likes
89
Degree
0
Thanks for the replies. The pages do not exist, I think maybe they did from the original hack on Opencart but as it's now on a different cms they are not there. I have wordfence and sucuri taking care of it now in the hope it won't happen again.