Something really weird happened when I had the password problem last week — I completely disappeared from Google. It’s not just the search for Matt, but almost every page on my site has disappeared even for super-obvious searches. This happened within a day of the guy getting into my blog account. I have two theories, one is that when all my links started pointing to blogspot (he changed my siteurl) that triggered some sort of anti-spam flag, and my second theory is that [H]e turned on the new Blog Privacy feature in WP that adds noindex,nofollow to the header of your page, and Google was crawling me that very instant and removed my site. BTW, as an update to the previous entry, I have since found out that I did not have a super-obvious password, but rather he found it embedded in the source code in the SVN repository of a new project I’m working on that hasn’t been released yet. I’ve axed the repo, but at least now I don’t feel so bad about having an awful password on my blog. Regardless, the event was a good excuse to review my password strategy and make sure everything was fairly locked down. Update: I’m certain it was the noindex thing, which looks like it was on for about a week. Let’s see how long it takes to bring everything back and if I rank the same. Update 2: Everything is back to normal. 🙂
You might be right but I wouldn’t be so sure about what happened. Every page on Newsvine disappeared entirely from Google for a few days last week without explanation and now it’s back without incident. I just think that weird stuff happens there sometimes. I thought about contacting Google immediately to see what was wrong but I’m glad I waited a few days… just seemed like some sort of indexing hiccup.
It happened the same to me, but in my case was when I changed the title of my blog.
Man, that totally sucks hard. Why would someone do that? What’s the point?
there’s a lot going on with google’s datacenters now. that may or may not have something to do with it as well. the best thing you can do is sit back and try not to concern yourself with it. if you weren’t up to no good, you should be groovy.
Ouch!
Today I checked my blog, and realized that neither option was selected… does that mean?
Oh no. Now you’ll have to change your About page… and your business card! 😉
Hopefully Google will show you some love again soon.
Was this related to the 404’s a couple days ago?
Aww… You’re not #1 anymore.
You saved your password in a public file? I thought you guys were invincible?
Matt, I don’t know how to tell you this, but Google has been breaking since March. I can send you links to articles that explain about this Big Daddy update (a 64-bit datacentre). Here is the latest finding from last night, posted in UseNet (AISE):
What the heck?
The page at Webmasterworld where these sites were first made public today
just went offline!
[URL snipped]
Here is my little conspiracy theory of the day: someone does not want this
information public
If you missed the first message here, here are the search queries to play
with on Google’s site:
[quote]
After 5 minute investigation we have:
site:cgq7wm.org 56100000
site:eiqz2q.org 3010000000
site:t1ps2see.com 1260000000
site:etlz8o.org 80800000
site:viwhha.org 42900000
site:qge6f7.org 69000000
site:rfni70.org 252000000
site:jkthy0.org 27400000
site:geku8h.org 62700000
Giving a grand total of 4,860,900,000
[/quote]
have fun!
That’s odd…
Maybe this will mean my listing will go up?!?
I’m kidding Matt. I think that is sad that you lost your Google Ranking.
Whoa! I don’t know what I’d do if I lost the Google ranking I’ve got, since it’s already fairly low despite years of trying. Definitely a cautionary tale for all on the Internet about making sure where your info is at all times!
Well, you’re lucky to be in Google. I’m waiting for three months now and still nothing. I’m gonna die and our business is falling appart. O mighty Google, please index us!
Sorry to hear that some damage was done, some people are just jerks. Hopefully it will correct itself, google seems to be pretty regular on the updates on indexing.
Strange. Someone got into a few of our WordPress blogs (mine specifically) and deleted our accounts. I could not log in. Anyway, we were using weak ass passwords as well (they are stronger now). Wonder if the events were connected?
You’re back for me as the #1 result for keyword “matt” and keyword “photo matt”.
Is Google that fast?
Hey Matt
Everything is now well, I am sure that, that MD5 hash string you published in the mailing list was the starting point, I used several types of brute-force password cracker programs last year and found that even though it’s a time consuming way but it _works_ . I know many hackers have powerful tools to mix up brute-force and dictionary attacks.
Don’t worry, google spider is too smart. You still have a 8/10 ranking on google 😉
Would have sucked alot more if you where physically banned from google. The majority of my traffic is from google, so it would pretty much kill my traffic.
Have you checked Google sitemaps? I believe it might tell you something about the reason…
http://www.google.com/support/webmasters/bin/answer.py?answer=35156&topic=8474
Ouch, I hope you’re back in the search results soon. Not such a funny hack if it messes up your pagerank.
Nice work! I better review my password strategy too!!!
Sad to hear about that, I am sure your ranks will shoot back up soon 🙂
Good Luck 🙂
I am begining to see you in the searches you gave… Again.
dang, that sucks.
That sucks. I had a similar situation happen (Google On, Google Gone) where Google had pulled my site from its listing. Unlike yours, my delisting was due to my own error (repeat posts, redirects, basically all the stuff you are NOT supposed to do). It took Google a good few months (about 3) before they correctly re-indexed my site and restored its proper page rank.
Boring coincidence that google was to index you right after that – hopefully they index your site more than once a month, you’re blog is well linked too 🙂
Sorry to hear about the loss of your google standings, those aren’t easy to build up. Well, not really. I’m now ahead of you in the search for Matt. Sorry I shouldn’t take pleasure in your pain. But it’ll be fun while it lasts. 😀 (I doubt it’ll last long).
Do you really think it’s a bigger crime to have a potentially weak password than it is to check it into what I’m assuming is a public SVN repository? 🙂
Checked, and it looks like your site is right back at the top.
For a while (maybe the last month or so) I’ve been reading your blog here 🙂
The post titles look really nice 🙂 How did you do them?
-Mark
You’re back up on my google 🙂
You are back to #1 from my view of Google now …
Google says you’re the most famous Matt again.
Call me a paranoid. But every single password that I use for any website is unique.
I sign up for many web services. One fear I have of using a single password is the single compromise that compromises everything.
For this I find using Password Safe very useful.
your back! Well, atleast on my searches
Just so you know, you are back in google
how long indeed? do keep us posted.
Hi Matt
try a reinclusion request
don’t sit down and wait — or you sit down for the next six months
kindly regards
Monika
Regardless of the strength of your password for your blog you should always take extra steps to ensure that you as prepared as possible against vicious attacks, I would have to say the first step you should take at the very least is rename your wp-admin folder and then password protect it with an .htaccess file
as i state don the 16th, there is an update underway, and the results vary according to what datacenter you hit.
keep on doing what you need to do, and the engines will figure it out accordingly.
Thats a shame 🙁
Perhaps this should be a catalyst to tighten up the security in wordpress in general. I’m an average user with an average wordpress setup. And I think there are some steps the development team could take to improving the basic security setup. One of the key attributes to WordPress’s success are it’s ease of use from the non techie’s perspective. These suggestions would not be too difficult to implement yourself but if they were included by default would offer the average user a lot more protection, especially as WordPress continues to grow in popularity.
Be given an option at install/upgrade to rename the wp-admin directory.
Be given a security management tool that allows you to define IP ranges that are permitted to login as admin
Be asked for random characters of your password not the whole thing every time.
Have the wp-admin interface tell you when and from where you last logged in from.
I dont know if some of these are more suited to plugins (if in fact they might already exist!) but hey I’m just an average user!
Man thats horrible. Some might think its petty, but I look at it like breaking into someone’s house. Get a gun and protect your domain. 😉
It’s nice to see the Good Guys like Matt get their ranking restored quickly once the problem is fixed (He’s #1 again for a search on ‘Matt’), while the Bad Guys loose their ranking just as quickly – see : http://merged.ca/monetize/flat/how-to-get-billions-of-pages-indexed-by-Google.html
(I think this is the incident Roy was talking about above).
(Small off-topic nit pick – The strike tag is used in the original post. It was deprecated in HTML 4.01 and is invalid in XHTML1.1 (the validation link given at the bottom of this page). I’ve been brushing up on XHTML tags lately and discovered the del and ins tags – del or a CSS equivalent is what you want to use.
I think renaming wp-admin is silly.
I think that happens when you choose that option. Noindex thing is dangerous.
By the way, do you want to find out if you are a workaholic?
I found one recently
It is kind of personality , behavior test kind of thingy. It is sort of quiz.
http://ibtimes.com/bizquiz/
I am a workaholic according to the result. 🙁
Have fun guys.