3 min read

Google Webmaster Tool against Hacking your Joomla Website

Top keywords at Google Webmaster tool showed me that my Joomla 1.5 website had been hacked. I have no clue how to hack websites but I know of search engine optimization, and I understand something is wrong when “download” and “movie” are my top keywords in significance in Google webmaster tool!


My Joomla 1.5 installation was getting old and I didn’t care to update it the last months, leading to some serious hacking taking place in my website. First they attacked and hacked all of my websites’ .htaccess files but fortunately I always keep backups. Lately my domain’s pagerank dropped to 2 and it was time for drastic measures. Having restarted my website from scratch today, it’s no surprise that I have seen hits at content URL links I never even knew they existed!

The top keywords of my domain used to be trading, poker and betting, perfectly matching my gambling blog’s theme. However, when I logged into Google webmaster tool a month or so, I noticed my domain was being ranked for “download”, “movie” and “watch”. No matter how hard I dag into my server’s files, I couldn’t find a trace of those keywords, although I have come across that kind of hacking when I’d checked the .htaccess file at my server’s root path. Not this time so I made the big decision to delete the whole Joomla 1.5 installation and start over using Joomla 1.7 along with a WordPress blog.

After a week of installing templates, copying articles and tidying up SQL databases, the website is up and running today, knowing that everything is clean once again. Yet, Joomla 1.7 has a nice redirect plug-in where the webmaster or administrator can check incoming links leading to error pages such as 404 – page not found. Suddenly the plug-in’s list got filled with links to articles that I didn’t recognize! Given the fact those links were actually indexed and cached in Google search engine, I was able to visit some of them. Here is one of them:

Hacked unknown Joomla post

There’s no question they know how to hack websites! I still miss the point though of hacking small websites such as mine. Obviously the content includes text links that work in some mysterious way in favor of the attackers but I’m totally ignorant of their hacking methods! What I did find out though right before writing this post, is a hacking method called sql injection. I have not researched for it, but when I did the search engine optimization for this post the term “sql injection” kept appearing. The significance of this keyword is strong with 74,000 exact monthly searches. I believe sql injection could be one of the methods attackers used to hack my website in order to create new content without me knowing about it! I’ll probably do a research and come back to this issue.

For the time being I’m glad I kept on checking the Google webmaster tool from time to time, as it was the main reason for finally pulling the trigger and cleaning up my domain and website. Hopefully it will lead to a Pagerank increase sooner or later, but it will surely take time, now that every indexed URL link has been changed! Don’t worry; I have inserted 301 redirect rules in the .htaccess. I just wish they don’t hack my website again anytime soon!