Just Ask Matt - Answers

Do Link Exchanges Still Work?

QUESTION: (Gerald) I have a number of people asking me to exchange links. I have read that this is good, but can’t find anywhere how to do it. Any suggestions, or is there an article you have that would help me. Appreciate it.

Good question, Gerald, because we really don’t hear as much about link exchanges as we did in the past.  I think the big reason for it is it’s effectiveness (or lack thereof).  Search engine spiders are much smarter than they were 2 or 3 years agos.  And most will recognize a “link exchange” rather easily.

For those who don’t know what a link exchange is, it is when you approach another website (usually with similar content to yours) and ask them to place a nice, keyword-rich anchor text link back to your website.  In exchange, you will do the same for them.  Remember that an important part of SEO is backlinks (i.e., receiving links from other websites pointing back to you).  A few years ago, a lot of this “linking power” was represented by a Page Rank.  Getting high Page Rank websites to point back to you effectively will increase your own page rank.

Personally, I think Page Rank is a bit of a farce these days (at least the public one).  I do think the major search engines (like Google) have there own ranking system based on popularity, but it would not be public.  Still, getting links from “authority sites” with relevance (to your niche) is always key. 

Now getting back to the question…I think link exchanges (or “reciprocal linking”) is really not going to help or hurt you.  Any backlink (in most cases) usually will help you.  But if there is a reciprocal link, the spiders will usually recognize this and probably not give you proper popularity for it. 

Again, like everything SEO, this is speculation, but I know there has been a lot of abuse of link exchanges over the years (like link farms, paid text links, etc.) to draw a lot of attention to it.  I used to do it quite a bit.  I don’t really do it any more (unless I am quite friendly with the website and we exchange primarily for the traffic, not the SEO).  I think your efforts would be better suited to article writing/submission, press releases, even directory submissions. 

You can also consider n-way link exchanges.  For a 3-way link exchange example: Site A links to Site B, Site B links to Site C, and Site C links to Site A.  You can do this rather deeply, too.  But still, the search engine spiders are smart and may start recognizing the linking footprints.  The larger the “n”, the better off you are…but of course, this is a hell of a lot more work and requires some skillful coordination.

Personally, I have become somewhat of an a-hole about link exchange requests.  I don’t get as many as I used to, but when I do I usually ignore them. 

cheers…matt

P.S. If you want to know more about Getting Backlinks, check out SEOExciter.com.  (There are 10 free videos over there that shows you how!)

More Questions & Answers...
GOT A QUESTION?

Who is Behind Marketing Mind?

Matthew BredelMy name is Matthew Bredel and as of March, 2007, I am a full-time, work-at-home internet marketer. For close to 10 years, I worked for a defense company which was an OK job, but I was so uninspired in life and frankly, I needed some more money. That is when I first discovered internet marketing! Now I admit that I didn't start making thousands in my first couple of months (in fact, I lost my shirt!), but I finally saw the "internet light"...

Read More about Matthew Bredel
GURU STUFF
Interviews, Guest Posts & More

Exposing the FTC Regulations on Endorsements and Testimonials

Over the past month, I have felt a lot of rumblings throughout the internet due to the lasted FTC rulings on Testimonials and Endorsements. This IS going to change the way we market online, but who really understands this? Here, I sit down with expert internet law attorney Linda Goodman (from TheGoodmanLawFirm.com) to help me understand the fate of my own websites and its affect on this internet marketing world.

Read Full Post >


GEEK CORNER
HTML, PHP, MySQL
& Other Geeky Stuff

Htaccess & Other URL Redirect Methods

(Sonya) I came to this site by clicking on a “learn more” link that redirects to this page - what I want to know, although be it very basic, is how do I get a link to look like that? For example this web page url is http://www.matthewbredel.com/just-ask-matt, however I just clicked on something that said “learn more”. I want to know how I can title my links whatever I want with hidden url links in the exact same way you have!

Read Full Post >


Mal/ObfJS-H Wordpress Hacked

February 2nd, 2010 . by Matthew Bredel . Tweet This!
Share This Post...

Beware! Wordpress hackers are on the loose and it seems that you may be vulnerable. The Mal/ObfJS-H trojan is appearing on lots of Wordpress blogs and most people don’t know why or what to do. It’s not difficult to find or fix, as long as you know where to look…

wp4This is screwed up!

OK, so I got a call from my cousin this morning telling me that visitors to his blog were receiving a trojan warning about Mal/ObfJS-H.  Hmmm…that is totally weird.  So I did a little bit of searching and found this article (dated today, by the way) talking about the fact that this has been happening to other people, particularly those with Wordpress blogs.

So I did a little bit of digging in his Wordpress blog and sure enough, there it was!  A blatant hack into the header.php file of his Wordpress theme.

DAMN!  I haven’t seen a hack this open in a long time.  Now, I really don’t know much about it other than how to recognize it and how to removed it.

1) Mal/ObjJS-H Discovery

Assuming you have some kind of internet protection software, you should see a trojan error when you go to your blog.  That is pretty obvious (but again, not all of us have that type of protection.)

2) Finding the Mal/ObjJS-H Trojan Code

It appears that the hacker puts this code just below the closing head tag </head> in the header.php file of your template. It is a javascript encrypted routine that looks like a bunch of goobly-gook as follows:

<script language=javascript>document.write(unescape(’%3C%73%63%72%69%70%74%20%6C%61%6E%67%75%61%67%65%3D%22%6A%61%76%61773%63%72%69%70%74%22%3E%66%75%6E%63%74…%6F%6E%20%64%46%28%73%29%7B%76%61%72%20%73%31%3D%75%6E%65%73%63%61%70%65%28%73%2E%73%75%62%73%74%72%28%30%2C%73%2E%6C%65%6E%67%74%68%2D%31%29%29%…264C%261B%268E%261B%264D0tdsjqu%264F1′)</script>

This is a bit condensed.  I didn’t really want to put the full code here.  But realize that this does not appear in the standard view source code (at least it didn’t when I originally checked).  I only discovered it when I looked at the header.php file in the Appearance Editor.

3) Finding and removing the hack

Within your Wordpress admin, choose “Editor” under the Appearance section on the left hand menu in Wordpress.

wp1

Then, in the right column, choose the header.php file…

wp2

Finally, in the main window, scroll down to the </head> tag and see if that ugly javascript routine exists.  If so DELETE IT!  You want to delete from the first <script> tag to the closing </script> tag (as kind of shown above).

wp3

That should do it!  You may need to clear the cache on your web browser to no longer see the Mal/ObfJS-M trojan error, but hopefully this solves your problem (it did for us).

4) Prevention!

Again, I am not exactly sure who or why this is being done (probably a tracking cookie or maybe a cookie stuff), but my best advice to you is to make sure that all of the write permissions to your theme files are closed to anyone but the owner.  (This is usually called a 755 permission).  Depending on your FTP product, cpanel, host management software, etc. this will be different, but it isn’t a bad thing to do right now.  Again, that my be the problem, but who knows.

For now, just keep an eye on things and lock this down if you can.  This is the second case I have heard of today.

Gosh, don’t you love internet hacking?  NOT!

cheers…matt

Don't Buy Another Money Making Product Until You Watch These FREE Videos!

First Name:
Email:

Posted in Feature, Geek Stuff, Ramble On, Website Design |
Tagged With:  

7 Responses to “Mal/ObfJS-H Wordpress Hacked”

  1. Hey Matt,

    If you still have the full text of the javascript you removed from the header, you can just copy it to a clean page, alter document.write to document.alert and open the page in a browser to find out what the obfuscated code actually says…

    If you do, I’d love to know.

    Thanks,

    Steve

    Posted by: Steve Gunn
    February 2nd, 2010 at 2:50 pm

  2. Hey Matt,

    Thanks for the heads up. I appreciate the easy to follow instructions!

    ~Maria

    Posted by: Maria
    February 3rd, 2010 at 4:41 pm

  3. Just helped a friend out with this same problem — a Dreamhost-ed Wordpress blog. I removed the malicious code but am eager to find out how to prevent its recurrence.

    Posted by: Rachel
    February 6th, 2010 at 7:06 pm

  4. Thanks Matt! I worked for a couple of days trying to find the hacked code, then found it immediately after reading your post.

    Posted by: Keith
    February 14th, 2010 at 12:45 pm

  5. The same thing happened to me but I would say the story is not over. I checked my database table and the hacker added an administrator account.

    I would check your users table and make sure that doesn’t exist. Also I would keep checking because if they had access as an admin they could have uploaded another script that would reopen their account if it was deleted.

    Posted by: Brian Lyssy
    February 15th, 2010 at 2:18 pm

  6. Hey Brian,

    OK, that sounds scary (and something I did not think about)! I will definitely go back and look at this. Thanks for the heads up!

    cheers…matt

    Posted by: Matthew Bredel
    February 15th, 2010 at 2:54 pm

  7. I’m getting a URL:mal error in my site - problem is I can’t access my editor - my dashboard is experiencing problems - any suggestions?

    Posted by: michelle
    May 12th, 2010 at 7:57 am

Leave a Reply

XHTML: You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>