7

Over the past couple of weeks, we've noticed that the search results from Google for some of our drupal-powered sites are having their page titles hijacked somehow. An example would be:

free streaming porn - [Actual page title]

There are other variations of the porn prefix, that's one of the more tame ones. I looked in the databases for each of these sites and the titles haven't actually been changed or anything along those lines. When you click on the result to visit the page everything looks normal (sans porn stuff). Would anyone be able to point me in the right direction as to what the cause of this is?

rfoote
  • 73
  • 2

3 Answers3

7

First of all, this isn't happening on bing or any other search engines. Also, when I view the pages, like you said, the bad titles don't appear.

Therefore, what I think is happening is that your site has became infected with a virus that causes google to see a different version of your page than what other people see, with the bad titles. This is easy to do, as when google browses webpages, it uses a special header and certain ip addresses, and therefor anyone can tell when google is visiting a site. You can test this by using google's webmaster tools "fetch as googlebot" feature: if the title of the page is different, than that's what is happening.

If that is the case, I would get someone to remove that virus from your drupal installation. Once that virus is gone, then google will re-index your pages, and the search results will be back to normal.

UPDATE (much later): Matt Cutts, the head of Google's webspam team, just posted a blog post that explains the basics of this problem, and where you can go to get more information and/or receive help.

2

Are you sure that the virus is not on your end?

Have you tried other PCs and perhaps even other networks (in case your proxy is infected)?

djdy
  • 171
  • 1
0

Problem: Drupal website page titles has "live streaming porn" text in prefix in only google search results

Solution: Visit drupal base directory for these 2 files index.php and install.php hackers have written a function GLOBAL $wehaveitagain; remove the complete function. Login to google webmaster tools and submit the URL's which you want to remove only from cache; revisit google webmaster once you see success message for submitted links and resubmit the URL's. Check if your sitemap.xml and robots.txt are manipulated by hackers if so create fresh XML and .txt files and upload it to your server.

Once google re-indexes pages your site will be normal.

chandra
  • 1