Weird Text showing on Google search

It only shows up on some sub-pages so that makes me think there is some common code or config issue with those pages that is missing in the others. I'd compare a sub-page that does not have it to one that does to see if anything stands out.
 
RockIT Man said:
I was thinking: "Well... that escalated quickly!"
Click to expand...
Oh - please! Even if I thought that, I'd never say it :)

However: I'm now thinking malware, despite what's been said. Reason is, I went to cache:cantabsrowing.org.uk and had a look at that. The page is covered with links to God-knows-what! None of this is showing in the actual page itself, either visually or in the code. Nevertheless, Mark makes a fair point, which I shall check out.
 
It's most likely a spammy WP plugin (or malware).

If I examine a page source normally it's not there. If I masquerade as Googlebot (2.1), it is:

hwCfHp5.png
 
Thanks, @Moltuae - that's exactly what I get too. Site is scanning clean of malware and the ISP reports no instances of an attack, so I'm drawn to the idea of an iffy plug-in, even though no new ones have been installed for months. Thanks for the input.
 
Depending on the site's popularity, it can take Google weeks/months to index new content and this may have been present in search results for some time before it was noticed.

I would check for recently updated plugins too. I had a similar issue once with a previously legit plugin that turned rogue after an update.
 
Yeah - this is the free one. I've also tried Sucuri and Bullet Proof Security scans - not coming up with anything...
 
Mick said:
Drat! I just deactivated all plug-ins, and it made no difference :( Guess I need to keep looking...
Click to expand...
Rather than simply deactivating them, try moving them from the wp-content/plugins folder. It's possible something in there is still active.

Edit: Also try switching themes and deleting any unused themes.
 
@Moltuae. Thanks - sorry, I should have said: Moving the plug-ins is my way of deactivating them :) I also tried changing themes, but no luck. I've now referred the whole sorry business back to the ISP, on the grounds that I've done pretty much all I can think of - although not with any great expectations!
 
Hmmm. If it's not a plugin, it's possible something has modified the WP files and/or the database. You could try searching the DB for some of the spammy words or just browse it for anything suspicious. To eliminate the possibility of modified WP files, you could remove the existing WP site (or move the files into a folder) and install a new clean copy of WP, pointing it to the existing DB. If that resolves it, re-install the plugins one-by-one.
 
Good idea. I'll need to do it maybe over the weekend, when the site is not in so much use. If I ever sort this out, I'll post back here - meantime, grateful thanks to all who have contributed.
 
I think it's got to be something going on with Google itself. I tried the search at google.fr and also got the Arabic script. Went to changedetection.com and diffed two google.co.uk result page links, the How to Join Us and Juniors. How to shows Arabic in the google results but Juniors does not. Both actually show Arabic script in the changedetection.com results. What also interesting is that the Arabic, for the most part seems to be attached to imbedded pics and the beginning of each paragraph.

Screen Shot 2017-08-17 at 12.46.19 PM.png
 

Attachments

Last edited:
Markverhyden said:
I think it's got to be something going on with Google itself.
Click to expand...
OP mentioned that it is happening with Yahoo and Bing as well. The text is being hidden from normal browsers and shown to searchbot user agents.

EDIT: @Markverhyden, what's in the .zip file?

My thinking has changed a bit since the beginning. I'm thinking either the links that are being injected are malicious or this is some sort of black-hat SEO tactic trying to get these sites ranked higher.
 
RockIT Man said:
OP mentioned that it is happening with Yahoo and Bing as well. The text is being hidden from normal browsers and shown to searchbot user agents.

EDIT: @Markverhyden, what's in the .zip file?

My thinking has changed a bit since the beginning. I'm thinking either the links that are being injected are malicious or this is some sort of black-hat SEO tactic trying to get these sites ranked higher.
Click to expand...


Ahh, good point. Forgot about that. The zip file is the saved webpage of the changedetection.com diff between How to Join and Juniors pages. Be aware that the spammy hyperlinks do work.
 
You must log in or register to reply here.

Similar threads

K
What voice assistant for Windows 10 can do web searches like mobile devices?
Replies
3
Views
2K
Karlin High
K
Giles
SEO: not even on the map
2
Replies
23
Views
3K
ComputerRepairTech
ComputerRepairTech
Velvis
Google Search question
Replies
6
Views
1K
maclaptech
maclaptech
timeshifter
Office 365 contact search not working correctly
Replies
2
Views
610
nlinecomputers
nlinecomputers
ChrisTech
Previous site showing in Google search results
Replies
5
Views
987
tf76
tf76
Back
Top