How To Increase Website Traffic – Get Hacked
For the last couple of days there has been a spike in traffic. Retribution has come at last. Finally the recognition I deserve. After almost 9 months of work and waiting, after over 400 hours at the keyboard, the website is taking off.
That was my initial reaction after seeing the sudden increase in traffic. But after some digging around in the website stats I discovered that it was not my hard work paying off – it was somebody else’s.
Clue 1 – Referral Websites That Do Not Link Back To This Website
The first thing I checked after seeing the spike in traffic was who it was coming from. Who is sending me all the traffic. Is it Google, is it a guest post I did, was this website featured on some blog, was this website submitted on a social network like reddit.com?
I quickly discovered that it was none of these. Using awstats I noticed that the top three websites sending this website traffic are website’s that I have never heard of before. I checked them out and discovered three things:
- They had nothing to do with my niche (make money online)
- They were not in English (mostly Russian)
- They did not have a backlink to this website
Number 1 and 2 are strange. But 3 just does not make sense. How are these website sending me traffic without having a link to this website? Something is not right.
On seeing this the initial smile on my face slowly flattened out.
Clue 2 – Traffic was not increasing in Google Analytic
Every morning I check the website traffic via two sources: awstats and Google Analytics. Awstats is a server side analytic tracker. Every time a request is made of the server then awstats make a note of it. It could be a human viewing a webpage, or a search engine spider indexing the site, or a hacker trying to gain access. Server side means that every request the server is asked to do gets recorded. It is the most detailed and accurate measure of your website’s activity.
Google Analytic on the other hand is a client side analytic tracker. It is a small java script sitting on every webpage that gets activated only when a browser views the webpage. Client side analytics is a good measure of how many people are viewing the webpage – every time a browser reads the webpage the Google Analytic script is activated and the page view is recorded.
There is a major drawback to client side analytic tracker: the visitor must permit the running of java script in their browser. If the visitors browser has java script disabled then the Google Analytic script cannot run and the visitor is not recorded. For this reason the server side analytic traffic stats will always be higher then the Google Analytic stats. That is why every morning I check both. Usually they report the same number of visitor but sometimes Google Analytic is a little lower.
But with the recent traffic spike the numbers being reported where completely different. Awstats was reporting 218 visitors while Google Analytic was reporting only 54. Why the large discrepancy?
The edges of my mouth became heavy and I could no longer hold them up.
Clue 3 – Pages That I Did Not Create Had The Most Amount Of Page Views
Again looking at the awstats I noticed that there where some strange looking pages that where quickly rising in the number of page views. The odd thing is that they where pages that I did not create. Pages like:
CitiBank? Bank of America? What the hell is going on? What are banking pages doing on my webpages? I clicked on the links and here is what came up:
Request for banking information. This is not good.
On seeing this my face was completely deformed. Eyebrows pointing downwards and wrinkles on my forehead.
This Website Was Making Money By Collecting Banking Information
My website had been hacked. A not so nice person uploaded and ran a script on my webspace. This website was sending out requests to people asking them to update their banking information. Those that dutifully complied sent their banking information to the not so nice person.
Based on the stats the request to update banking information was viewed around 500 times. Unfortunately there is no way for me to tell how many people actually filled out the form. Or how much money was stolen from those that did. But to those that did fill it out, and had money stolen, I apologize for the small part this website played.
The funny thing is that thanks to my low traffic numbers I was able to catch the problem quickly. Only because my traffic doubled from the usual 70 visitors a day to over 150 visitors a day I able to notice the hack. If this website was more successful and had 1000’s of visitors a day then it would of taken a lot longer (if ever) for me to notice. An extra 50 visitors a day would a been a small unnoticed blimp on the radar.
How This Website Makes Money? By stealing peoples banking information. This website makes money – but unfortunately in this case I was not be the one receiving it.
How the Hack Was Removed
Although I liked the high traffic numbers I felt the right thing to do was to remove the hack. I contacted my web host and told them about the problem. They quickly disabled the infected folders on my website and deleted the hacked files. Now if somebody tries to access the banking page’s URL’s they get a 404 error instead of a banking information update page.
Then I did an IP block for the suspicious websites that where sending traffic to my site. So now if they try to send traffic to this website they get an access denied message.
Now my website is back to its old self again. Traffic is down to where it should be and the website is back to making a couple of dollars a day that go into my pocket.
I admit, there were casualties – some people lost a lot of money. But I am glad it happened. I got the taste for success. I got to feel, even if for just a brief few days, the excitement of this website finally taking off. And I learned something – how to make my website is a little more secure. I benefit from somebody else’s loss – that does not happen to often.