internet marketing consultant


Outsourced SEO Management for

Agencies and Web Developers

(561) 325 - 7307

WordPress Warnings - Common Site Hacks and Consequences

Most everyone loves WordPress, except us. Nothing wrong with using WordPress to build out a website, it's just the way these websites are built, sold and NOT maintained that causes problems for an SEO project.

Recent Issues With WordPress:
Google Warning: WordPress Plug-In Warnings
Google Warning: WordPress Websites Blocked From Search Results

One thing I definitely know is that websites written in pure, clean CSS are much easier to rank than those build on platforms. It’s just my experience. I have years of analytics reports to prove this.

Let me say that some of my favorite websites are built out on the WordPress platform. They look good and work well. They are well build by skilled and properly trained developers. And, their SEO is fabulous. Very well done.

So, I always get into trouble when I say something about WordPress.  I totally understand the concept. WordPress is easy for developers to use. It’s easy for site owners to update their content. Everything is included. Templates can be had for free. The developers don’t need to have a clue about web coding..… (see how I get in trouble when I talk about this)

However, from an SEO standpoint, I often run into issues.

Recently I had two calls from (about to become) new clients in a panic that their WordPress website has the big red malware warning in the Google SERP’s. Their sites had both been hacked and infected. They had apparently failed to do security updates and had left numerous, unnecessary modules on their sites with all the default passwords. A common hack had imbedded hundreds of dirty links on the sites, including some malware links. 

Why did the developer leave all those unneeded modules on the websites? Both were 'brochure' type websites, no e-commerce or other user generated info was being collected. Why was the developer not implementing the recommended ongoing security patches? (because he had completed the project…) Why won't the the site owner pay someone to do weekly updates. (The answer I always hear is that they installed a module that automatically updates and fixes everything, which it doesn't)

One of my long term clients wanted to update their website. They choose a developer and were convinced that WordPress was the way to go. I spoke with the developer and he assured me that he was an expert. The site went live and the traffic went to zero.

wordpress site hacked

The client called me up to complain and I was in the uncomfortable position of pointing out how the new site was the problem, not the 3+ years of SEO work I had been doing. The developer got very defensive. All the relationships got strained. In the end, we discovered a 'free' plug in the developer found online that was loaded with malware - Google spotted it right away.

So, is the problem with me, WordPress, the implementation or the lack of weekly updating? Why are these WordPress developers so convinced that this product is the best thing ever? When I ask them to code it in HTML they balk, saying WordPress is so much easier.

Clients are not being served well by ‘so called’ web developers who only know a few parts of WordPress and build out sites that have security vulnerabilities and no hope of ranking well. As an ethical SEO agency, I always disclose that I have more issues with WordPress websites than all others put together. So, just be aware that all the 'free' WordPress templates and plug-ins may not really be such a great deal.