Amit Tiwari's amittiwari.net site hacked!, True Case Study
Amit Tiwari's amittiwari.net site hacked! Find out how, why, and what you can learn from it in the full real case study.
Amit Tiwari's amittiwari.net site hacked! Find out how, why, and what you can learn from it in the full real case study.
Hello friends!
Imagine if your website, Which your identity is linked, which is the result of years of hard work, suddenly gets hacked one day. Scary, isn't it?
But when this happens with a client, we SEO people say very calmly – "Don't worry, we'll handle it."
But when it comes to your website?
Mr. Amit Tiwari – whose name needs no recognition in the world of digital marketing and SEO Expert – has his website. amittiwari.net Got hacked intentionally!
Now you might be thinking, “Why does anyone need to get their website hacked by themselves?”
So the answer is – a practical experiment।
Yes, you heard it right.
Mr. Amit Tiwari has always been accused of talking only about theory and not showing practicality.
So this time he decided to do something which no one has done till now.
"What will you do if SEO's website becomes at risk?"
So what, they infected their main website – amittiwari.net – with malware, that too as a live case study.
Now let's talk about the real issue – how did the website get infected?
So what happened was that he installed a cracked version of a very popular plugin – ACF Pro in WordPress.
Cracked plugin = invitation to risk
This cracked version had an old vulnerability, which was fixed by an update in the original version, but not in the cracked one.
So that's it – installed the plugin and waited for a few days.
Close to 12 to 14 days. Their website got hacked.
You will be surprised to know that amittiwari.net is not a test site.
This is their real website, which is live from 4th Feb 2011.
Not only is his SEO career linked to this website, but it is also his brand.
When he searched site:amittiwari.net, over 75,000 URLs were indexed – and many of these were only in the sitemap, not on the actual site.
Now you might be thinking – OMG! Such a big website, and that too got hacked!?
Here was another surprising thing –
The login URL of Amit's website was also custom, i.e.,/wp-admin instead of something else. Still, the hacker got in!
That is, if you are thinking that changing the login URL makes the website safe, then you are wrong.
If you even once nulled/cracked plugin or theme If you have used it, then just consider that you have opened the latch of your house.
So now that the website was hacked, the most important thing was – Locking and cleaning the website।
Now Amit Tiwari did not use any expensive paid tools, but only free tools recovered the website with the help of.
Since the admin password was not working, Amit entered the website through CPanel and from the WordPress Users section:
If you have multiple authors or writers on your website, keep in mind – Don't delete their account, otherwise the content will be blown away.
Now in WordPress Wordfence Security Plugin (Free Version) is Installed.
And after the scan, I saw a lot of suspicious URLs or directories:
Some of these URLs were also in the sitemap, but were not present on the website.
Now, Wordfence gives you two options:
This happens for those files that are not the original files of WordPress.
Amit said, "Delete all." Clicked on it and deleted all the unknown/malware files.
Now it was the turn of those core files of WordPress, in which malware had added some lines.
As soon as you press the repair button –
Now the website was completely malware-free! 🎉
Now Amit again searched site:amittiwari.net.
URLs with all suspicious Japanese keywords now 404 Error.
That means these URLs were now removed from the website – the site was cleaned!
Opened Dev Tools and also checked that the response code on all unwanted URLs, 404. Is he coming or not?
If any URL gives a 200 or a redirect, then the malware was still there.
The website may have been cleaned, but all those Japanese URLs were still visible in Google Search.
Now the next work was – Removing these URLs from Google Search Console and regaining the SEO reputation of the website.
This case study of Amit Tiwari teaches us that just learning SEO is not enough –
Website security is also a part of SEO.
And the biggest thing –
If you want, you can remove your website from risk even without paid tools.
If you also want to increase the security of your website, then:
No, cracked or nulled plugins/themes often contain vulnerabilities that can be exploited by hackers to infect your website.
The first step is to access your website through your hosting CPanel or file manager, lock the site, and remove unknown users or suspicious files. Then run a malware scan using a trusted plugin.
Yes, Wordfence’s free version can scan, detect, and help remove malware using its Delete and Repair options, especially for WordPress core and unknown files.
Not completely. While it can reduce brute-force attempts, it is not a foolproof solution. Using cracked plugins still puts your site at major risk.
No, after cleaning, you must also remove fake URLs from Google Search Console to restore your site’s SEO and reputation.
No one rejects, dislikes, or avoids pleasure itself, because it is pleasure, but because those who do not know how to pursue pleasure rationally encounter consequences that are extremely painful. Nor again is there anyone who loves
.webp)
