How to Protect Your Website from Negative SEO in 2020

How to Protect Your Website from Negative SEO in 2020

Bringing a website to the top is a difficult task that requires a lot of effort and money in 2020. Therefore, some companies resort to black hat SEO. A negative SEO attack can undermine a site’s position in search results and lower a company’s reputation. Let’s take a look at how black hat SEO works and how to avoid falling victim to it.

Negative SEO, what is it and should you be afraid of it

Negative SEO is a type of black search engine optimization activity with a task to pessimize the site. The goal of such SEO is to bring your site to the top 3 by discrediting a competing site. You don’t need the darknet to find a company that deals with negative SEO. You can find this out by searching on Google.

Negative SEO services range from $299 to over $1,599 per month depending on their tactics.


Negative SEO Tactics

1. Spammy links

Unfair SEO agencies use spam backlinks to knock a site out of the top position. They are posted on adult sites, online casinos, and sites with bad reputations. These are resources where many links are published and phishing is carried out. There are situations when a link to a site accidentally ends up on a resource with a bad reputation. This happens if the donor site has been sanctioned, changed its subject matter, or began to massively sell the link placement service.

When attacked, links are usually placed with the nofollow attribute from spam domains. They also use LinkFarm where links are exchanged.

Anchors in links are mainly related to gambling, adult sites, and online casinos. Google does not like these keywords and attempts to pessimize the site.

The website can be attacked with the help of a bulk purchase of low-quality links through exchanges. Due to the rapid build-up of the link profile, the site may fall under the filter. This mistake is sometimes made by inexperienced SEO specialists who are trying to promote a site to the top. For more information on the topic, see the Google Algorithms That Affect SEO article.

This tactic is the most unreliable. Google can simply ignore negative links if their number has not reached several thousand, and the site has many good links. You can protect yourself by using Build High-Quality Backlinks. Therefore, experienced negative promotion specialists often use more technical methods of pessimizing a competitor’s website. It is true that the number of links can reach twenty thousand. Such an increase in the link profile will lead to sanctions.

2. URL redirects

To organize such a manipulation, they buy several domains that have already been fined by Google for having millions of spam links that redirect to a competing site.

3. Reviews

Using the Web of Trust (WOT) extension, attackers set a low reputation score for a site. The client is notified of the danger. This increases the bounce rate and worsens the conversion rate.


If the site has a high bounce rate, it is not interesting to users. Therefore, there is no point in showing it in the top results. Read this article to better understand the topic – What is a Good Bounce Rate?

It also happens the other way around. The site is filled with purchased positive reviews. Google also punishes websites that do this.

4. Scraping

Scraping is copying content from the site using Article Marketing Robot, Market Samurai, or SenukeTNG.

The scammers place the stolen content on their website and report to Google through the Google Dmca Dashboard about infringement of their copyrights and the original content is recognized as plagiarism and excluded from indexing.

Virus software can also be installed to send a copy of new content during the publishing process. This way, the attackers have the original content in the eyes of Google.

They can copy some graphic materials and create a copy of the site and make it better. In terms of search engine optimization, this is called analogue. The copied directory and web2 properties can be published in thousands of articles.

5. Aggressive crawling

As you know, the speed of the site affects the ranking in the search engines. Therefore, scammers deliberately slow down a competitor’s website using aggressive crawling or DDoS attacks. As a result, the site starts to load for a long time because it is subjected to multiple scans from the robot. At the same time, Googlebot cannot receive a response from the pages of the site and excludes it from indexing.

6. Hacking the site

Attackers break into a website through security holes and place a virus on it. It can be a  software that destroys the structure of the resource and destroys content or makes redirects to the fraudulent website. Black optimizers can also set up redirects from the payment page to their own and steal customers’ money. This is an example of cyber theft, but it can also lead to complaints about the site being fraudulent and getting blocked.

It happens that cybercriminals add links from competitors’ websites to their resource. The search robot identifies this as link sale and imposes sanctions.

Quite often, when an website attack occurs, a parasite page is planted. As a rule, it has nothing to do with the topic of the site and BlackHat negative SEO experts use massive buying of links through Xrumer, A-Poster, Sape, and others when promoting it. This leads to pessimization of the site.

Advertising of indecent content may also be added to the site. By itself, a block of advertising in the text that is not specially designed already leads to a decrease in the search results. If it is of unacceptable content, the consequences are even more negative.

There may also be hidden links that only the search engine can see.

BlackHat SEO experts can install a script in the website code that slows down its work.

Cloaking is another way to harm. You and your customers will see one version of the site and the crawler will see another.

A fraudster can turn a website into a black doorway that redirects visitors to another resource.

7. Spam

The most common way to put  spam on a site is to post comments with links to indecent or fraudulent resources.

BlackHat optimizer can send mail spam from your site. To do this, he will need to hack the resource or mail domain and install a spam script. Holes in the Open Relay SMTP server configuration can also be exploited. As a result, the resource will end up as one of spam sites. More important information can be found in the article What is SPAM and How To Protect Yourself.

8. Satellites

Black SEOs can use the satellite network and place a hidden ad unit on a competing company. They can then file a complaint through Google Spam Report, and the competitor will fall under sanctions.

9. Cheating behavioral factors

This is an imitation of user behavior on the site in order to improve the search results. Many novice website owners make this mistake and fall under the filter. BlackHat specialists know about it too.

The robot enters the resource and is on the page for a few seconds. The bounce rate is 100%. You can track the bot in Google Analytics.

On Google, this can be effective with a high percentage of invalid activity. This is a useful related article – Guide to Google Analytics.

How to protect your website from negative SEO

1. Use Search Console

This service allows you to timely notice indexing errors, as well as other problems with the site and take action in time. For more information on the topic, see What is Google Search Console?

2. Conduct regular link audits

You can check the quality of links through the services Backlink Analytics and Backlink Audit from Semrush.

Backlink Analytics allows you to assess the quantity and quality of links, their type, the subject of the resources where the links are located, and the dynamics of the link mass growth.


Backlink Audit determines the severity of the domain where the link is located and the general severity of the domain.


3. Use protection on hosting

  • Install software that detects and removes viruses, prevents hacker attacks, and protects against spam and phishing. WebDefender Antivirus copes with this task perfectly. The product works with almost all CMS.
  • Install an SSL certificate to protect your data from theft.
  • Create separate user accounts with different access levels for administrator, sales manager, and content specialist. When an employee leaves, immediately change the password. Use complex passwords.
  • Update plugins and extensions regularly, install fresh versions of CMS.
  • If the site is powered by WordPress, you can use the Security Plugin All In One WP Security & Firewall or the Wordfence Security – Firewall & Malware Scan.
  • For a website on OpenCart, download the extensions Robot Protection (Standard Protection and Recaptcha), Fraud Protection by IP, FraudLabs Pro, or MaxMind Anti-Fraud.
  • For the security of the Joomla site, delete the Installation directory after installing it. Use the Security check security extension.
  • Use he most important security files, .htaccess and configuration.php which are responsible for Apache server settings and general site settings, without which the site will not work at all. 
  • Upload your .htaccess files to the directories you need to protect with the rule allow from your IP. This solution will work if the IP is static. You can set the rule to deny from all but then the directory will be closed for you as well.
  • Protect folders in CPanel.

4. Monitor mentions of the company

This way, you can timely identify the facts of scraping.

The easiest way is to use special services such as Semrush Brand Monitoring Tool, BrandMentions.


5. Set up your backup

When a site is hacked, you can quickly restore the resource.

6. Install spam protection

The easiest way is to add Recaptcha or an anti-spam plugin like Akismet.

How to understand if there was a negative SEO attack on a website

We know that negative SEO can worsen a site’s position, and we have discussed how black optimizers work already. Now let’s figure out how to determine if a site has been attacked.

The first thing that should be alarming is a sharp decrease in site speed, any technical problems, and a decrease in the number of customers.

Already at this stage, it is worth looking into the problems and urgently taking action. The next step is the receipt of complaints about the site in Google, filters, sanctions.

You can assess the speed of the site through the Page Speed Insights service.

Page Speed Insights

The service will also show the reasons why the load decreased.

When checking the site in Semrush, you can see that the link mass has grown dramatically. Most links are of poor quality. The overall domain quality score decreased.

We see that the overall assessment of the domain quality has decreased by 16 points.


76% of links are from domains with low quality scores.


Links are posted on resources where they were not intentionally placed.


As you can see, there are even 4 backlinks from resources with intimate content.

Through Backlink Audit, you can view the content of links in detail, the level of danger, and finally remove them.


Here is a link to a Chinese site with a severity level of 97. This link must be removed.

Search Console has been notified of a security issue.

When clicking on the link, there is a message that the site is infected with viruses.

Analyzing the search results of the site, you noticed strange headings. The link leads to another resource. You have become a victim of cloaking, doorway, or the landing pages of someone else’s page.

This is a funeral home website.

Main page.


My site has been attacked, what to do

  • If you notice that a large number of low-quality links have appeared when checking the link profile, they must be removed. To do this, you can directly contact the webmaster of the service where the spam links are posted. Resource owners will most likely ask for money to remove links. More often, they make money precisely by placing negative links on their website and their subsequent removal. Therefore, it is best to report a bad link to Google.

This will require the following:

1. Create a list of links you want to remove.

Place the URL of each link on a separate line. The list format is text .txt, UTF-8, or 7-bit ASCII encoding. If you want to delete a domain/subdomain, write it in the format domain: Mark the comment with a hash (# comment).

Google Search Console Help

2. Submit your list to google using Disavow Links.

To do this, log into your Google profile, select your site and click on Disavow links.

In the window that opens, attach a list of negative links and click send.

If you have identified the facts of scraping, send information about copyright infringement to Google using the Content Removal Panel as soon as possible before the scammers did it. This will block bad websites.

To do this, you need to create a new application.

Please provide your contact information. If you are filing a complaint on behalf of the copyright owner, please include a link or choose to submit on your behalf.

After that, describe specifically what content was stolen and add links to the original file and the site where the stolen content is located.

If you need to send multiple files, click “Add New Group”. A maximum of 10 groups can be selected at a time. Create more statements if you need more. Read more in the article, Google Disavow Tool.

If Google believes that copyright has been violated, the fraudulent resource will be excluded from the search.

  • If you find doorways to your site, prohibit user visits from the domains where they are located.
  • When a site does redirects, find someone else’s folder in the site root and delete it.
  • If you suspect cloaking, use the Search Console View As Googlebot or Smallseotools, SearchEngineReports option.
  • If you find unwanted content, delete it.
  • If a virus is detected and you have made backups of the site, you just need to restore a copy of the site where there are no viruses, and the problem is solved.

Don’t forget to send a request to Google to check the solution to the problem so that the site starts indexing normally again.

You can use antivirus scanners and remove malicious code with their help. Block it with .htaccess file. If the virus appeared a long time ago and/or is built into the CMS, it is better to turn to professionals.

Being at the top of the Google search results is a task that requires constant work on the site and content. Regularly monitor the quality indicators of the link mass and mentions of the company. Install good protection against spam, viruses on the website, and hackers. This will allow you to notice and stop an attack on the site in time while preserving your business, reputation and authority. Only strong anti websites are able to withstand negative SEO.

About author
Anna is engaged in the development of a comprehensive strategy for promoting a company on the Internet: from working out the concept of a company's branding to creating a website and launching advertising campaigns in Ads, Facebook, Instagram.