This all started with me wondering why my pages were "sandboxed" in google with most of all of them being in supplementary results for months. I rarely was visited by the Googlebot but was only visited by Mediapartners-Google (Adsense I guess?) I visited the SEO chat forums as much as I could to see what the problem could be. It turns out I was one of the lucky people who had their pages 301'd with the cache entirely removed on a lot of pages in google and had to go through the process of making sure the non-www was equal to the www.myserver.com in my htaccess files. However I only noticed that about 10% of my site came out of the sandbox after I did this in combination with updating my files with google sitemaps. I posted here on seochat that I figured I had fixed the problem and was recovering slowly but apparently not. I got over 25,000 hits on my site from the google bot "crawler" (which I noticed is the Mozilla 5.0 googlebot) I noticed that there were a lot of rogue bots running around on my site not reading the robots.txt file. I figured that using google sitemaps had fixed the problem but noticed that all but 10% of my pages started to come back very slowly with google when I did this. I tried deleting the cache (with the no archive META tag) using googles removal tool (http://www.google.com/remove2.html#exclude_pages) for several of the pages but noticed that by using the McDar tool a few of them were still 301'd to other domains and when I tried to update these pages with the google removal tool google still listed these pages as "supplementary results" but with the cache gone. A few of the pages I removed from google actually did come back but with no cache and out of the supplementary results. However 90% of them are STILL listed as supplementary results.

I also noticed that there were specific files on my site that were getting a lot of traffic from unapproved sources. I checked the keywords that were related to these webpages in google and found thousands of listings for keyword: "my_directory" with jumbled up phrases in the html body and title tags that could be found on several of my webpages which included that keyword spammed on literally hundreds of pages in the google results but were listed by hundreds of random subdomains at the same domain like this-random-keyword-.domain.country. You would only notice this on page 3 or 4 and after on the search results for those pages. I assume it's because the pagerank had been lowered for these "junk" pages. Doing searches for keywords that I received the unknown traffic for yielded the same results so I sent Google an email about this spamming technique. I figured that I would try to cut off the rogue bots who were probably causing this by denying all HTTP referrers in my htaccess file. I also only accepted user agents from only the larger search engines instead of using a basic user agent ban list to block out most site suckers, scanners, etc. I found out later it would have been more effective to do a mod_rewrite in my http.conf file instead.

The hijackers apparently didn't like this move because it blocked traffic to my 301'd pages so they couldn't steal my content anymore, so they started using my server to make attacks against an innocent server probably to try and shut down my website. My weblogs started filling up with hijackers attempting to listen to my ports and break into my server. I added an apache security measure in my http configuration not to allow hotlinking from specific directories to image files since it's not there by default and was only defined in my .htaccess file. As soon as I did this I noticed the googlebot-image crawler gave my site about 7000 hits and I started getting error msgs that the files didn't exist but I was able to access them fine with a browser. It looked like the hijackers had not only 301'd my webpages but stole the entire www side of my domain name and were 301ing everything in site, a complete mirror of my website html pages, my affiliate codes too! Apparently they found a way to bind their IP address to the www side of my site without detection. It was not until I changed the same directive for html files and added stricter apache rules that I noticed that I couldn't even access the www side of my own website. I checked the IP address alone in a browser and it said "website not configured at this address". I reported the issue to my web host and immediately had a firewall installed. I am now unable to access apache status and it looks like I am viewing my webserver from a window and I cannot get in.

It's been most of the day and my web host still cannot figure out what the problem is and I have been unable to get the rest of my pages out of supplementary results not matter how much I update google sitemaps! I have spent days on this issue sometimes staying up for 36 hrs at a time to try and get my server back and I haven't had much sleep and I'm about to give up! I don't know what will happen if I try to change IP address to get rid of the apache confict and if google will penalize me for changing IP addresses and give the hijackers credit for my content. If so that would be a nightmare!