Hero Banner

Joomla Development Insights

Joomla Development Insights

John is the owner and senior developer of Blue Bridge.

Get Rid of Spam Links Littering Your Joomla Site

Get Rid of Spam Links Littering Your Joomla Site

Common website sabotage a Joomla site is the injection of spam links going off to other websites.

These show up in many different forms:

  • Entire articles added,
  • Spam links only showing up when visitors arrive through the search results,
  • Spam links added to your navigation or footer, spam links showing up in your Joomla search
  • Spam links inserted into articles.

The links often connect to shady websites like pharmaceutical and imitation goods e-commerce sites (e.g. a website selling fake designer handbags.)


Unfortunately, links like these are a sure sign that your Joomla site has been hacked.

Why Do They Add Spam Links to Your Joomla Site

There is a misconception among many website owners that they are not likely to be hacked because they're not, "a big deal," like a larger corporation. However, everyone is a target because any website can offer some benefit to a hacker.

In the case of spam links, the hackers don't think that visitors to your site will suddenly change their mind about viewing your content and actually click through to the URL's (locations) that the hackers are linking to from your site.

What's actually happening is that they're attempting to use your site to manipulate Google's search results.

No one knows the exact formula that Google uses to rank websites, but it's generally accepted that how many websites link to your site impacts your rank in their results.

The common idea is that the more relevant content on a website is, the more people will link to that content.

In this way, everyone votes for which site is the most relevant for a type of search with every link being a "vote." The more links a website has pointing at it, the higher in the search results it will appear.

SEO (search engine optimization) firms attempt to improve their clients search result rankings by reaching out to other websites and getting them to voluntarily place a link on that site to the client's site.

This is both challenging and extremely time-consuming. Hackers attempt to achieve the same effect by simply hacking websites and placing links into the content.

Sometimes these links are visible to visitors and sometimes they only appear under conditions that involve traffic from Google.

Common Targets for Link Injection


The most common places where hackers alter your site files are:

  • The .htaccess file
  • The index.php file
  • Your template files

These files are always included when your website is loaded in a visitor's browser. A careful review of these areas will sometimes identify the cause of the spam links.  

In some cases, you can do a text search for the URL's displaying, but most often they're craftily altered right before being displayed.

If a hacker gains access your database, they may elect instead to alter your content table by adding entries or changing entries. In this case, you should be able to see the links when you access your article manager and view an article.

The good news is that if you find the cause of the links and remove it the spam links will go away. The bad news is that correcting either of these targets will not fix the root cause.

This means that even if you identify what was hacked and fix it, it's highly likely that you will see the same links reimplemented a short time later, sometimes days and sometimes weeks after the initial hacking.

How to Eliminate the Spam Links from Your Joomla Site

The only way to be completely free of the spam links is to perform a full site recovery.

This means that you not only need to correct the effects of being hacked by removing the causes of the links but you also need to remove any other hacked or altered files, fix any changes to your database that affect access, update your access credentials, and remove any vulnerabilities from your site.

If you're a developer or technically minded, a great place to start is our guide on How to Fix a Hacked Joomla Site.

Even if you aren't, it is worth a review to understand some of the effects of being hacked and specific areas you need to investigate.

Photo Credits: Pete Ford http://is.gd/bJzioG Used under Creative Commons 2.0

Hackers Hijack a Joomla Website's Google Results
Squarespace vs Joomla: The Non-Tech Comparison

Related Posts

In Depth Articles

Joomla Developer Hiring Guide

How to Fix Hacked Joomla

Speed Up Joomla