Cloned Website? – Here’s What To Do

Believe it or not: this website got hacked once. This could happen to anyone.
Here’s the quick story

One morning after I had my usual double espresso, I checked my analytics to see how are the properties doing.

An unusual metric caught my eyes: one site took a dive in SERPs and dropped dramatically.

It virtually got de-indexed.

First though was that I did some wrong and Google got pissed off, although I couldn’t remember what was that.

Then I just searched for the usual keywords to find out that my website got replaced.

I click on the result where my website used to be.

It looks like mine.
The website in the results it’s identical

And than I realized.

I got hacked.

Title generator had a twin brother.

Actually a clone.

A code similar to the below got injected in the php template of every page:

< ?php  
$redirectlink = ‘‘;

header (‘HTTP/1.1 301 Moved Permanently’);
header(‘Location: ‘.$redirectlink);
? >

This code basically tells Google that the website moved and all backlinks will point towards the new website.

Obviously I was really pissed off.

You work your a** off to get something done and one mf destroys the whole thing in minutes.


The TO DO List

The first thing everyone does when looking for information is to perform a Google search.

So I did the same thing.

All forums and articles point into the same direction: notify the web host where the cloned site hosted.

I get in touch with the support team, they do see that the cloning is obvious.

They apologize for the inconvenience, but there is not much they can do.

Instead they point me to get in touch with their legal team.

So I send a message to their legal team explaining the situation (again). Their reply is very formal and they act only upon a court order. 😐

At the end of the day this is their job.

Lawyers act upon court orders.

In that moment I realized that it would be useful to gather evidence.

I go into screen-shot mode.

Animated screen-shot mode.

I noticed is that Last Updated is exactly on the same date.

screenshot of last updated (original website)

screenshot of last updated on the cloned websiteHmmm… Interesting.

Funny enough the copyright notice is exactly the same:

animated screenshot of the same copyright notice on the cloned and original website

Notice the URL in the address bar

Clicking the big red “Generate Headlines” button from the cloned website would open the results in

image of on cloned website (animated screenshot)

Because this is a custom made script

URL in the address bar changes when “More Info” is clicked”:

image of cloned website - clicking a link will open the page of the original  - notice the status bar (animated screnshot)

…the Status Bar

Even one of my affiliate links was exactly the same (see the status bar):

image of cloned website's affiliate link

The Status Bar… again


The next step is to report the alleged cloning to google.

image of google's dmca report page

Make sure you read and understand all the notices, fill up the form and hit submit.

Don’t expect Big G to take down the site.

Google acts the same way as the lawyers but with an added step: they take out from the search results both sites until the issue is resolved or one of the sites goes down.

At least that much.

Not immediately… After a while… In my case it lasted about 4 days.

Basically I was back to square one – The fact that “the other” guy is in the same position, is not warming me up.

There can be only one!


Quick 5 Day Solution

The fastest way to resolve any kind of copyright issues is to start a DMCA Takedown (affiliate link).

image of the DMCA offer page

My personal choice was to pay a bit more but handle professionally the take down.

This option comes with a money back guarantee: if the case is not resolved in 5 days, you get the whole 200 bucks back.

It took them 3 days in my case.

Yes, it was a good deal.

A week later Google reindexed the entire website and everything was back to normal.



Why Is Website Cloning Happening?

Lesson learned: protect your website.

There are a few quick steps to take depending on what CMS you are running.

Whether you use WordPress or Joomla, ensure that you are running the latest version.
Update your website regularly.

Install a plugin that protects your web property.

If you use Joomla, simply installing Admin Tools will enable you to easily password protect your admin directory.

image of Admin Tools for Joomla

If your choice is WordPress, install Sucuri WordPress Security Plugin:

image of sucuri wordpress security plugin

Also read this guide to gain a better understanding of WordPress Security.

These are all free options but you can very well pay for premium plugins which are worth every penny.


Quick Recap

If I was more prepared, I could’ve just installed any of these free plugins and have all my websites secured against easy hacks.

So here is a step-by-step list on what to do:

  1. Gather evidence
  2. Try to contact the other site’s owner
  3. Contact the clone’s webhost
  4. Report the alleged clone to Google:
  5. Initiate a DMCA Takedown
  6. Update CMS and install security plugins for protection

Take care of your website(s).

It’s your work.