I have a client that has a user that uses AVG that had the alert "exploit blackhat seo (type 1703)" pop up on a site that I do maintenance for. This happened a few months back and it seemed unfounded. I got an email saying that it is happening again and this time when I viewed the source code for the page there was a bunch of injected links at the bottom of the page.
I've been researching for awhile now and I'm having a hard time figuring out how the exploit happens (understandable) but I'm also having a hard time finding how to prevent it from happening again. Does anyone have any experience in dealing with this? If so, what steps can I take to prevent it? Something that is kind of confusing me as well is that client's client has 2 separate domains on their server. One is the site that I do maintenance for, the other I have no access to but they are both displaying the same error/alert. This makes me believe that it may be more server security than web site security. If anyone has any experience or knowledge they can share on this issue, I gratefully thank you in advance for your assistance. Thanks, Jeff
