A fine morning, Google Search Console sent me a message on one of websites. The website has been hacked and Google has found "Hacked content" on the site
I was shocked to see this Alert - Hacked content found message. Immediately I logged in to Google Search Console and checked the whole message. It was like this; "Google has detected that some of your web pages have been hacked....hacked content detected on...implementing industry best practices." i think i ve been hacked.
It is a shocking to find out the site contains malware and this site may be hacked wordpress by japanese hackers. The site may be infected with seo spam, phishing links and non quality back links. Google will start showing unsafe website warning below the website title in search results resulting in lesser views and organic traffic.
What is hacked content?
Hidden content accessed by bots
Cloaking and/or 301 redirectsThese web pages shows one type of content for human visitors and other content for Google bots. So that when bots crawl the web page, it look like a valid page with good content. For a human visitor it may look like a websites with some not so good content. Sometimes these sites use 301 redirects to redirect human visitors to other pages and that way lead to bad web pages.
Pure spam websitesContent that copied from other websites, stuffing keywords in web pages, automatically generated content using software etc. These are easy to find out. “Unnatural links from a site” is shown twice at the web page which is scraping content and according to Google, this is policy violation.
Websites with thin content are added for removal after pure spam websites. Websites unnatural links are added for removal are in the third place leading to hacked sites at the fourth place.
Unnatural or deceptive links from siteWebsite administrators should be careful about this. While link building, website administrators may add links from other websites in abundance. However, this may lead banning the web page and website.
|checked by sucuri|
Why Google showing "Alert - Hacked content found"
Outdated web application, weak admin, cpanel passwords, infected local computer are common vulnerabilities for a spam attack. Google has identified some hacked content in the website and started showing malware warning in search results. Google is showing "Alert - Hacked content found" to notify the spam issue.
Find Hacked Content in Website
1. Scan for Malware in the website
Use Sucuri SiteCheck Free website malware and security scanner to scan for hacked content, malware, blacklisting status and website errors. Enter your website URL and select Scan website.
2. Contact Host for Deep Scan of Hacked Content
[HEX]php_include_obf_local [20/07/18] /home/public_html/forum/cgi-bin/index.php
[HEX]obfuscated_php_code_5 [05/09/18] /home/public_html/wp-content/cache1/db/remaining/ljxjtqdo.php
[HEX]cloki_malware [31/12/69] /home/public_html/license.php
[STR]php_linker [28/09/18] /homepublic_html/wp-content/plugins/wp-smushit/languages/ulhjtypr.php
Restore Backup to Fix Hacked Content Found
Download Database for backupYou can download old database from cpanel of your host. Regarding the database post extraction, you can access the old database via:
cPanel > phpMyAdmin
And export only the needed table and then import it in the new website. Please note that this is a complex task and if you are not sure how to perform this, you should best contact your website developer as he will have the necessary knowledge and experience to perform this.
Remove Hacked Content Found on Wordpress Website
Unable to Load Wordpress Website After Deleting Hacked ContentSome users are unable to load wordpress site once they delete all these files. This happens because the virus attacked the core files needed for wordpress to run. Few errors that are going to show, Warning: include(): Failed opening, failed to open stream: No such file or directory and Fatal error: Uncaught Error.
The error might be because some of the WordPress core files were missing and that was causing the website to not load properly. In this care you may have to fix the issue by downloading all missing files or reinstall wordpress.
Manual Actions to Fix Hacked Content Found in Google Search Console
You can read more about it in the support page. To submit a reconsideration request, go to Google Webmaster tools > Search Traffic > Manual Actions, type that you have removed all Hacked Content from website and scanned it multiple times to confirm and submit the request.
Kindly spend 5 seconds to share this post