Google Search Console provides messages allowing Google to alert you about issues, updates, and other pertinent information regarding your website. One of the scariest messages to get from Google is the “Hacked content detected on…” alert.
Site glitches? Contact us online or call (443) 475-0787.
This message means Google found malicious content on your website which may be showing harmful or unexpected content to your visitors. To make matters worse, Google places a message before your site loads, informing users there is harmful content and warning them before they proceed.
It looks like this:
This is also a signal Google “lowered the quality of results for Google Search users.” In other words, you must fix the issue ASAP if you want your site to avoid penalties. To remove the warning and (hopefully) prevent any loss in SERP’s, you should “file a reconsideration request.”
Best Action To Take
So your website got hacked, and alerts are going out to visitors that try to access your site. So what do you do now? Start by reviewing Google’s message to determine what security issues exist on your site. It may be malware, harmful downloads, deceptive pages, SQL injection, code injection, etc. Each hack may be different, but the clean-up processes tend to be similar.
Next, change all passwords for all users including your database passwords. Keep notes on what all you have done, because you’ll need this information later.
Review And Clean Up
Now, you must sift through the website files, folders, and database to remove malicious code and content. Depending on the type of content management system (CMS) you’re using this may be as simple as installing a plugin, running a site scan, and following directions to remove and clean up the hacked content/files.
Unfortunately, plugins often miss some items. We recommend that once you’ve finished the CMS clean-up, you then review files and folders on the server for any extra code or unrecognized files. This part of the process may require a technical resource (shameless plug: we offer these services here at periscopeUP and would be happy to help).
Prevent Future Hacks
Once you’ve cleaned the website, try to determine how the hack happened in the first place. This may be difficult, but some searching of the particular hacked code may help you find someone out there who’s had a similar experience. If it was an out-of-date plugin or theme, keep those updated and ensure you have the latest versions of your CMS. Also, install a security monitor plugin or service to prevent future attacks. For WordPress, we recommend iThemes Security. This plugin offers a number of out-of-the-box features and requires very little, if any, custom configuration.
How can you confirm the hacked content is really gone? Go back to the Google Search Console message noting the hack, check those security issues, and fetch as Google to see if the content still loads up. If you did everything right, you should be good to move onto submitting a reconsideration request. Fill out the form and copy your notes into the field asking you to tell Google what happened – explain exactly what you did to fix the issue.
Waiting’s The Hardest Part
Unfortunately Google does not provide a time-frame for responding to requests. It may be as soon as a few days or up to a few weeks. Longer waits occur if the hack was particularly insidious or if it took a while to fix the problems. If you didn’t completely clean-up your site, Google will find the issue and decline your request. In this case, you must start over and dig deeper into your website.
Success Comes To The Diligent
The moment of acceptance has come at last! You’ve successfully removed the hacked content and Google has approved your request. Now your site loads normally again in search results and users will no longer get the dreaded red message. Not working? Be sure you cleared your cache and cookies as you may still see the message on your personal computer.
Make your site faster and more secure. Contact us online or call (443) 475-0787.