Steps to identify and fix a hacked Wordpress website
1. Security Issues: Check Security Issues feature in Google Search Console to know the initial details of hacked content. Make use of sample URL's provided in secuirty issues to check hacked content.
2. Look for compromised pages and files in your site: Identify the irrelevant content that could have been added in the website including home page. Malicious code might be added in files like HTML and Javascript and also might be hidden in the files where you might overlook such as server configuration file (.htaccess) and PHP files (dynamic pages.)
3. Make use of Fetch as Google to detect hacked content.
By entering URL's of a site on tool, it reveals hidden hacked content. As hacked website displays different version for users and search engines.
[This is called a cloaked content which violates google guidelines. This type of hacks are hidden to normal visitors and are presented to bots.]
4. Remove all malicious content
We need to keep a backup content for website.If you have any trouble in removing all malicious content on site assist your hosting provider.
5. Secure your site from future attacks
Identify and fix vulnerabilities that causes your site to be hacked.change credentials of administrative account. consider contacting your hosting service to help with the issue.
6. Submit a Reconsideration Request
After fixing all issues on the site, file a reconsideration request to google to remove this manual action by including a detail documentation of the changes you made so that it would help google to know the changes.
1. Security Issues: Check Security Issues feature in Google Search Console to know the initial details of hacked content. Make use of sample URL's provided in secuirty issues to check hacked content.
2. Look for compromised pages and files in your site: Identify the irrelevant content that could have been added in the website including home page. Malicious code might be added in files like HTML and Javascript and also might be hidden in the files where you might overlook such as server configuration file (.htaccess) and PHP files (dynamic pages.)
3. Make use of Fetch as Google to detect hacked content.
By entering URL's of a site on tool, it reveals hidden hacked content. As hacked website displays different version for users and search engines.
[This is called a cloaked content which violates google guidelines. This type of hacks are hidden to normal visitors and are presented to bots.]
4. Remove all malicious content
We need to keep a backup content for website.If you have any trouble in removing all malicious content on site assist your hosting provider.
5. Secure your site from future attacks
Identify and fix vulnerabilities that causes your site to be hacked.change credentials of administrative account. consider contacting your hosting service to help with the issue.
6. Submit a Reconsideration Request
After fixing all issues on the site, file a reconsideration request to google to remove this manual action by including a detail documentation of the changes you made so that it would help google to know the changes.
No comments:
Post a Comment