Manual action due to hack
-
We have had some issues with one of our websites getting hacked. The first time it happened, we noticed it the next morning and cleaned it up before Google even realised. However, the same thing happened again over the weekend, and I came into the office to an email from Google:
Google has detected that your site has been hacked by a third party who created malicious content on some of your pages. This critical issue utilizes your site’s reputation to show potential visitors unexpected or harmful content on your site or in search results. It also lowers the quality of results for Google Search users. Therefore, we have applied a manual action to your site that will warn users of hacked content when your site appears in search results. To remove this warning, clean up the hacked content, and file a reconsideration request. After we determine that your site no longer has hacked content, we will remove this manual action.
_Following are one or more example URLs where we found pages that have been compromised. Review them to gain a better sense of where this hacked content appears. The list is not exhaustive. _
We have again cleaned up the website, however, my problem is that even though we have received this email, I cannot find any evidence of the manual action having actually been applied. I.e. it doesn't show in the Search Console and I am also not getting a warning in the search results when searching for our own website or clicking on the result for our website. That means I cannot submit a reconsideration request - however I am not sure at all there was actually a manual action applied at all based on my test searches.
Has anyone here experienced the same issue? What do you suggest doing in this case?
Thank you very much in advance for any ideas.
-
You're welcome!
-
Thanks Joe. I will do that. Very helpful, I appreciate it!
-
I would keep an eye on organic performance for the next week or two (regularly checking the security issues/manual action reports). If you do not see a downward trend nor receive another message from Google, you should be all set here.
To review organic performance, I suggest monitoring:
-
Organic traffic (GA)
-
Organic Visibility Trends/Rankings (SEMRush, Moz rank tracker)
-
Google Search Console clicks and impressions (particularly for non-branded queries)
Hope this all helps!
-
-
It must have been, although I could also not see anything in Search Console before we cleaned up the hack.
I haven't seen it affect organic performance at all although it's hard to say as we are a B2B business and don't see as much traffic on weekends. Plus it's our corporate website which doesn't get much traffic to begin with.
-
If you are not seeing anything in the manual action report, security issues report or in the SERPs, I would say that Google has detected that the hack was addressed and has removed your manual action. Is organic performance still being impacted?
-
Hi Joe,
The report just says: "Currently, we haven't detected any security issues with your site's content." That's the problem, I had the email, but in Search Console there is no evidence of any hack (although we were definitely hacked, and it is now cleaned up).
Thanks!
-
Hello,
Did you review the Security Issues Report in Google Search Console? If you have a security issue/have been hacked, this is where you will submit a review once the issue has been cleaned up. This Google Webmasters post on hacked sites/requesting a review should help.
Malware or Spam
- Open the Security Issues report in Search Console. The report will probably still show the warnings and sample infected URLs you saw before.
- If you believe that the sample URLs listed are all clean, select Request a review. In order to submit a review, we ask that you provide more information that the site is cleaned of the hacker's damage. For example, for each category within Security Issues, you can write a sentence explaining how the site was cleaned (for example, "For Content injection hacked URLs, I removed the spammy content and corrected the vulnerability: updating an out-of-date plugin.").
Got a burning SEO question?
Subscribe to Moz Pro to gain full access to Q&A, answer questions, and ask your own.
Browse Questions
Explore more categories
-
Moz Tools
Chat with the community about the Moz tools.
-
SEO Tactics
Discuss the SEO process with fellow marketers
-
Community
Discuss industry events, jobs, and news!
-
Digital Marketing
Chat about tactics outside of SEO
-
Research & Trends
Dive into research and trends in the search industry.
-
Support
Connect on product support and feature requests.
Related Questions
-
Is putting a manufacturer's product manual on my site in PDF duplicate content
I add the product manuals to our product pages to provide additional product information to our customers. Is this considered duplicate content? Is there a best way to do this so that I can offer the information to my customers without getting penalized for it? Should they be indexable? If not how do I control?
Technical SEO | | merch_zzounds0 -
Is there a way to index important pages manually or to make sure a certain page will get indexed in a short period of time??
Hi There! The problem I'm having is that certain pages are waiting already three months to be indexed. They even have several backlinks. Is it normal to have to wait more than three months before these pages get an indexation? Is there anything i can do to make sure these page will get an indexation soon? Greetings Bob
Technical SEO | | rijwielcashencarry0400 -
Duplicate pages or note? Variations just due to language changes?
I have some pages marked as duplicates, so I want to do what I can to solve the issues concerned. One issue concerns duplicates where the page content is indeed the same except for the language that the content is offered in. The URL for example of the documentation page of the site, in English is as follows:
Technical SEO | | PulseAnalytics
http://www.domain.com/support/documentation We then have the same content in German, French, Russian using the following URLs.
http://www.domain.com/de/support/documentation
http://www.domain.com/fr/support/documentation
http://www.domain.com/ru/support/documentation Each page has links to PDFs which are all in fact in English so the links to the docs are the same. Moz is flagging up all these pages as being duplicate content (which it is when translated back into English, but is not if you just consider that they are using completely different languages!) Has anyone any thoughts on how to solve this? Or is this something not to worry about / disregard? Many thanks Simon0 -
Best action to take for "error" URLs?
My site has many error URLs that Google webmaster has identified as pages without titles. These are URLs such as: www.site.com/page???1234 For these URLs should I: 1. Add them as duplicate canonicals to the correct page (that is being displayed on the error URLs) 2. Add 301 redirect to the correct URL 3. Block the pages in robots.txt Thanks!
Technical SEO | | theLotter0 -
Penalised due to links?
Hi, Is there a way to tell if a site has been penalised for it's links? Our site dropped last Friday, and we would like to rule out links, as we plan to move the site to our main site and re-direct the links, unless Google would punish the new url due to this. Our old site does not show any warnings for the link, and neither does our Google WM account, the only thing we have to go by is a big drop in SERP. Many thanks. Quime.
Technical SEO | | Quime0 -
Site Recovered from hack, should I submit a reinclusion request?
Hello, The site i'm referring to is http://www.pokeronamac.com, it was hacked via something called the "WordPress Pharma Hack" http://theblawblog.wordpress.com/2012/06/21/restoring-a-pharma-hacked-wordpress-site-wp-3-4/ We restored it as far as I can tell, but if anyone can confirm this by doing a site search and not getting redirected it would be appreciated. You will see that some search results still show up as spam, but when I click on them, they 404. I want to know If I should submit a reinclusion request, I wasn't notified by WMT of malaware, so I want to know the SOP here. Thanks Zach
Technical SEO | | Zachary_Russell1 -
Duplicate content due to csref
Hi, When i go trough my page, i can see that alot of my csref codes result in duplicate content, when SeoMoz run their analysis of my pages. Off course i get important knowledge through my csref codes, but im quite uncertain of how much it effects my SEO-results. Does anyone have any insights in this? Should i be more cautios to use csref-codes or dosent it create problems that are big enough for me to worry about them.
Technical SEO | | Petersen110 -
The course of action to move my macro site to some mini sites- justin if you can help
We have a site that we want to break up into mini sites but keep the old site for the major brands. Empirecovers.com is the major and we want to break it off into Empire Truck Covers and Empire Boat covers. What I am thinking of doing is linking from the home to Empiretruckcovers.com instead of a mini page on the site and 301 redirect the mini page to empiretruckcovers.com. Than (there wont be duplicate content) making a small page for truck covers on empire just so people do not get confused. Is this the best way to go or what do you suggest? We are doing this because I feel there is seo value in having mini sites and also the user experience will be cleaner and people will trust it a lot more than inside a big site. The other problem is I have some great rankings on the pages so I want to do it so there is as little damage as possible. I guess once I start I will do all the free directories, yahoo directory and try to get links as fast as I can. Any suggestions would be great. I am going to do a/b testing to see if my adwords convert better on mini site or on the big site for certain keywords too
Technical SEO | | goldjake17880