6 Steps to follow if you get a message “This site may be hacked”
For tackling hacked spam in search results Google has rolled out a set of algorithmic changes. There is a great increase in the number of hacked site and also a very high increase in the hacked site reconsideration request.
Here is set of things that you should do when you get a message your site has been hacked.
At first you need to verify if your site has been hacked or not.
Look for the signs below
- Site defacement
- Your site points to a irrelevant website
- You get a hacked site message
After you have ensured that your site has been hacked you should try to know what kind of attack was used to hack your site. You can do this by the message you have received you need to check the messages regarding
- Serving spammy pages, links, content
- Distributive malware.
After you have known the kind of attack that they have used on your site here are list of steps that you need to follow.
Step 1: Keep calm and plan a well-organized action.
Step 2: Tell your hosting company that your website has been hacked.
Step 3: For the time being take you site offline
You can stop the web server and point to a static page with the response codes. Disallow using the robot.txt is not enough. After you have gone offline you need check the user accounts and if you find any account suspicious make sure that you delete it at once. You can also reset the password of the site users and accounts.
Step 4: Go to search console
You should have verified the site with the search console. You should also make sure that changes have not been made in the mange site section if you find anything suspicious restore it to the desired options.
Step 5: Your sites hosts spam
You need to check whether the hacker has created some new URLs which are totally accessible to the visitors. This will lead to a new problem, your site will be ranked for some unwanted keywords and the pages will grow exponentially wasting the valuable crawl resources. So you need to remove the pages from the Google indexes. The removal can take weeks to complete. You need to identify the page and this can be done in many methods. And then remove it from the Google indexes.
Step 6: Clean your server & go live again
After you have done all the above steps all you have to do is to make your site go live again and install the software updates. Correct the susceptibility and reset passwords.
Step 7: Send a reconsideration request
After you have made the site go live again you can request a review in the search console and the reviewing may take weeks to complete so patience is very much important. If the review is approved the security issues will be removed and also the browser and SERP warning will be removed. If it is not approved you will get a message from the reviewer why you request has been rejected along with the advice.