What to do if Google Tells you that Your Site May be Compromised?

google on hacked sites

Google has always been kind and considerate both for the users and webmasters by preventing or resolving the problem even before it finally exists. This has already been proven as the users’ search experience is continually improving as a result of the subsequent updates or guidelines which had somehow served as one way that led to the development which were not experienced before. It is ultimately one great achievement that the team has ever acquired; but nevertheless, the challenge continues as the quantity of bad elements such as the hackers are expanding.

This is one of the major concerns that the webmasters have, but no matter how they try to avoid the evil of such unethical practice, their sites still get hacked without them directly noticing it. And Google, in this case, is on the rescue as the team previously announced in the Webmaster Central Blog that they would be helping in resolving the problem with the hacked sites. It is really a great sympathy which the search engine can extend amidst all the concerns in SEO which the webmasters are currently facing.

What to do if while you are searching you have found out that your site has been labeled by Google?

“This site may be compromised.”

Isn’t that frustrating since you always do your best to protect your website but still there are bad elements who compromised your site?

And below are the essential things which you should know and do according to Google to rescue your hacked sites.

How to Know if Your Site is Infected?

As you probably know, your site can be infected because the hacker was able to take control of it. In this case, the hacker can change your content, add pages, etc. which would greatly affect its appearance and operation in the web.

And the two common ways of hacking are through:

Injected Content or sometimes injected with spammy links to your sites, actually I have previous post about a WordPress Site being hacked wherein it was injected with spammy pharma links and you can see some examples on that page. inspect element

Redirecting Users to sites that are spammy or malicious that can harm your computer or taking advantage of your personal information. This commonly happens when hackers modified server configuration files such as Apache’s .htaccess. So according to Google it is essential to consider checking your server configuration files and see if there are changes made.

spammy redirect

Aside from that you can also check JavaScript injected on your source code, and therefore Google suggested to find for terms like “decode”, “escape” or “eval” since this are planted to have a hidden purpose for your site and for your users.

source code hacked

Thus, to avoid confronting this issue, you should take time to find out if your site is already considered as one which may distribute malicious software by checking the Webmaster Tools home page, but nevertheless, if the Google team detects such problem in your site, they will send you notice with various email addresses such as webmaster@, support@, administrator@, etc.

However, it is noteworthy that in some cases, outside parties can add negative codes to your site and that may cause Google to send warning messages. And yet, if you feel that your site was mistakenly identified, or you have already cured the problem in it, then you can send a request for review (see below the discussion about malware review). Further, it was clarified that the determination that the site is infected in based not on your reputation as a webmaster, but on the content of the pages.

You can also use the “Fetch as Google” tool feature through your Google Webmaster account if you suspected that your site have been hacked and usually the content that are hacked are .php, template file and CMS plugins.

What to Do if Your Site is Being Hacked?

If your site has been hacked and you are having hard time to recover from that problem, then Google recommends you to do the following:

Quarantine Your Site

Assess the Damage

Clean up Your Site

Request a Malware Review

Why Make a Request for Malware Review?

Once you have already cleaned up your site and you are certain that it is free from malware, then that is the time to request Google to review it or reconsider it. The automatic system of the search engine will then scan your site, and if no malware is found the warning from the site will be removed. However, you should still check the status of your site in the Webmaster Tools because the process may take a day or more than that. But in case you have cleaned your site and the warning is still there, the implication is that there might still be some problems in it; hence, you should check on the said tool for a list of URLs with potential problems. On the other hand if you want to monitor your site’s health or know the ways to ensure its security, just read: Preventing Malware Infection.

It is really good that Google team is doing something very helpful for the webmasters to protect and/or fight off the hacking activity in the web, but it should still be borne in mind that the safety of the site is still not in the initiative of the search engine, but in the will of the site owners. In other words, the right solution can be found nowhere else but in you.

Insights? Share it below.

online strategic solution

Al Gomez

SEO Consultant, Online Marketer & Blogger, Web Developer & DLINKERS Founder.

“Chose a job you love, and you will never have to work a day in your life.”