1. Advertising
    y u no do it?

    Advertising (learn more)

    Advertise virtually anything here, with CPM banner ads, CPM email ads and CPC contextual links. You can target relevant areas of the site and show ads based on geographical location of the user if you wish.

    Starts at just $1 per CPM or $0.10 per CPC.

Google Search Console : My website has been hacked

Discussion in 'Search Engine Optimization' started by Webmaniac59, Nov 15, 2022.

  1. #1

    I was victim of a hack on my website where the hacker created a cloacking hack in Japanese.

    He created more than 20K pages of which 9000 were indexed, but what surprises me is that they all have the same ending :
    - https://www.domain.com/?123
    - https://www.domain.com/?234
    - https://www.domain.com/?...

    Here are the captures :

    How can I do to index them all from Google via a formula containing prefix "https://www.domain.com/?" and how?

    Thanks a lot in advance
    Webmaniac59, Nov 15, 2022 IP
  2. Oso Optimized

    Oso Optimized Active Member

    Likes Received:
    Best Answers:
    Trophy Points:
    What does this sentence mean? Can you rewrite it?
    Oso Optimized, Nov 15, 2022 IP
  3. FarrisFahad

    FarrisFahad Well-Known Member

    Likes Received:
    Best Answers:
    Trophy Points:
    Digital Goods:
    I think you should redirect these pages to 404 or 410. Google these numbers. 404 means page not found which will remove your indexed page from Google and 410 eans gone.
    FarrisFahad, Nov 18, 2022 IP
  4. optimizer

    optimizer Well-Known Member

    Likes Received:
    Best Answers:
    Trophy Points:
    The hack is from infamous Japanese keyword hack malware. If unknown pages are indexed in google that is because it has added its own sitemap in search console tool.

    1) The first step is to go and delete all your site maps (yes all!) in google search console.

    2) In your cPanel file manager or from ftp , Check for file which looks similar to google3xxxx334d8311ec.html in your public_html, if you find two files then one of them is created by malware to verify itself in google search console. Identify the correct one that was created by google search console to verify your site and delete the fake one.

    3) Edit .htaccess. Add these codes.

    #--exclude fake google search console site verification file--#
    RewriteCond %{REQUEST_URI} !^/google3xxxx334d8311ec\.html$ [NC]
    #--redirect all .html requests to 410 Gone--#
    RewriteRule \.htm$ - [R=410,L]

    The codes above in .htaccess in wordpress blocks any request to the fake file created by malware for indexing its urls. Secondly, it sets all bogus japanese pages indexed in the google to 410 page status that is deleted.

    These are some basic steps to get rid of japanese keyword hack, although some additional steps are required to prevent 2nd degree infection. If you remove all your malware pages from google index, it will take 2-3 months to fully recover from it. If you do not get rid of these Japanese pages early google will start ignoring the indexing of your new pages, traffic will drop and your site will be dead.
    optimizer, Nov 18, 2022 IP
    Jim4767 likes this.
  5. mikemiller1

    mikemiller1 Well-Known Member

    Likes Received:
    Best Answers:
    Trophy Points:
    When was the last time the website was fine without the hack? Usually many hosting companies have a backup of the last 2 weeks or sometimes 1 month backup. You can restore the website to the original condition it was 1 month ago. Call and check with them. First create a backup of the current hacked website also, just incase.
    If it is wordpress you can use duplicator plugin or save the files from ftp..there are many other ways to save the backup
    mikemiller1, Nov 23, 2022 IP