Recovery After A Hack - No Manual Action Notice
-
Hi Guys,
I am helping out an agency who have had a couple of site hacked on their server. I can confirm by correlating increase in not found errors and drop in rankings, that the drop was definitely hack based although the site had no manual action notice from Google.
The site looks to have been fixed i.e all not found pages look to have been sorted. Obviously there are some dodgy backlinks to now non existant pages but it looks like two months on no sign of a recovery. Is this normal?, Could the site still be hacked and the web designer is claming it has been cleaned up?
I am used to dealing with hacked sites when there has been a manual action listed and then it's quite easy to complete the clean up work, submit a reconsideration and then get the manual action revoked but when you don't receieve a manual notification and the site doesn't recover, what do you do?
Kind Regards
Neil
-
Hi Neil,
I quite like Sucuri as a tool for monitoring a website as to whether or not it has been blacklisted by any of the malware/hacked tools. I don't know this to be fact, but my professional observation is that even if a manual action has not been placed by Google but those other web sources say "We don't trust this site" then that can have a negative impact on that site's rankings even though Google hasn't reviewed it manually.
We've had sites that were repaired also stay on one platform or another's blacklist for weeks after the problem was removed just based on how those tools work, some may require clean scans for two weeks, for example, before fully signing off that the site has been repaired and that the malware or whatever won't just pop back up due to poor server security.
I would check out those sources first, make sure you don't see a blacklist by any of those big security companies, and then work on disavowing any of the bad links to the now deleted pages, and making sure you clean up your indexation so any 404'd pages are properly forwarded and the sitemap is cleaned back up so as not to be throwing errors.
A little spring cleaning after those types of issues goes along way, especially if you're 100% sure you aren't blacklisted by any of the website scanning tools. I wish we knew exactly how they interfaced with Google, or how much weight they gave, but I have observed what you are describing and found that it wasn't Google's shit list but say Norton has the site flagged and Google doesn't, it's a pretty safe bet that Google at least knows about it and they become a little wary.
Hope this helped! Cheers.
-
Hi there.
So, you say that website has been penalized due to being hacked, even though there is no manual action, no "this site may be hacked" under your domain in SERPs, and you base your decision on 404s and drop in rankings. Or, to rephrase, you explain drop in rankings by website being hacked, even though there is no proof of it. Hmmm... Still doesn't sound suspicious?
How about website's SEO? UX/UI? Crawlability? Your industry trend? Competitiors' SEO improvement? Your backlink profile? There are sooooo many other reasons rankings can be dropping besides website being hacked. Are all these things I listed in perfect shape?
Got a burning SEO question?
Subscribe to Moz Pro to gain full access to Q&A, answer questions, and ask your own.
Browse Questions
Explore more categories
-
Moz Tools
Chat with the community about the Moz tools.
-
SEO Tactics
Discuss the SEO process with fellow marketers
-
Community
Discuss industry events, jobs, and news!
-
Digital Marketing
Chat about tactics outside of SEO
-
Research & Trends
Dive into research and trends in the search industry.
-
Support
Connect on product support and feature requests.
Related Questions
-
Home Page Deindexed Only at Google after Recovering from Hack Attack
Hello, Facing a Strange issue, wordpress blog hghscience[dot]com was hacked by someone, when checked, I found index.php file was changed & it was showing some page with a hacked message, & also index.html file was added to the cpanel account.All pages were showing same message, when I found it, I replaced index.php to default wordpress index.php file & deleted index.htmlI could not find any other file which was looking suspicious. Site started working fine & it was also indexed but cached version was that hacked page. I used webmaster tool to fetch & render it as google bot & submitted for indexing. After that I noticed home page get deindexed by google. Rest all pages are indexing like before. Site was hacked around 30th July & I fixed it on 1st Aug. Since then home page is not getting indexed, I tried to fetch & index multiple time via google webmasters tool but no luck as of now. 1 More thing I Noticed, When I used info:mysite.com on google, its showing some other hacked site ( www.whatsmyreferer.com/ ) When Searching from India But when same info:mysite.com is searched from US a different hacked site is showing ( sigaretamogilev.by )However when I search "mysite.com" my site home page is appearing on google search but when I check cached URL its showing hacked sites mentioned above.As per my knowledge I checked all SEO Plugins, Codes of homepage, can't find anything which is not letting the homepage indexed.PS: webmaster tool has received no warning etc for penalty or malware. I also noticed I disallowed index.php file via robots.txt earlier but now I even removed that. 7Dj1Q0w.png 3krfp9K.png
Technical SEO | | killthebillion0 -
My sites just disappeared from google last night. there is no manual action in webmaster.
can it the penalty if so how do i find out if i was hit with a penalty i keep checking my webmasters but there is no alert for penalty. this is very sad but once i make sure it was a penalty i can move on for a safer seo. Sites are indexed i checked. there is no other indexing issue or robots issue either. Please help
Technical SEO | | samafaq0 -
Suggestions on Website Recovery
Hello Mozzers! I have been tasked with recovering a site from partial link penalty that was previous brought to my attention for this website www.active8canada.com. Upon reviewing the site backlinks and reporting info in Google webmaster tools, I found there was no penalty showing, could it have expired? We spent the last few months doing link cleanup as we recognize that there was some bad links that needed to be addressed. We requested removal of all the bad links after spending time categorizing all of them. Targeting commercial anchor text and bringing those numbers back to acceptable levels. Following this we did a disavow of the bad links which could not be removed through requests. We are actively building out additional content for the website as we recognize that some pages have thin content. We have earned some links as well to show some positive signals during the cleanup but have seen no change for better or worse. My question is, does anyone else see anything else we could be missing here? Should I revisit links again? Some of the links we disavowed are still showing in our backlink reports, but I cross referenced our disavows with the existing backlink profile to try and get an accurate sense of the remaining links. We never saw a decline in ranks further after the disavow, so I'm lead to believe that the links we removed had little, if any impact. I am a little hesitant to begin earning new links through content and partnership outreach as I still feel something is off that I can't quite put my finger on. It was previously confirmed that there was a penalty, but without that showing now in Google webmaster tools I'm grasping at any possible angle I may have missed. If anyone had a couple minutes to spare to shed some light on this situation, it would be greatly appreciated!
Technical SEO | | toddmumford0 -
Webmaster Tools Manual Actions - Should I Disavow Spammy Links??
My website has a manual action against it in webmaster tools stating; Unnatural links to your site—impacts links Google has detected a pattern of unnatural artificial, deceptive, or manipulative links pointing to pages on this site. Some links may be outside of the webmaster’s control, so for this incident we are taking targeted action on the unnatural links instead of on the site’s ranking as a whole I have checked the link profile of my site and there are over 4,000 spammy links from one particular website which I am guessing this manual action refers to. There is no way that I will be able to get these links removed so should I be using Google's Disavow Tool or is there no need? Any ideas would be appreciated!!
Technical SEO | | Pete40 -
I noticed all my SEOed sites are getting attacked constantly by viruses. I do wordpress sites. Does anyone have a good recommendation to protect my clients sites? thanks
We have tried all different kinds of security plugins but none seem to work long term.
Technical SEO | | Carla_Dawson0 -
Crawl Diagnostic: Notices about 301 redirects
There are detected five 301 redirects on my site and I want to understand why this is happening? And is this important to fix? http://domain.cl/subfolder ---- redirects to ----> http://domain.cl/subfolder/ What does this tell me "/" I am very curious 🙂 Thanks for every answer
Technical SEO | | inlinear
Holger0 -
How to remove the 4XX Client error,Too many links in a single page Warning and Cannonical Notices.
Firstly,I am getting around 12 Errors in the category 4xx Client error. The description says that this is either bad or a broken link.How can I repair this ? Secondly, I am getting lots of warnings related to too many page links of a single page.I want to know how to tackle this ? Finally, I don't understand the basics of Cannonical notices.I have around 12 notices of this kind which I want to remove too. Please help me out in this regard. Thank you beforehand. Amit Ganguly http://aamthoughts.blogspot.com - Sustainable Sphere
Technical SEO | | amit.ganguly0 -
Website hacked
Hi I've been asked to help a colleague with his website. It seems to be hacked. He recently received an e-mail from Google saying his adwords account was suspended 'due to high probability his site may be hosting or distributing malicious software' I just checked his source and there seems to loads of weird on code on his pages, this would not have been but on by any members of the website owners. Please image attached when we try to access his website via google search I just contacted the hosting provider - does anyone have experience with this and how to prevent such hacking in the future. The site is build using HTML with no CMS. IjW19.jpg
Technical SEO | | Socialdude0