Recovery After A Hack - No Manual Action Notice
-
Hi Guys,
I am helping out an agency who have had a couple of site hacked on their server. I can confirm by correlating increase in not found errors and drop in rankings, that the drop was definitely hack based although the site had no manual action notice from Google.
The site looks to have been fixed i.e all not found pages look to have been sorted. Obviously there are some dodgy backlinks to now non existant pages but it looks like two months on no sign of a recovery. Is this normal?, Could the site still be hacked and the web designer is claming it has been cleaned up?
I am used to dealing with hacked sites when there has been a manual action listed and then it's quite easy to complete the clean up work, submit a reconsideration and then get the manual action revoked but when you don't receieve a manual notification and the site doesn't recover, what do you do?
Kind Regards
Neil
-
Hi Neil,
I quite like Sucuri as a tool for monitoring a website as to whether or not it has been blacklisted by any of the malware/hacked tools. I don't know this to be fact, but my professional observation is that even if a manual action has not been placed by Google but those other web sources say "We don't trust this site" then that can have a negative impact on that site's rankings even though Google hasn't reviewed it manually.
We've had sites that were repaired also stay on one platform or another's blacklist for weeks after the problem was removed just based on how those tools work, some may require clean scans for two weeks, for example, before fully signing off that the site has been repaired and that the malware or whatever won't just pop back up due to poor server security.
I would check out those sources first, make sure you don't see a blacklist by any of those big security companies, and then work on disavowing any of the bad links to the now deleted pages, and making sure you clean up your indexation so any 404'd pages are properly forwarded and the sitemap is cleaned back up so as not to be throwing errors.
A little spring cleaning after those types of issues goes along way, especially if you're 100% sure you aren't blacklisted by any of the website scanning tools. I wish we knew exactly how they interfaced with Google, or how much weight they gave, but I have observed what you are describing and found that it wasn't Google's shit list but say Norton has the site flagged and Google doesn't, it's a pretty safe bet that Google at least knows about it and they become a little wary.
Hope this helped! Cheers.
-
Hi there.
So, you say that website has been penalized due to being hacked, even though there is no manual action, no "this site may be hacked" under your domain in SERPs, and you base your decision on 404s and drop in rankings. Or, to rephrase, you explain drop in rankings by website being hacked, even though there is no proof of it. Hmmm... Still doesn't sound suspicious?
How about website's SEO? UX/UI? Crawlability? Your industry trend? Competitiors' SEO improvement? Your backlink profile? There are sooooo many other reasons rankings can be dropping besides website being hacked. Are all these things I listed in perfect shape?
Got a burning SEO question?
Subscribe to Moz Pro to gain full access to Q&A, answer questions, and ask your own.
Browse Questions
Explore more categories
-
Moz Tools
Chat with the community about the Moz tools.
-
SEO Tactics
Discuss the SEO process with fellow marketers
-
Community
Discuss industry events, jobs, and news!
-
Digital Marketing
Chat about tactics outside of SEO
-
Research & Trends
Dive into research and trends in the search industry.
-
Support
Connect on product support and feature requests.
Related Questions
-
Manual action due to hack
We have had some issues with one of our websites getting hacked. The first time it happened, we noticed it the next morning and cleaned it up before Google even realised. However, the same thing happened again over the weekend, and I came into the office to an email from Google: Google has detected that your site has been hacked by a third party who created malicious content on some of your pages. This critical issue utilizes your site’s reputation to show potential visitors unexpected or harmful content on your site or in search results. It also lowers the quality of results for Google Search users. Therefore, we have applied a manual action to your site that will warn users of hacked content when your site appears in search results. To remove this warning, clean up the hacked content, and file a reconsideration request. After we determine that your site no longer has hacked content, we will remove this manual action. _Following are one or more example URLs where we found pages that have been compromised. Review them to gain a better sense of where this hacked content appears. The list is not exhaustive. _ We have again cleaned up the website, however, my problem is that even though we have received this email, I cannot find any evidence of the manual action having actually been applied. I.e. it doesn't show in the Search Console and I am also not getting a warning in the search results when searching for our own website or clicking on the result for our website. That means I cannot submit a reconsideration request - however I am not sure at all there was actually a manual action applied at all based on my test searches. Has anyone here experienced the same issue? What do you suggest doing in this case? Thank you very much in advance for any ideas.
Technical SEO | | ViviCa10 -
Did anyone else noticed Google index bug?
Noticed page indexation drop in Search Console for most of my sites. Guys from Search Engine Land seem to know about that: http://selnd.com/1YqiOoQ Did anyone else noticed something weird?
Technical SEO | | solvid1 -
Is putting a manufacturer's product manual on my site in PDF duplicate content
I add the product manuals to our product pages to provide additional product information to our customers. Is this considered duplicate content? Is there a best way to do this so that I can offer the information to my customers without getting penalized for it? Should they be indexable? If not how do I control?
Technical SEO | | merch_zzounds0 -
Manual Action - When requesting links be removed, how important to Google is the address you're sending the requests from?
We're starting a campaign to get rid of a bunch of links, and then submitting a disavow report to Google, to get rid of a manual action. My SEO vendor said he needs an @email domain from the website in question @travelexinsurance.com, to send and receive emails from vendors. He said Google won't consider the correspondence to and from webmasters if sent from a domain that is not the one with the manual action penalty. Due to company/compliance rules, I can't allow a vendor not in our building to have an email address like that. I've seen other people mention they just used a GMAIL.com account. Or we could use a similar domain such as @travelexinsurancefyi.com. My question, how critical is it that the domain the correspondence with the webmasters be from the exact website domain?
Technical SEO | | Patrick_G0 -
Wordpress Redirect Plugin Vs Manual .htaccess?
Hi everyone, I need to 301 redirect my old pages to new ones but i am confused between whether to choose plugin for this or i should manually rewrite the code on .htaccess file. Please give your suggestion and if you think i should use plugin then which one?
Technical SEO | | himanshu3019890 -
Does Google take a lot of notice of html and what a p class maybe called?
Hi there My client has p class="seoText” in his html Do you think this is something to get cleaned up? How much note does Google make of HTML? Will Google read this and 'think hold on a minute' do you think ... ? Its small I know but trying to capture any advantage we can at the moment - there are other bigger things we are working on! Thanks
Technical SEO | | Chammy0 -
Dealing with manual penalty...
I'm in the back-and-forth with Google's Quality Search team at the moment. We discovered a manual penalty on our website and have been trying to get it removed as of late. Problem is, tons of spammy incoming links. We did not ask for or purchase any of these links, it just so happens that spammy websites are linking to our site. Regardless, I've done my best to remove quite a few links in the past week or so, responding to the Quality Search team with a spreadsheet of the links in question and the action taken on each link. No luck so far. I've heard that if I send an email to a website asking for a link removal, I should share that with Google as well. I may try that. Some of the links are posted on websites with no contact info. A WhoIs search brings up a hidden registrant. Removing these links is far from easy. My question is, what are some techniques that are proven to be effective when working your way through the removal of a manual penalty? I know Google isn't going to tell me all of the offending links (they've offered a few examples, we've had those removed - still penalized) so what's the best way for me to find them myself? And, when I have a link removed, it may stay in Webmaster Tools as an active link for a while even though it no longer exists. Does the Quality Search team use Webmaster Tools to check or do they use something else? It's an open-ended question, really. Any help dealing with a manual penalty and what you have done to get that penalty removed is of great help to me. Thanks!
Technical SEO | | ccorlando0 -
Do we need to manually submit a sitemap every time, or can we host it on our site as /sitemap and Google will see & crawl it?
I realized we don't have a sitemap in place, so we're going to get one built. Once we do, I'll submit it manually to Google via Webmaster tools. However, we have a very dynamic site with content constantly being added. Will I need to keep manually re-submitting the sitemap to Google? Or could we have the continually updating sitemap live on our site at /sitemap and the crawlers will just pick it up from there? I noticed this is what SEOmoz does at http://www.seomoz.org/sitemap.
Technical SEO | | askotzko0