A hacked website is perhaps the most irritating problems faced by webmasters worldwide. Google on its part tries do all it can to help webmasters clean up their sites and prevent future compromises. Google recently posted a blog on Webmaster Central Blog outlining what can be done to prevent such nuisance from happening again.
The first thing Google advices webmasters is to make web pages as safe as possible for searchbots to visit. However, unscrupulous third parties, with malicious intent, hack websites to influence search engine results, distribute harmful content, or spam. Google will on its part will begin to alert webmasters by labeling sites as “This site may be compromised” in search results.
In case you have verified your website in Webmaster’s Tools you will likely receive a message that your site has been identified as hacked and if possible Google will also send you URLs of the pages that are compromised.
In the event your website has been tampered to distribute malicious content or malware, Google will display the message “This site may harm your computer”. Visitors using browsers like Chrome will be forewarned when they attempt to visit such sites. Google will share information with you in the Webmaster Tools, more specifically in the malware section.
Google will also give webmasters specific tips for removing malware and tips to prevent such attacks.
Generally there are two ways by which malicious third parties compromise your website:
Hackers wanting to influence search engines inject links into sites they own. These links are hidden and webmasters cannot detect it. Hackers are smart enough to compromise the site in such a way that the content is displayed only when the site is visited by search engine crawlers.
When Google detects such a thing they will send a message to your Webmaster’s tool account and alert you. In case you doubt your site is already compromised, you have the option to check the content your site displays on Google by using the ‘Fetch as Google’ tool. Generally such content is injected in places like template files, CMS plugins, and php files.
Another trick hackers usually try is redirecting your users to malicious or spammy sites. Not all users may be redirected and hackers might target specific users like those coming from mobile users or from search engines. To test if this has happened it is suggested you try to access your site directly and then through a search engine. If you are able to access your site directly but can’t do so thru a search engine then it is a clear indication your site has been hacked.
Hackers modify server configurations files to accomplish this. In the event you doubt your website is hacked it is recommended that you also check your server configuration files.
Prevention and Cleanup
When you learn that your site has been hacked it is not only important to clean up the site, but also look for loopholes that allowed it to happen. Google has extensive instructions on how to clean up your sites and prevent future compromises. Even your hosting provider or Google’s Malware and Hacked sites forum can serve as resource to get specific advice.
Having cleaned up your site please do submit a reconsideration request so that the warning label is removed by Google.