: Google search keeps indexing hacked URLs I have a Wordpress website that is indexing some URLs on Google that seems like my website was hacked. I've tried: Search my host for infected files
I have a Wordpress website that is indexing some URLs on Google that seems like my website was hacked.
I've tried:
Search my host for infected files and folders, but didn't find anything. Both manually and using Wordfence.
I've installed a fresh Wordpress with a different theme and manually imported the content.
I've tried to Remove the URL's in Google Search Console, and it kind of work, but it seems that whatever that is generating those URL's just creates a bunch more.
And finally I did a 301 redirect in my .htaccess
Now I'm changing my host provider, but I'm afraid that it won't help.
Am I missing something?
P.S.: Those pages aren't indexed on other search engines, like Bing.
P.S.2: I'm currently in a shared hosting enviroment with no SSH access.
More posts by @Nimeshi995
4 Comments
Sorted by latest first Latest Oldest Best
Without knowing your FQDN or any extra info, it looks like they may have hacked your DNS (likely added a wildcard DNS entry for a subdomain, or just an A-record) and might be hosting the illegitimate content themselves.
You don't need to change host provider. The problem was/is within your own webpage. In some plugin or in theme. It was/is located somewhere in code.
So, if nothing was found, download your site locally and scan it with antivirus software. Then if nothing shows up, put site back online.
You don't need to do any redirects, it won't help. Basically there was/is an exploit in your page, and if wordfence didn't detect anything.
You just need to reindex your page with google and if everything is ok, that won't be happening anymore. Afterwards, put some security up and monitor your site for few weeks.
I got the same problem once with a website with an old version of Joomla, the server was safe but the pages were generated by an hack on at PHP level that I was not able to discover fast.
In the end I preferred to delete DB and all files, recover from a valid backup and update everything to latest version.
After that I removed all bad URLs using Google removal tool in Google Search Console and resubmit the website to Google for a check of hacking.
If Google is indexing these, it means they are resolving. Your domain is serving bad pages - possibly JUST to Search Engines if you've been hacked at the server level. They won't resolve or show up otherwise.
Changing host provider works - shift your content to a new server and these will begin to disappear.
To get them removed ASAP you'll want to use a URL removal tool. Gather all the bad URLs and use Google Search Console to submit them for removal.
Terms of Use Create Support ticket Your support tickets Stock Market News! © vmapp.org2024 All Rights reserved.