Website bị nhiễm mã độc và hacker chiếm quyền đãi website, gây thiệt hại cho kinh doanh. Nguyên nhân có thể là upload dữ liệu từ máy tính nhiễm virus hoặc password đơn giản dễ bị hacker tấn công. Sử dụng theme, plugin free hoặc share trả phí cũng tăng nguy cơ bị hack. Cách khắc phục bao gồm thay đổi thông tin quản trị, xóa mã độc, update WordPress và plugin, xóa website ra khỏi Google Search Console, xóa nội dung lạ và link out, khai báo lại website với Google Search Console và disavow link xấu.
Fixing a Hacked Website: How to Recover from a Google Indexing Hijack
Dealing with a hacked website, where hackers take control and sabotage your online presence, can be a nightmare for website owners. Especially for those with limited experience and knowledge in website management and security.
When your website is compromised and injected with malicious code, leading to Google indexing it in foreign languages like Japanese and Chinese, your site’s credibility takes a hit, potentially causing significant damage to your business.
Let’s dive into the reasons behind these hacking incidents and explore effective solutions to tackle this issue head-on.
Factors that Cause Hacking Incidents
- Uploading infected data from personal computers, introducing viruses during the upload process.
- Using weak and easily exploitable admin passwords like ‘admin,’ ‘admin123456,’ ‘12345678,’ etc.
- Failing to update WordPress, plugins, and themes to the latest versions, leaving security vulnerabilities unaddressed.
- Utilizing free themes and plugins, which are more susceptible to virus infections compared to paid versions.
- Sharing paid themes and plugins for free, increasing the risk of malware injections.
- Neglecting security standards and best practices for website and hosting usage.
- Not regularly scanning the website for malware using various tools and plugins.
- Exposing your website to daily risks on the internet, as hackers and automated bots constantly search for vulnerabilities to exploit.
Resolving the Issue: Step-by-Step Guide
1. Change Administrative Information
Start by updating all your administrative details, including hosting, website admin, FTP, and database credentials, to secure your accounts.
2. Identify and Remove Malicious Code
After securing your accounts, scan and eliminate any malware or viruses from your website. Consider hiring professionals with programming expertise if needed, but remember that quality services often come at a cost.
3. Remove the Website from Google Search Console
Access your Google Search Console account, remove your website from the listings to prevent further indexing. Hackers often submit sitemap.xml files with compromised links to expedite indexing, so immediate removal is essential.
4. Eliminate Unusual English and Hidden Content
Delete any strange English content and check all website sections like posts, pages, and categories for irregularities to ensure a clean slate.
5. Eradicate Hidden Links and Content
Utilize tools like Ahrefs and Screaming Frog to identify hidden outbound links, as they often accompany hidden content on the homepage. Confirm that all content is free of rogue links and foreign language material.
6. Re-Submit the Website to Google Search Console
Once everything is cleared, re-submit your website to Google Search Console for re-indexing.
7. Create and Submit a Fresh Sitemap
Generate a new sitemap and submit it to Google for a complete re-indexing of your website.
8. Disavow and Remove Suspicious Links
Use Google’s disavow tool to disassociate from any harmful backlinks and employ a linked removal addon. Managing excessive link removal can be challenging but crucial for a clean slate.
9. Request a Google Website Review
Upon completing the previous steps, request a reconsideration of your website by Google. With thorough rectifications, the review process should yield positive results within a reasonable timeframe.
By following these steps meticulously, you can recover from a website hijack and restore your online presence with confidence. Remember, proactive maintenance and security measures are key to safeguarding your website from future cyber threats.