How to identify hacker activity on the site, eliminate its consequences and protect yourself from intruders

Original author: Megumi Hitomi, Search Quality Team, Japan
  • Transfer
Webmaster Level: For All
burglary warning
In the Google search results, under the address of the webpage that was allegedly attacked, this message will be displayed . You may not think that your site may be hacked, but this is a fairly common occurrence. Hackers attack many resources, hoping to undermine their reputation or take possession of users' personal data.
Having gained access to a site, an attacker can modify its content, for example, add spam pages. They are used for a variety of purposes, including redirecting to unwanted and malicious resources. Recently, there have often been cases when a visitor to a hacked site opens a page that simulates a site for downloading content.
If you find that your resource has been hacked, it is important to understand why this happened as soon as possible and fix the problem. Below we will talk about how webmasters can protect site visitors from spam and malware.

Three tips to help identify hacker activity on your site


  • Track suspicious URLs and directories

Use the command site: URL of your site in Google Search , such as site: example.com. It allows you to discover pages and directories on your site that you did not create. Perform this check regularly and as often as possible.
In addition, you can set up Google alerts for your site. For example, if you specify the site: example.com option (download | free | watch | online), the system will check if there are any such words on your pages, and if it does, it will notify you by e-mail.


On the Search Queries page, you can find out what keywords Google is offering users content from your site. Unusual or irrelevant options on this list may indicate that your site has been hacked.
Carefully check if there are requests from other languages ​​among them: this may also mean that your site has spam pages.
webmaster tools search queries
Requests for an English site that hosts spam pages in Russian

  • Receive Webmaster Tools alerts to your email address

If your site has been attacked, Google will let you know. Such notifications appear on the All Messages page in your Webmaster Tools account, but we recommend that you also forward them to your email address . Although Google does not recognize all types of inappropriate content, in most cases, this precaution will help you in time to learn about hacking.

How to eliminate the consequences of hacking and secure your site


  • Be alert

The Webmaster Tools Security Issues section provides information on which pages of your site have detected hacker activity, as well as detailed recommendations for resolving problems . Carefully study these materials in order to take the necessary measures immediately in case of a break-in.

  • Protect your site from possible attacks

Better to prevent malicious activity than to eliminate its consequences. When hacking a site, hackers often exploit vulnerabilities in content management systems. Here are some tips to help you protect yourself from cybercriminals:
  1. Update your content management app regularly.
  2. If your system provides security alerts, subscribe to it.
  3. If you want to use the content management software provided by your provider, choose a reliable service provider.

We hope that the above recommendations will help you maintain a high level of site security. If you have questions, ask them in the comments on this article or search for answers in the Google Webmaster Help Forum .
If you find suspicious sites in Google search results, let us know about them using this tool .

Also popular now: