Many of the website owners are facing the issues of being labeled as “This site may be hacked” on the Google search results. In this competitive and the fast world, we are facing many technological issues and when the issues become public they impact on the branding. Following steps will help you to get rid of the “This site may be hacked” message and help you to protect the site from future attacks.
Step 1. Do no panic
When you see that your site is labeled as “This site may be hacked“, do not panic. Find the root cause of the hack by checking the server for the recently updated files. If you do not have much technical knowledge, ask your development team / developer to get the root cause of the hack. You can also check the site on VirusTotal , SecuriScan or Google search console for the infected files and report
Step 2. Isolate the files
Isolate the hacked files from the other files and replace them with an uninfected version of the files. If you have a backup of the site, you can try restoring the backup. Note that if your site is targetted once it will be targeted again. Make sure to apply proper security controls so all future hacks can be prevented.
Step 3: Verify the site again
After the deployment, wait for a couple of hours and check for the suspicious activities. If you still find the files are being updated automatically then you need to validate the source code again for the removal of code from other places of the server.
If no files are updated you can revalidate the site on SecuriScan and VirusTotal. If both of the sites are not showing any messages you can resubmit the site to Google for the reevaluation.
We applied this technique to many of the sites and we could remove the “This site may be hacked” message in 3 to 5 days. If you are seeing this message on the site and it is not cleared you can contact us for cleaning the hack.
Why my sites are being hacked?
This is the biggest question I get from people when they see that their sites are hacked. The motive behind the hack may be any from the competition to just for fun. We cannot stop hackers from attacking or hacking your sites but we can definitely make it difficult for them to hack your site. following steps will help you secure your site from future hacks
- File and Folder Permissions:
Make sure to give the least possible permission to your files and folders. If you have the Linux / apache, CPanel server choose to go with 644 rights. With 644 rights you are not allowing outsiders to write anything on the server.
In past experiences, I saw that even the CPanel code was infected and it was spreading the infection to all the sites on the server. It is always important to closely monitor the activities on the server and take the actions as soon as you see any suspicious activities.
- Use the latest version of the code:
Many of the sites are using the Content Management System (CMS) like WordPress, Joomla, Drupal and etc. It is good to use the CMS but it is important to make sure that they are secured enough to sustain against hack attacks. Many of the sites are still using the old version of the CMS and they become the easy target of the hack.
Make sure to update the CMS, Plugins and Widgets as soon as it’s possible. Not updating and securing them is giving the indirect invitation to hackers to hack the site.
- Remove unnecessary files and folders:
Remove unnecessary files and folders from the server. Many of the sites keep the non-required files and folders on the server and it overall impacts on the site security.
It is always said that Prevention is better than cure, apply the steps mentioned above and you can prevent your site from the future hacks.