The story of the website being infected with malicious code more or less a / e has also encountered a few times, this is a common situation when many a / e use themes and plugins of unknown origin or reveal admin information… In theory, there are many different reasons, but if the website is infected with malicious code, how to handle it? Then here is the article to share the experience for you.
OUR PROJECT WEBSITE:
- YMYL field
- KPI Top 5 & Top 10
- Traffic committed: 50k traffic / month
- Tested & transferred to maintenance phase.
- Website infected with malicious code
- Google Panda
1. First stage:
- Detect malicious code & delete suspicious files, files, shells.
- Backup the website version 2 weeks ago when the website is not infected with malicious code.
- If in hosting many different satellite websites; separate the website that is infected with malicious code from that old hosting, to avoid infection.
- Test and monitor within 1 week to see if the website still has problems or not? Or has it been completely resolved.
=> Make sure the website has removed the malicious code and returned to the normal state.
2. Next stage:
- The website is technically guaranteed before, so just check it out without having to audit the website too carefully.
- The problem of the website with Google Panda in this case is 99% due to the URL
2.1 Some situations the website will encounter:
- Website url changed TITLE SEO (photo #1)
- Automatically create English Spam Blogs on the website (Pictures 2 & 2.1)
- 32k spam links appeared (photo 3)
HOW TO FIX THE PROBLEM OF SOME SITUATIONS ABOVE
1. Handling SEO Title Changed
- Site: domain.vn
=> To see which SEO URL Links have been changed and re-mark then “Submit Index” the changed URL.
- In many cases, the tool Screaming Frog & Website Auditor & Ahref can be used to check. (Picture 4)
2. Auto create Blog Spam
- Filter the list to delete & Delete all spam posts in wordpress
- Remove index on Google Search Console
3. 32k Indexed spam links need to be handled:
3.1 Filter all the spam links that google indexed do the following ways:
- Using SEO Tool Log File Analyzer (Picture 5)
- Sử dụng Google Search Console > Settings > Crawl stats > Not found (404) > Export file(Ảnh 6)
- Site: domain > Settings > Results per page SELECT 100 > Quick export (Picture 7)
“Filter duplicates and aggregate into one file a list of all spam links that need to be deleted”.
=> Should use all methods to filter out all spam links, each method will filter out spam links that the other method cannot filter out.
3.2 Delete the Index on Google Search Console all the spam links that have been filtered above
” assuming you have filtered out 32k spam links, shouldn’t you manually add each link 1 to the index removal tool of google search console?”
=> Using “WebMaster Tools – Bulk URL Removal”, the tool automatically deletes the index of spam links very quickly and conveniently. ($10/month) (Picture 9)
“depending on how heavy or light the website is, if the spammy link is small, you can delete it manually by yourself.”
After processing is complete, the rest is to wait for google to remove the penalty & return the original ranking.
V/ Enhancing BASIC WORDPRESS WEBSITE SECURITY
- Use genuine wordpress website theme & plugin, avoid using pirated version, share for free online.
- Should separate the website on many different hosting, avoid cross infection.
- Install Wordfence Security Plugin, help to upgrade security features.
- Change login path