Japanese Hack Assistance

Hi there,

This is more of a follow on from ticket – https://premium.wpmudev.org/forums/topic/replacing-404-pages-with-410s-automatically

So a while back our website was hacked and it appears to be Japanese in nature. I’ve found an article which seems to describe the issue pretty well – https://developers.google.com/webmasters/hacked/docs/fixing_the_japanese_keyword_hack

I think this happened due to our site plugins and WordPress being out of date, therefore leaving it open to vulnerabilities. When this happened originally, we were in the process of creating a new website to replace the old one.

The initial hack was fixed and we then pushed the new one live, which is the current one.

The worst part about this hack was that 3rd party domains were and still are randomly generating links pointed to our domain (You can see this through ‘site:justaccounts.com’ in Chrome), examples:

justaccounts.com/purchase_nrbGbN7G/

http://www.justaccounts.com/servant_gWG77G.

http://www.justaccounts.com/iterate_7GbNnrG7.

Currently all of these generated links are throwing 404 errors, because the path now does not exist. This is causing us to have an extremely high bounce rate as most of our traffic now comes from Japan and surrounding countries to these dead links, and are immediately leaving because the page doesn’t exist.

This is, in turn, causing us to drop in search rankings massively.

The ticket I raised relating to this was looking more towards a ‘plaster-over-the-wound’ solution, to turn these 404 errors into 410 errors so the links are quickly un-indexed, however I realise that this may work as a temporary solution but I will need to address the main issue.

So the crux of this ticket is, do you have any suggestions on how I can really properly tackle this issue and have it sorted once and for all. Stopping these 3rd party link generations and having our domain show as clean and only displaying URL’s submitted in our sitemap?

A few notes.

– I have not yet made the change to the 404 .php file to display them as 410’s

– The steps have been followed to remove the ‘This site may be hacked’ message

– Our site currently seems stable and not hacked, so the main issue is the 3rd party generated links

Any help on this subject would be greatly appreciated as it is becoming a serious issue in terms of us utilising our website properly.

If you need any more information please let me know!

Thank you in advance! :slight_smile:

Peter.

  • Sajid
    • DEV MAN’s Sidekick

    Hello Peter Rowlands,

    Hope you are doing good today :slight_smile:

    If I understand correctly, then main issue is 404 links that appear in Google Search results and when somebody follow that link, it generates a 404 error.

    So first of all, you have to make sure that you don’t have any links or on your site. Even any hyper links.

    Once you are sure that there are no broken and in-fact mulware on your site. Then request google to re-crawl your site. You can do this by following steps here:

    http://stackoverflow.com/questions/9466360/how-to-request-google-to-re-crawl-my-website

    Secondly, also setup a 404 redirect to another page, specially home page. You can easily do this by using one of following two plugins:

    https://wordpress.org/plugins/all-404-redirect-to-homepage/

    https://wordpress.org/plugins/404-to-301/

    https://wordpress.org/plugins/404-redirected/

    Hope that helps! Feel free to post a reply if you need further assistance :slight_smile:

    Best Regards,

    Sajid – WPMU DEV Support

  • Peter Rowlands
    • Site Builder, Child of Zeus

    Hello Sajid,

    To some degree yes, part of the issue is the 404 pages that Google is indexing, but for the most part these can only been seen by typing in site:justaccounts.com

    The main issue is other (Japanese) sites generating random links to our domain. This causes Google to index these links, which therefore show up in the index.

    The high bounce rate will most likely be caused from people clicking these links on the 3rd party pages which are generating them, rather than on the Google indexed links.

    So my main issue here is that 3rd party pages are still generating links, if it is possible to put a stop to this that would be much more preferable as I wouldn’t have to worry about 404 pages then, because they wouldn’t be being generated and therefore indexed in the first place.

    In response to your suggestions, I have asked Google to fetch my site earlier in the week (Last week) already so we are sorted there and I will defiently look into installing one of the above plugins as they seem quite useful for now.

    But as I said my main issue is the 3rd party pages generating the links in the first place, so I would like to address this if possible please.

    Thanks for getting back to me! :slight_smile:

    Best Regards,

  • Nastia
    • Support Rock Star

    Hello Peter Rowlands

    I am sorry to hear about this.

    Your site might still be hacked because it still showing cloaking content on Google Search. It might contain malicious PHP files; please scan your site with Defender plugin, it detects any code or edited files that do not belong to WordPress installation.

    As for your main question, there is no way to stop 3rd party generating links to your site. But you can try to disavow backlinks. Please see here how to do it:

    https://support.google.com/webmasters/answer/2648487?hl=en

    Hope this will help!

    Cheers,

    Nastia

Thank NAME, for their help.

Let NAME know exactly why they deserved these points.

Gift a custom amount of points.