Anyone who has had their website hacked (and knows about it) understands that pains that are required to clean up your site to remove the infection. Besides “clear-cut, black-hat webspam” the second largest category of spam that Google deals with consistently is that of hacked websites. I wrote a post a while ago detailing what to do if you site has been hacked and steps you can take to clean it up in this post:
https://beanstalkim.com/blog/2012/06/18/my-site-was-hacked-now-what-do-i-do/ (link no longer available)
https://beanstalkim.com/blog/2012/06/20/more-malicious-malware-maladies/ (link no longer available)
Many times, webmasters will resubmit their site after a malware attack to Google thinking that they have successfully purged the offending code from their site. Often the site is still infected with malware and is subsequently declined for reinclusion by Google.
Hackers will often let you think that you are seeing clean content on your site, but when a search engine, or a visitor from a search engine views the page, they see spammy content. This makes it decidedly more difficult to find and remove the hacked content, so the hacked content stays up on the site longer.
Following the steps outlined in our previous blog posts, will help you to clean up your site and to prepare it for review from Google. After you repair the damage, but before and are ready to resubmit it to Google, you should use the “Fetch as Google” tool.
This will allow you to view your site’s content as Google sees it. This can also be useful for troubleshooting issues that may be impeding your site from ranking. The information returned by the tool includes:
- http header response (404, 301, 500 etc)
- The date and time of your crawl request
- Your page HTML code
- The first 100kb of visible, index-able textual content
If your site has been hacked, the Fetch as Google tool can help you identify problematic pages. Let’s imagine that Bob, the administrator of www.example.com, is searching for his site in Google. He’s surprised to find that his site is appearing in search results for popular spam terms such as “Viagra”, especially when he can see that those terms don’t exist in the source code of his site pages. Fortunately his site is verified in Webmaster Tools, so he uses the Fetch as Google tool to understand exactly what it is that Google is seeing on his site. The tool displays the details and the content of the fetched page, in which he can clearly see the word “Viagra” and other spammy terms.
This can happen when a malicious hacker penetrates the security of a site and inserts undesirable content, disguising it so that it doesn’t appear to normal users, but only to Googlebot. Because the source code of the site appears normal to everybody except Googlebot, the problem is difficult to diagnose without the Fetch as Google tool.