A hacked content message via Google Search Console

A client had a random forgotten about WordPress install get hacked this past week. I have personally worked with hacked sites 10 times so far this year. The hacks come from weak passwords or more often outdated WordPress installs or vulnerable plugins. WordPress is kind of like Windows. It works great but you have to update it and keep it secure.

Anyways if you receive a message from Google which says “Hacked Content Detected” you need to clean it up as quickly as possible. The message Google sends out looks like this:

Hacked Content detected on http://**********.com

To: Webmaster of http://***********.com/,

Google has detected that your site has been hacked by a third party who created malicious content on some of your pages. This critical issue utilizes your site’s reputation to show potential visitors unexpected or harmful content on your site or in search results. It also lowers the quality of results for Google Search users. Therefore, we have applied a manual action to your site that will warn users of hacked content when your site appears in search results. To remove this warning, clean up the hacked content, and file a reconsideration request. After we determine that your site no longer has hacked content, we will remove this manual action.

Following are one or more example URLs where we found pages that have been compromised. Review them to gain a better sense of where this hacked content appears. The list is not exhaustive.

Removing hacked content

To get WordPress fixed it is easiest to hire a pro. I’ve done this a few times but these days I just reach out to someone who does it all day long. If you need a reference email me and I’ll connect you with someone who can fix up your site for around $300.

Will this hurt SEO?

Google and even Bing and the others understand that you’re the victim here. If you quickly get the site repaired you can easily tell the search engines that it is fixed. In every instance I’ve seen rankings returned to where they were previously.

  1. Have a hacked site by a third party but can’t find the third party page anywhere (or anything else for that matter) – need some help with this

    • Yikes. Your site has spam injected into it. Additionally, it is hacked, has malware installed on it, and is even blacklisted by Norton Safe Web. I’ll email you in a minute.

      To find the spam pages just type this in to google:
      That will list ALL of the pages Google has indexed off of your website. Just replace “yourdomain.com” with your domain name, like telapost.com.

  2. Hi there. I ran into your posting about what to do when Google detects hacked content on your site. In my case, there’s actually no hacked content on my site. It seems what Google is calling hacked content is an iframe on the page from another domain, which is actually part of my site’s feature. Once I’ve removed this, do you have any idea how to get back up in ranking?

    • Did you tell them it is resolved in search console?

      If so, they should remove any “hacked content warnings” or add you back into search results in just a day or two… In most cases anyways..

Leave a Reply