Recovery After A Hack - No Manual Action Notice
-
Hi Guys,
I am helping out an agency who have had a couple of site hacked on their server. I can confirm by correlating increase in not found errors and drop in rankings, that the drop was definitely hack based although the site had no manual action notice from Google.
The site looks to have been fixed i.e all not found pages look to have been sorted. Obviously there are some dodgy backlinks to now non existant pages but it looks like two months on no sign of a recovery. Is this normal?, Could the site still be hacked and the web designer is claming it has been cleaned up?
I am used to dealing with hacked sites when there has been a manual action listed and then it's quite easy to complete the clean up work, submit a reconsideration and then get the manual action revoked but when you don't receieve a manual notification and the site doesn't recover, what do you do?
Kind Regards
Neil
-
Hi there.
So, you say that website has been penalized due to being hacked, even though there is no manual action, no "this site may be hacked" under your domain in SERPs, and you base your decision on 404s and drop in rankings. Or, to rephrase, you explain drop in rankings by website being hacked, even though there is no proof of it. Hmmm... Still doesn't sound suspicious?
How about website's SEO? UX/UI? Crawlability? Your industry trend? Competitiors' SEO improvement? Your backlink profile? There are sooooo many other reasons rankings can be dropping besides website being hacked. Are all these things I listed in perfect shape?
-
This post is deleted! -
Hi Neil,
I quite like Sucuri as a tool for monitoring a website as to whether or not it has been blacklisted by any of the malware/hacked tools. I don't know this to be fact, but my professional observation is that even if a manual action has not been placed by Google but those other web sources say "We don't trust this site" then that can have a negative impact on that site's rankings even though Google hasn't reviewed it manually.
We've had sites that were repaired also stay on one platform or another's blacklist for weeks after the problem was removed just based on how those tools work, some may require clean scans for two weeks, for example, before fully signing off that the site has been repaired and that the malware or whatever won't just pop back up due to poor server security.
I would check out those sources first, make sure you don't see a blacklist by any of those big security companies, and then work on disavowing any of the bad links to the now deleted pages, and making sure you clean up your indexation so any 404'd pages are properly forwarded and the sitemap is cleaned back up so as not to be throwing errors.
A little spring cleaning after those types of issues goes along way, especially if you're 100% sure you aren't blacklisted by any of the website scanning tools. I wish we knew exactly how they interfaced with Google, or how much weight they gave, but I have observed what you are describing and found that it wasn't Google's shit list but say Norton has the site flagged and Google doesn't, it's a pretty safe bet that Google at least knows about it and they become a little wary.
Hope this helped! Cheers.
-
07124
-
04167
-
0296
-
0464
-
02126
-
02185
-
04227
-
02438
