-
SEO rankings tanked after hack
Posted by on April 30, 2026 at 12:53 pmI made a post here a few weeks ago about how one of my sites got hacked, and the rankings tanks for all other pages as well on the same site.
I run a massive portfolio of sites, so I only picked up on this several days after the site in question got hacked because I don’t check every single one each day.
For context, the site has a landing page domain, and the web application itself, built with laravel was hosted separately on a subdomain.
The subdomain got hacked and all title tags and meta descriptions got changed to Thai gambling keywords, before they sent 1000s of bot clicks to those pages
All rankings tanked, including blog posts on the main domain.
One article in particular, was ranking #1 for a high volume keyword – 100k monthly clicks from this keyword alone.
Hacked content removed. As a matter of fact, I put the entire subdomain offline for a while.
A few weeks later….and my rankings have not improved at all.
What should I do?
-
1 Reply
-
[removed]
-
Why did you put the entire domain offline? that unnecessarily caused more issues. I believe right now, it would take some time as Google reevaluates. To speed up, you can get some links, add a couple of fresh content pieces to trigger freshness crawls.
-
nothing else you can do but wait, check all the settings, check robots to make sure it not blocked from crawling, check they have not added noindex tag on the pages in the html, as sometimes hackers change some code to stop site being re crawled to hide their hacks (This happened to me once btw, that’s how i know)
-
At that scale, I would treat this as a trust and quality reassessment issue, not just a cleanup task.
If the hacked pages were indexed and associated with spammy behavior, search engines may still be processing that history even after removal. Taking the subdomain offline helps, but it does not automatically restore confidence.
First thing I would verify is whether every compromised URL returns the correct status, whether spam pages are fully deindexed, and whether any residual internal links, sitemaps, or canonical signals still point to affected areas. Then check server logs and Search Console for crawl anomalies and manual action notices.
A reconsideration request only matters if there is a manual action. Otherwise recovery is algorithmic and can take time. In the meantime, strengthen site trust signals: fresh content updates, technical hygiene, structured internal linking, and security hardening.
The bigger issue is that a subdomain compromise can bleed perceived site quality into the root domain, especially if they are closely associated. Recovery often happens gradually, not all at once. I would focus less on waiting and more on proving stability over the next crawl cycles.
Log in to reply.