-
Website was hacked and hacker added custom sitemaps and thousands of pages, should I restore back before the day it happened?
Posted by on January 4, 2021 at 10:08 amWould restoring backup fix everything?
-
10 Replies
-
Yes, it will. You’ll also want remove the sitemap from GSC if it was added there and immediately request removals of any harmful pages. The rest can 404 and will be eventually unindexed.
-
Yes. Also try to fix whatever vulnerabilities you have so you don’t get hacked again. Passwords for FTP, SQL database connections, admin logins, check file and folder permissions, also update WordPress or Joomla plugins (or whatever you might have). I’ve also seen hacked templates and one time I went in circles restoring backups and getting hacked over and over again until I figured out it was from a template I chose to download from a sharing site instead of paying for it.
-
Yes back will sort this out…what a mess, sorry to hear this.
-
Quick question but how did you notice it was hacked?
-
Yes. It will be back to normal. But make sure to keep an eye on the search console.
* Change all the passwords:
* SQL
* WordPress
* CPanel
* FTPdon’t use the same passwords. Dashlane is the best solution for this.
-
>Would restoring backup fix everything?
Possibly, including also restoring the original issue that likely allowed entry in the first place. Sounds like you should get an audit done on the site. If the existing vulnerabilities aren’t fixed and the site cleared of all malware also, you’ll likely just have the same issue over and over.
-
Update: I restored the website from backup the original Rankmath sitemap works now have to set redirection for sitemap.xml to sitemap_index.xml few pages design has broken have to manage that
-
A lot of incorrect answers in this thread.
Restoring from a backup MAY remove everything. It also may not. The actual hack may have happened weeks or even months before that.
What it sounds like you have is a MySql injection. The hackers inject code into your database. If that code is still there, the pages will be recreated again in a few days, weeks, or months.
If it is a MySql injection, doing things like changing passwords on your hosting account and WordPress installation won’t help either. The code needs to be found and rooted out or it will just keep happening over and over.
-
Were the pages indexed by Google or did you catch it in time? Removing them from google as 404 might take some time. When I really wanted something out, I’d add a Noindex and submit so Google would visit the site right away. Then, 404.
But given the circumstances, removing is probably your best option right now.
-
Update: hack pages are gone from serp but are showing in valid coverage report, I am waiting for them to go away else would have to do something
Log in to reply.