How to identify hacker activity on the site, eliminate its consequences and defend against intruders

Level of training webmaster: for all

In the Google search results, a message appears under the address of the web page that was allegedly subjected to a hacker attack. Perhaps you do not think that your site can be hacked, but this is quite common. Hackers attack a variety of resources, hoping to undermine their reputation or seize personal data of users.
Having gained access to the site, an attacker can change its content, for example, add spam pages. They are used for a variety of purposes, including redirecting to unwanted and malicious resources. Recently, there are often cases when a visitor of a hacked site opens a page simulating a site for downloading content.
If you find that your resource is hacked, it is important to understand why this happened and fix the problem as soon as possible. Below we talk about how webmasters can protect site visitors from spam and malware.

Three tips to help identify hacker activity on your site

• Track suspicious URLs and directories

Use the site: URL_ your_site command in Google Search, for example site: example.com. It allows you to discover pages and directories on your site that you have not created. Perform such checks regularly and as often as possible.
In addition, you can set up Google alerts for your site. For example, if you specify the option site: example.com (download | free | watch | online), the system will check if there are any such words on your pages, and upon detection will inform you about it by e-mail.

• Track suspicious requests with Webmaster Tools

On the Search Queries page, you can find out which keywords in Google users offer content from your site. Unusual or irrelevant options on this list may indicate that your site has been hacked.
Check carefully if there are any requests in other languages: this can also mean that your site has spam pages.

Requests for an English-language site that hosts spam pages in Russian

• Get webmaster tools alerts to your email address.

If your site has been attacked, Google will let you know. Such alerts are displayed on the “All Messages” page in your Webmaster Tools account, but we also recommend setting up their forwarding to your email address . And although Google doesn’t recognize all types of inappropriate content, in most cases this precaution will help you know about hacking in time.

How to eliminate the effects of hacking and secure your site

• Stay alert

The Security Problems section of the Webmaster Tools provides information on which pages of your site have been hacked, and also offers detailed troubleshooting tips . Carefully study these materials in order to immediately take the necessary measures in case of a hack.
')

• Protect your site from possible attacks

It is better to prevent malicious activity than to eliminate its consequences. When hacking a site, hackers often exploit vulnerabilities in content management systems. Here are some tips to help protect you from intruders:

1. Regularly update your content management application.
2. If your system provides security alerts, subscribe to it.
3. If you want to use the site management software provided by your provider, choose a reliable service provider.

We hope that these recommendations will help you maintain the security of the site at a high level. If you have questions, ask them in the comments to this article or search for an answer in the Google Webmaster Help Forum .
If you find suspicious sites in Google search results, tell us about them with this tool .