Table of Contents [TOC]
- Japanese Keyword Hack
- 📥 What is Japanese SEO Spam in WordPress
- 📥 How to identify the Japanese keywords hack?
- 📥 How To Fix Japanese Keyword Hack in WordPress?
- Remove All Malicious Files and Scripts
- 📥 How to Remove Japanese SEO Spam URLs from Google results?
- Like this:
📥 What is Japanese SEO Spam in WordPress
Japanese keyword hack, also known as Japanese SEO Spam, Japanese Search Spam or the Japanese Symbol Spam can be devastating to see on your WordPress website. Certain WP websites complain of being affected by this type of search spam that results in the appearance of hacked pages with a different page title and content. The Google search results will display the infected pages/Urls with Japanese characters.
Content Management System (CMS) based websites like WordPress, OpenCart, Drupal or Magento, when hacked, result in the creation of new spammy japanese keyword stuffed pages (usually seen on index.php, tags & category URLs). These infected pages contain affiliate links to stores that sell counterfeit brand merchandise. The hackers generate revenue from these outbound links inserted in your website page.
📥 How to identify the Japanese keywords hack?
Japanese Keyword Hack is a type of hack that majorly affects the core files and the database of the website. To surf through each file to detect the hack is a tiresome process. You may follow three different approaches to detect if your website has been infected with this type of hack. Below mentioned are the ways to check this hack:
Run a security scan:
To start with you can run a security scan here
Using Google Search to identify hacked pages
Google search can be the initial step towards identifying the infected pages in the WorPress website. To discover these pages, open the google search and type in: site:[your site root URL]
Google will display all of the indexed website pages, including the ones that have been hacked. Navigate through the search results and check for any suspicious looking URLs. In case you find any of your website with the titles or descriptions in Japanese characters, it is possible that the site has been infected.
However, if Google search doesn’t provide any such hacked content, try a different search engine with the same key terms. There may be a possibility that other search engines display the infected content/URLs that have been removed from the Google index.
Using Google Search Console to detect the hacked content
Google advice webmasters to register their websites with Search Console to receive timely notifications in case of hacking. To look for the hacked pages, go to Search Console> Security Issue tool. The tool will verify if any of the hacked pages have been indexed by Google.
Use Fetch as Google to detect Cloaking
Cloaking is a common technique implemented by the hackers to display different URLs or content to the users and search engines than they expected. The site owner may be tricked and shown an empty or HTTP 404 page error whereas the site may be still hacked. The Fetch as Google tool in your Google Search Console must be used to check for cloaking. The tool will help see the underlying hidden content.
📥 How To Fix Japanese Keyword Hack in WordPress?
- Before you start, it is essential that the infected website is temporarily put offline. This will provide you with a time to remove the hack and also prevent the users from visiting the hacked pages.
- Additionally, take a backup of the core files and the database of the website before making any alterations to them. The backup would also contain the hacked pages and must be referred to only in case the necessary content is accidentally removed.
- Keep a copy of all the files that you work with.
In order to fix Japanese seo spam from WordPress site simply follow these steps.
- Remove newly created accounts from Search Console
- Check your .htaccess file
- Use Fetch as Google Tool
- Remove All Malicious Files and Scripts
- Check Recently Modified Files
- Check your Sitemap
- Run a Malware Scan using WP Hacked Help
- Create list of infected URLs
- Submit to remove URL tool in search console
For more details, see below:
Remove suspicious-newly created accounts from Search Console
Hackers more often use a common way of adding spammy Gmail accounts as admins to make changes in the settings of your website. Check for your Search Console account and find the new users that have been added.
If you don’t recognize any of the user, immediately revoke their access to the website. To confirm the legitimacy of a user, visit the Search Console verification page that will provide you with a list of verified users for the website. By clicking on Verification Details, you can view all the users that are verified for the website.
To permanently delete a user from the Search Console, you can refer to the Remove Owner section of the Managing users, owners, and permissions Help Center. The user can be successfully deleted only after removing the associated verification token.
For example, this was found in a template of one spammy doorway generator:
<meta name="verify-v1" content="JxC+bn8NTCEfKZIdusC9WQELc8FEwbi8p32wf9q0QGA=">
This line of code allows hackers to verify site ownership of compromised sites. Keep a close eye on Malicious Google Search Console Verifications
Check your .htaccess file
The attackers use a .htaccess file to create dynamically generated verification tokens in order to create spammy accounts in Search Console. In addition, this file is commonly used to trick the users, search engines and redirect them to the malicious pages.
Find the .htaccess file on your site by searching for .htaccess file location in a search engine along with the name of your CMS. From the search results, make a list of all the obtained file locations. Replace all of these .htaccess files with a default version of the .htaccess file.
Steps To Replace Infected .htaccess.
You can consider replacing your .htaccess with a entirely new copy. Hackers often use htaccess and create dynamically generated verification tokens to redirect users in case where a wordpress site is being redirected to another site or creating gibberish spammy pages(tags/categories) with viagra etc in urls.
- Locate your .htaccess file in WordPress / search for “.htaccess file location”
- Make sure to unhide hidden .htaccess files
- If, you have 1 or more .htaccess files
- Make a list of all of .htaccess file locations.
- Replace all .htaccess files with a clean or default version of the .htaccess file.
- For multi-sites with multiple .htaccess files, find a clean version of each one and replace.
- In case of default .htaccess file it might probably be infected
- Save a copy of the .htaccess file
- delete the infected .htaccess file from your site.
Remove All Malicious Files and Scripts
- Reinstalling CMS files: For a CMS based website, ensure to reinstall all the core files to clear any hacked content. However, ensure to keep a backup of all the files prior to the re-installation as the process will result in the loss of any customization that have been made in the files. Also, reinstall files for any plugins, modules, extensions or themes used in the site.
- It is likely that most of the affected files would have been detected using the methods discussed so far. However, it is necessary that you look for the recently modified files and the sitemap before coming to a conclusion.
Check Recently Modified Files
To search for the most recently modified files, use SSH to login to your web server account and then execute the following command:
find/path-of-www -type f -printf ‘%TY-%Tm-%Td %TT %p\n’ | sort -r
Navigate through the files and see if you find any doubtful changes made to the code. If so, replace the files with the clean backup version of it.
Check Your Sitemap
It is likely that a hacker adds a new sitemap so that the Japanese SEO Spam pages are indexed quickly. Check your sitemap for suspicious links and if detected, ensure to immediately update your core files with a clean backup version.
Run a Malware Scan
Your web server may be infected with malware and malicious files. It is recommended you scan the server to detect any suspicious files and virus. Check for the Virus Scanner tool in the cPanel provided by the web host.
- Scan your website using WPHackedHelp
Having listed an array of methods requiring technical expertise, let’s consider an approach that is way smarter, consumes less time and takes the burden off your shoulders. WP Hacked Help deploys a systematic plan to clean up your WordPress website. The site is thoroughly scanned and the detected flaws are dealt by an expert team to provide you with a website free of malicious codes. Within a short span of time, your website will be live up again, running efficiently like before.
- Check the website in Google once cleaned
It is necessary that you ensure the website is no longer affected by any hacked content. Make your website live and use Fetch as Google tool to detect if any infected URLs/ content is not removed.
The advice presented above is can effectively help you bring your site back to “normal” again. However, once the website is clean, implement security tips to prevent the site from similar attacks in the future.
📥 How to Remove Japanese SEO Spam URLs from Google results?
Once you have cleaned up your website make sure to resubmit your website in new google search console via new URL inspection option in updated search console version or open https://search.google.com/search-console/inspect?resource_id=https://xyz.com .
>>You can also manually submit your spammy urls which have been rendering 404 after you have cleaned up your website, via Remove URL option in search console. This will remove your website which was showing spam content from google search results.
>>Check your robots.txt file, make sure to block tags/category pages from googlebot. Update robots.txt in search console too.
>>Then, Go to Old search console interface and select REMOVE URL option as seen in image below. This may be time consuming.It may take 1 week for google to completely remove your Japanese language seo spam pages from search results.
Feel free to request a quote from us for the removal of the Japanese SEO Spam from your WordPress site. If you want us to do this entire cleanup process, you can get in touch with us HERE.
For Your Reference : (Visual Step by Step Guide)