Are your website search results showing Chinese or Japanese text? then your site has been hacked due to WordPress theme or Plugin security. If so, you may have been the target of the Japanese SEO Spam or Japanese Keyword Hack. There have Many website owners who have contacted us worried about this type of attack. To find out what is the exact issue and how to fix it, read on!
Reasons for the Japanese Keyword Hack
There could be many reasons for the appearance of Chinese or Japanese hacks on your site. A hacker first do WordPress sitemap hack and set their own URL into the sitemap. We have found out some actual issues for the WordPress hacked website. The most common of them are:
1. Outdated CMS version
Outdated WordPress CMS is the number one reason why your website might have been hacked. Hackers often find out the WordPress theme and plugins vulnerabilities or loopholes present in the software. Even though WordPress officially releases security patches regularly, web owners often ignore them and hold off on updates. These unpatched security loopholes become an important reason for the Japanese Keyword Hack later. We will recommend to keep up to date WordPress versions to save your site security.
2. Third-party Plugins
Most of the WordPress sites were hacked for using third-party Plugins. Not all plugins are enough secure, and surely not all are maintained & updated regularly. So, you should check the plugins before installing them. It is also a good practice to limit the usage of third-party plugins for your website. If you are compelled to use one, make sure you check its latest update, reviews, and support. A plugin with bugs is another target for a Japanese Keyword Hack
3. Enabled Directory browsing
if your site has been Enabled Directory browsing allows a hacker to fetch the details of your directory by a simple online search. The results may be hazardous for your valuable website. They can, then, use this data to execute the Japanese keyword hack. So, always make sure to disable your directory browsing & especially check it for plugins.
3. Improper File Permissions
WordPress site File permissions are very important, as they specify who can read, write, and execute the directory. A site having improper file permissions is another security hole. Generally, setting permissions of 644 for files and 755 for directories is considered best – as recommended by the WordPress Codex. Also, the recommended permission for sensitive files like the config.php file and contents folder is 400/440.
Japanese Keyword Hack – Finding SEO Spam Results
1.Identify the infected pages using Google Search
You can see the Japanese language in google search by searching for
site:[your site root URL] .
2. Verify-in Google Search Console
In your Google Search Console (earlier called Google Webmaster Tools), navigate to the Security Issues Tool in the left sidebar.
3. Check Sitemap for your website.
You can check your sitemap.xml to detect hacked websites. you can find the sitemap.xml file in your project root folder. a hacker may be injected some extra URL in your own website sitemap.
How To Fix Japanese Keyword Hack
1. Backup your site before cleaning
You can just take a backup of your project file with the database before cleaning injected hacker code and injecting the file. And the event of any going wrong, you can restore this version. Make sure to take the backup file in a compressed format like a .zip file. zip backup will be easy to make process.
2. Remove any newly created user accounts in the Search Console
Check the “Users and Property Owners” tab – this is the main point where you can find out if hackers have admin access to your site. If you don’t recognize any expected user or see suspicious activity, immediately revoke their access. Hackers add spammy Gmail accounts as admins so that they can change your site’s settings like sitemaps and geo-targeting.
Note: you can remove your site from the google search console until recovering your website.
3. Run a Malware Scan
Scan your web server for malware and malicious files. You can use the ‘Virus Scanner’ tool in the cPanel provided by your web host
4. Check your .htaccess file
You can delete current .htaccess file and restore recent backup .htaccess file Hackers often use the
.htaccess file to redirect users & search engines to malicious pages. Verify the contents of the
.htaccess file from the last known clean version of your backups. If you find any suspicious code, comment it out by putting the ‘#’ character in front of the rule.
4. Check the recently modified files
Check your recently modified files from hosting. if you see any unrecognized files created by your hosting then just delete them from the file. also, delete the theme from the trash.
5. Replace the core files, plugin files & theme files
You can replace the hacker-injected core files with the original versions of the same from WordPress.org. After downloading the fresh and updated versions of these files & directories, you can delete the older ones.
6. Check your sitemap
Just delete your current project sitemap to recover a hacked WordPress site and create a new one. maybe there has many unrecognize file which has been added by a hacker. that’s why you need to delete the sitemap.xml file from hosting and don’t forget to clean the trash directory from your hosting.
Still need any help ?
Hi, My name is Shamim. I am a freelance PHP developer in Bangladesh. I have been working as a freelance developer since 2014. I am a passionate and creative web development person. As a senior level, I focus on your requirements in detail and deliver high-quality work on your budget.
2 thoughts on “How to Clean & Recover a Hacked WordPress Site”
Informative Post.Thanks for sharing..
Thank you very much.