Are your website search results showing Chinese or Japanese text? then your site has been hacked due to WordPress theme or Plugin security . If so, you may have been the target of the Japanese SEO Spam or Japanese Keyword Hack. There has Many website owners who have contacted us worried about this type of attack. To find out what is the exact issue and how to fix it, read on!
Reasons for the Japanese Keyword Hack
There could be many reasons for the appearance of Chinese or Japanese hack on your site. We have find out some actual issue for WordPress hacked website . The most common of them are:
1. Outdated CMS version
Outdated WordPress CMS is the number one reason why your website might have been hacked. Hackers often find out the WordPress theme and plugins vulnerabilities or loopholes present in software. Even though the WordPress officially release security patches regularly, web owners often ignore them and hold off on updates. These unpatched security loopholes become a important reason for the Japanese Keyword Hack later. We will recommend to keep up to date WordPress version to safe your site security.
2. Third-party Plugins
Most of the WordPress site hacked for using third-party Plugins. Not all plugins are enough secure, and surely not all are maintained & updated regularly. So, you should to check the plugins before installing them. It is also a good practice to limit the usage of third-party plugins for your website. If you are compelled to use one, make sure you check its latest update, reviews, and support. A plugin with bugs is another target for a Japanese Keyword Hack
3. Enabled Directory browsing
if your site has been Enabled Directory browsing allows a hacker to fetch the details of your directory by a simple online search. The results may be hazardous for your valuable website. They can, then, use this data to execute the Japanese keyword hack. So, always make sure to disable your directory browsing & specially check it for plugins.
3. Improper File Permissions
WordPress site File permissions are very important, as they specify who can read, write, and execute directory. Site having improper file permissions is another security hole. Generally, setting permissions of 644 for files and 755 for directories is considered best – as recommended by the WordPress Codex. Also, the recommended permission for sensitive files like the config.php file and contents folder, is 400/440.
Japanese Keyword Hack – Finding SEO Spam Results
1.Identify the infected pages using Google Search
You can see Japanese language in google search by searching for
site:[your site root URL] .
2. Verify-in Google Search Console
In your Google Search Console (earlier called Google Webmaster Tools), navigate to the Security Issues Tool in the left sidebar.
3. Check Sitemap for your website.
You can check your sitemap.xml to detect hacked website. you can find sitemap.xml file in your project root folder. hacker maybe injected some extra URL in your own website sitemap.
How To Fix Japanese Keyword Hack
1. Backup your site before cleaning
You can just take backup your project file with database before cleaning injected hacker code and inject file. And the event of any going wrong, you can restore this version. Make sure to take the backup file in a compressed format like a .zip file. zip backup will be easy to make process.
2. Remove any newly created user accounts in the Search Console
Check “Users and Property Owners” tab – this is the main point where you can find out if hackers have admin access to your site. If you don’t recognize any expected user or see suspicious activity, immediately revoke their access. Hackers add spammy Gmail accounts as admins so that they can change your site’s settings like sitemaps and geo-targeting.
Note: you can remove your site form google search console to until recover your website.
3. Run a Malware Scan
Scan your web server for malware and malicious files. You can use the ‘Virus Scanner’ tool in the cPanel provided by your web host
4. Check your .htaccess file
You can delete current .htaccess file and restore recent backup .htaccess file Hackers often use the
.htaccess file to redirect users & search engines to malicious pages. Verify the contents of the
.htaccess file from a last known clean version of your backups. If you find any suspicious code, comment it out by putting the ‘#’ character in front of the rule.
4. Check the recently modified files
Check your recently modified files from hosting. if you see any unrecognize file created your hosting then just delete theme from file. also delete theme from trash.
5. Replace the core files, plugin files & theme files
You can replace the hacker injected core files with the original versions of the same from WordPress.org. After downloading the fresh and updated versions of these files & directories, you can delete the older ones.
6. Check your sitemap
Just delete your current project sitemap and create new one. maybe there has many unrecognize file which has been added by hacker. that’s why you need to delete sitemap.xml file from hosting and don’t forget to clean trash directory form your hosting.