URL injection is quite a common type of hack where the attacker injects i.e. creates new pages on your website that are of course not validated by the owner. The goal in most cases is to redirect your website users to some other website and content or in an even more sinister scenario to steal your customer’s data with false webforms and payment pages.

The first step – recognising URL injections are present

This is quite a problematic thing as website owners very often will not pick up on this until someone else informs them. We have covered this topic in more detail in blog post Content injection and how to spot it where we have described a couple of methods on how to check for URL injection presence. Thing is, those URLs will not be present in your website’s dashboard, but will very much soil your web presence.

The second step – getting it cleaned

Getting your website cleaned i.e finding the root cause and also preventing this from happening again is critical. Thing is, that injected content will not be found as is, it will be well hidden, so go for this only if you feel that you have enough expertise when it comes to the type of website that has been affected by the hack.

An alternative that will long term save you time and money is to hire experts – and that is where we come in. In short, our team will clean up your site in no time and also place it behind our firewall that will prevent these kinds of scenarios from happening in the future. And latter is key – if the malware is only removed from the website this does not mean that the vulnerability that caused it in the first place has been removed. That is where the firewall comes in and takes care of it for you.

The third step – cleaning up your search presence

Unfortunately, cleaning up the site does not mean your web presence is clean as well. Your Google search results are likely to still appear infected for some time and if you were blacklisted it will also take a bit for it to be cleared.
One of the key things here is to check your robots.txt, website XML sitemap and Google Search console as hackers have possibly affected those as well. Make sure that your XML sitemap is fresh and listing the correct pages of the website. Robots.txt should also be reviewed to be sure that the relevant pages are not disallowed and vice versa.

On the Google Search console first check if there are no unknown owners/admins. Also, check your Coverage and if any Manual actions or Security issues are detected.
One thing that tends to worry the owners is the increase of 404 i.e. not found pages registered in the Search console after the cleanup. That is actually a good thing as it means Google has started recognizing the fact those pages (injected ones) no longer exist and will remove them from their search results. Therefore undertaking any steps to minimise the number of those 404s like manually removing them (this is just a temp solution) or getting those URLs 301 redirected to some other page will actually just prolong the situation.

Goole Search Console

Bear in mind that even with tackling those three elements of the site after the cleanup, it will take Google some time to fully clean your presence in their search results, but getting these three elements tackled does significantly speed up the whole process.

We Can Help Save Your Business

94%

SITE FIXED IN LESS THAN 1 HOUR

WordPress website defaced ? If we don’t fix a defaced website in less than 1 hour then we do it for FREE!. Luckily for us we are very good at fixing sites fast!