Got Hacked? Google Outlines 8 Steps to Help Recover Your Site [VIDEO]


If you own a website and see any of the following warnings…

Webmasters help for hacked sites – Google

Unfortunately, your site has probably been hacked!

Cybercriminals constantly attack thousands of websites each day. These hacks are often times invisible to users, but can become extremely dangerous to potentially anyone viewing the site including the owner. Hackers can infect sites with harmful code that can do a number of malicious activities like record keystrokes to steal login credentials for online banking and financial transactions.

So what do you do if your site has been hacked?

Well, fortunately for you, Google has launched a special page initiative and series of tutorials to help guide webmasters through a hack. The Webmasters help for hacked sites outlines the following 8 steps to take along the path to recovery:

Step 1: Watch the overview

In the first series of Help for hacked sites: Overview, Google explains how and why sites are hacked, and the process to go through to recover a site and remove the user-facing warning label. Hackers find ways into sites by exploiting small vulnerabilities in the design. Once they’ve entered a site and can gain admin control, they can easily insert spammy text or other malicious code. Some of the more common ways hackers exploit sites is through older and out-of-date software and by stealing login credentials. Depending on your knowledge of web design and programming, Google suggests you either do it yourself (if experienced enough) or look to get help from web security specialists (which the video series can help you determine).


Step 2: Contact your hoster and build a support team

In the event of a hack, contact your hosting provider and let them know of the compromise to allow you to gain control back over your server. Depending on your technical acumen, you may need to enlist the help of a security specialist to help you recover your site. Some great resources for hacked websites can be found in Google’s Webmaster tools and at


Step 3: Quarantine your site

Next you’ll want to prevent cybercriminals from causing any further damage to your site and/or audience. Take your site offline as soon as possible to try and complete some important admin tasks with less interference from the hacker. Then perform a thorough user check to see if any new accounts were created or compromised. Finally change the passwords for all site users.


Step 4: Touch base with Webmaster Tools

Make sure to verify ownership of your site with Google Webmaster Tools to read any potential critical messages from Google to help you in the next step of the recovery process. It’s best you do this now before your site gets hacked really. Once verified though, check to see the hacker didn’t make unwanted changes in your webmaster settings. Ultimately Google’s message should help you determine whether your site has been hacked with spam or malware.


Step 5: Assess the Damage: Have you been hacked with spam, malware or both?

Once you determined the extent of the damage, make a list of all the affected files and try and determine what the intent of the hacker was. Google has two detailed courses of action to take in the instances of spam and malware attacks.

Spam attacks

Malware attacks


Step 6: Identify the vulnerability

What was the root cause of the vulnerability that allowed the hacker into your site? The problem is this isn’t an easy question to answer, as there could be multiple subtle flaws in your site that could be exploited. Google covers a few potential vulnerabilities to investigate which include virus-infected administrator systems, weak or reused passwords, out-of-date software and permissive coding practices like open redirects and SQL injections.


Step 7: Clean and maintain your site

Now you want to restore the good content, eliminate any infected files, patch the vulnerabilty and make a better plan to maintain the security of your site. Consider expediting the removal of any new URLs created by the hacker or phishing pages. Clean up your servers and restore your backup files. Eliminate any unnecessary software and double-check that the cleanup process has been thoroughly completed. Once this has all been taken care of, you are ready to bring your site back online!


Step 8: Request a review

The final step is to request a review with Google to remove the flag warning users headed to your site. Follow the appropriate steps given the type of hack recovered from:
Report Incorrect Phishing Warning

So have you ever been hacked? Did you find these new tutorial videos by Google to be useful?

Sonali Singh
Wonderful Information, This Article would have helped me a lot if i saw this article before few days. It is my bad luck i just saw this article. because My website got hacked last week, and it was such a mess. I had 10 other websites hosted on my same FTP server, and they were all being redirected to some weird website I worked on it for probably 4 days. am not able to fix it. Then i started looking for professional help. I found a website called and worked with their technicians. They had my sites completely fixed, up and running in a day. The whole thing costs very less, I’d recommend them to anyone.
WG Greiner
see dali48 and being hacked etc...
Can Kapikiran
Good article & information! Thanks for that!
Chris Inman
excellent videos
Michael Kornowski
welll some (partially) really good information from google...however also a big advertising for google...e.g. I would recommend an intrusion detection system rather than creating a webmasters account...
Daniel Zeevi
Well Google webmaster accounts provide a lot of other key features for site owners, beyond security concerns...
Michael Kornowski
no doubt webmastertool provide really good tools to get hints about a lot of things...this I agree 100%.
Vince Perriello
Good information, thank you!
Liz Pullen
This is very useful information! Thanks for collecting it in one spot.
Daniel Zeevi
Thanks Liz, I'm glad you found this useful :)
Crop & Save