Google can't crawl sitemap after Japanese hack

chipsie1102

Regular Member
Joined
Sep 24, 2019
Messages
230
Reaction score
115
It's not too unusual to have multiple htaccess files for a website, especially if you're running a multi-site, but that many and it looks like they're just spammed in every directory.. doesn't look right at all.
You might also want to check your GSC access settings/users - did the hackers add any new accounts to your Search Console properties? Apparently this was a common thing for the Japanese keyword hack, and it was done by creating new htaccess files for verification tokens which may be why you have so many of them.
 

BlackFawkes

Regular Member
Joined
Jun 24, 2015
Messages
272
Reaction score
79
Th
It's not too unusual to have multiple htaccess files for a website, especially if you're running a multi-site, but that many and it looks like they're just spammed in every directory.. doesn't look right at all.
You might also want to check your GSC access settings/users - did the hackers add any new accounts to your Search Console properties? Apparently this was a common thing for the Japanese keyword hack, and it was done by creating new htaccess files for verification tokens which may be why you have so many of them.

Thanks for you answer.

And I didn't even screen everything....


Search console is fine. No new accounts.

I don't know where to look at anymore thb.
 

BlackFawkes

Regular Member
Joined
Jun 24, 2015
Messages
272
Reaction score
79
open your website as domain.com/sitemap and if a sitemap opens up with 403 error and a bunch of Japanese URLs. You still have to remove the malware and reset all the cron jobs if fixed, a normal sitemap should open up with your urls.

Doesn't open, but this isn't the usual adress to check the sitemap (even on the old website).
 

bartosimpsonio

Jr. Executive VIP
Jr. VIP
Joined
Mar 21, 2013
Messages
20,567
Reaction score
24,876
Website
www.theonion.com
Thank you for your reply. I'm also pretty sure something is still here bugging around. I'll check if we can get an older version of the website (probably not haha)

The only way I found to fix hacks is start with a clean install and clean database. Export the XML to a file, then clean that file up looking for weird codes in the database. Then reimport.

It's gonna cause some downtime but it's the only way to fully clean, otherwise the hacker has backdoor stuff and they can come back.
 

ishabri

Newbie
Joined
Sep 25, 2020
Messages
5
Reaction score
2
Do you get tips to solve this? I have same issue starting from a month ago and I have no idea what should I do, planning to move my wordpress site to blogger for a while
 
Top