Hey fellow BHW members, a client that I have not worked with in a while contacted me to help him with some items. His site was hacked and all his serps are showing pharmaceutical and viagra/cialis crap. I have a few questions for anyone with knowledge on this subject: 1. What is the first step to cleaning this site ( site is php non wp ) 2. Should I resubmit to google search console? 3. Recrawl site? thank you for your input I really appreciate it!
Find out what went wrong first - look through the php files and find out where the security flaw was, or pay someone to audit the site. If it's built on a framework or cms update it, if it's home made then consider moving to WP. Change all your passwords (ftp, etc). Delete all those spam pages. Inform google via wmt that those pages are crap. Monitor closely.
Thank you davids355 my programmer is looking into it I just gave them the FTP and cpanel information. I find it a bit odd that it happened like this. Could this also be a negative SEO attack by my clients competitors? is there any way to tell or look for footprints?
I guess its possible, but who cares - if your site is fully patched etc then its not something you'd have to worry about either way.
I had the same problem with Wordpress. The malicious code was inserted via sql injection from the akismet plugin. I had to delete the plugin, and remove some malicious code from the database. Then I made a backup of the database and deleted all files on the hosting. After that I made a clean wordpress install and restored the database. It took about 1 month or more to recover on the serp.