May 23, 2016 7:25 AM / by Joshua Ballard
Checking Your Google Search Console
One of the first things that you will need to do after you sound the alarm, is to log into your Google Search Console.
If you do not know what Google Search Console is, there is one of two options here.
One, someone else on your team will have access.
Two, you have never set up Google Search Console.
The people most likely to have access to the Google Search Console are:
- Whoever built the website
- Your SEO supplier
- Your boss or other colleagues
You will need to check if there is anyone who already has access to the search console.
There is every chance that someone will already be in there due to the fact that you raised the alarm.
If you find the person who has access to Google Search Console, then you can request that they share access with you.
If you discover that no one has previously set up Google Search Console, then you can find detailed instructions from Google here.
Google will be able to step you through the processes, it involves registering for Search Console, as well as a verification process in which you show Google that it is in fact your website.
Note: there is a chance that the hacker will have registered Google Search Console for your website and adversely affected your site. Google will be able to help you through this process, and more information can be found in the Google Support for Hacked Websites tutorials.
Checking your Google Search Console for Security Issues
Within the search console there is a tab down the left hand side marked “security issues”.
This is the area of the console that Google will communicate with you about why they think your site may be hacked, and what they think you need to pay attention to.
Once again, Google provides some great tutorials that you will be able to use to help you through this process.
This is also the place where you will be able to resubmit your site to Google once you have cleaned it up.
Resubmitting the site shows Google that the hack has been dealt with, and it should stop placing the warning message within the SERP results.
What if Your Google Search Console Does not Display any Security Issues?
This was the scenario that I faced when I was first hacked.
I accessed the resource material provided by Google, found it to be quite a bit over my head in a few places, but understood that one of the first things I needed to do was to check the security issues tab in my Google Search Console.
I went ahead and logged in, only to find the security issues panel looking like this:
This was perhaps one of the most frustrating experiences of my life.
Google was publicly displaying a warning to all potential site visitors that the website I was working on “may be hacked”, yet not telling me anywhere within search console that they thought my site had been hacked.
Furthermore, I knew from the Google tutorials I had already watched, that a huge portion of the clean up process would be assisted by the information that they were going to give me from within the security issues tab.
Later, after we had cleaned up the site and gotten the hackers out, we realized that the problem was even further compounded, due to the fact that we did not have access to a ‘resubmit button’ to let Google know that we had fixed the problem and that they should stop warning people that we may have been hacked.
All I can say, is that part of the reason I wrote this page, is because finding that security issues tab empty made me feel even more alone and exposed than I had previously.
Never the less, with or without the direct help from Google, you can certainly get the site fixed up and have the message removed from the SERP.
Rather than using the resubmit button within the console, I simply resubmitted the site map, and asked Google to fetch and render the site again.
Who knows if this is the appropriate action, but I do know that the warning message did not stick around long after that.