What can be the worst scenario you can think of if your website is under attack? Data breach, inaccessibility to the website, unwanted content on your website, etc. What if you search for your website on Google, it fetches results in the Japanese language, but you are using English?
It is time to worry about your website, as it is under attack. It is the Japanese Keyword Hack or the Japanese SEO Spam. It displays the title and description of the website in the Japanese language in google search for all the infected websites.
What is the Japanese Keyword Hack?
The Japanese keyword hack is a black-hat SEO technique that the hackers use to hamper WordPress, Joomla, Magento, or Opencart. It degrades the SEO ranking of a website in a brief period putting all the efforts and hard work to waste.
The hackers also insert links into websites bearing their affiliate IDs. When a user clicks on these hidden links and makes a purchase, the attackers earn money via your website. These links often connect to malicious websites, spam links, or phishing websites with an intent to harm your system with unwanted files like viruses or worms.
How to check if the Japanese Keyword Hack affecting your website?
Check the Search Engine Results
Once you search for your website on a search engine, the title and description would be written in the Japanese language if the website is infected. It is the easiest way to identify the hack.
It is an excellent tool to recognize the source of the Japanese keyword hack to look for public-facing pages and files in the database that are not openly visible. It is a simple process where you can enter the web address and let the scanner do its job.
URL cloaking misleadingly uses the website domain. The visitors see an error page once they click the infected link, but the search engine reads the Japanese characters inserted between the contents. It shows two versions of the same page, a blank page to visitors and one filled with Japanese keywords to the search engines.
Fixing the Japanese Keyword Hack
It can be very tricky to detect the Japanese keyword hack because the hackers disguise the spam links on the website. Following a small set of procedures can help to get rid of the Japanese keyword hack. Follow the given steps:
Backup your website data
It is always good to create a backup by keeping an offline copy of all the data before restoring your website to keep it safe. The better way is to create a backup for the complete website. One can back up the files either locally or on the server. If you are using a Content Management System, do not forget to back up your databases as well.
Remove new accounts created from Search Console
Newly created accounts can be a reason for this hack. If any unrecognized account has been added to your Search Console account, abolish all their resource access at the earliest. The authorization of accounts can be checked if verified or not by clicking the “Verification Details” on the Search Console verification page. You will also require to remove the associated verification token for the accounts that are usually an HTML or a dynamically created .htaccess file copying an HTML file.
Check the .htaccess file.
Hackers also make use of .htaccess rules to redirect the visitors or generate malicious pages. The best way is to replace the .htaccess file with a newly created copy.
- Please find all the .htaccess files on your website and make a list of all of them.
- Replace all the old .htaccess files with a newly created copy. If you never had one, the attacker has planted the one present on your website. Delete this file at the earliest.
Remove malicious files and scripts
This is a time-consuming and tricky process to identify the hidden spam files present on the website. Take the appropriate time to check all the files, and don’t forget to have a backup of all the data.
- Reinstall all the default files that come in the default distribution of your CMS along with themes, modules, plugins, etc., to ensure they are free of hacked content.
- Check your sitemap file for any suspicious links and remove them from it. Double-check for any unwanted files present and remove them if they contain spam links.
- Find if you are left with any other harmful files and create a list of suspicious PHP files you want to check. Sort these files in the order of date, size one after another, and find the recently modified files or the files with immense size.
- Scan through these malicious files and find the unwanted piece of code that might be filled in one single line in the form of messy characters and remove it. You can use free website malware scanners to scan your site from malware too.
Check if the website is clean
Once you have followed all the steps appropriately, now is the time to check if the website is clean or not. If you find the “Not Found” page after using the Fetch as Google tool on your website again, your website is healthy now and free of the hack. Congratulations, you have successfully restored your website. In case the problem persists, Astra Security is always available to help you secure your website.
It is difficult for an ordinary person to understand the impact of a hacker’s cyber-attack, but the consequences can be non-compensable. It is helpful to hire a website update service to take care of the installation of security patches in your website to prevent these types of attacks.
Do not take any such suspicious activities lightly, and take the mandatory remedies immediately to safeguard and protect your website from external threats. The manual processes might be troublesome to perform; thus cybersecurity experts come into the role to help you resolve all your potential vulnerabilities to keep your website running smoothly.