Among Google’s website ranking factors, website security is an important one. Google boosts the ranking of secure websites and if your website is hacked, your rankings will drop. The same is the case for your WordPress sites. As many of you must have experienced, it is not easy to earn rankings; it can sometimes take up to six months or more to see improvements from strategic SEO investments.
When your website is hacked, your click-thru rate, i.e. the number of times your search engine listing is clicked divided by the number if times it is displayed, decreases drastically. This number is also known as impressions.
Google sends its crawler bots that scan for phishing mechanisms, malware, unwanted software, and anything that is against its policies, to search for compromised websites and lists hundreds of thousands of websites as hacked every day. Examples of the messages that appear in the search engine results just below the links of the compromised sites are “This site may be hacked.”, “This site may harm your computer.” “This site contains malware.”, or “Deceptive site ahead.”. Search engines such as Google and Bing can also blacklist your website so that the site is not visible on their search engines and visitors cannot enter it. This adversely affects the traffic, customers, and sales on your website.
Additionally, you may also receive an email from Google Search Console or Google Webmaster Tools notifying that your website has been compromised. Generally, Google also tells you which is the harmful link/app that is causing the trouble.
Sometimes, you may also unknowingly cause your website to be listed under this category of harmful websites if you or your SEO consultant use black-hat SEO techniques or if you use copyrighted or plagiarized content on your site.
When Google blacklists your site, either the site or all of its webpages do not appear in the search results until Google removes it from its blacklist or it may display a warning, such as the ones mentioned above, so that visitors are warned not to access the site.
To remove your website from this blacklist or to stop viewing these warning messages, you will need to verify (with proof) the ownership of your website with Google, show that your site is not hacked (again with substantial evidence), and if your site was compromised, you will need to show that you have completely disinfected your site and that there is no harmful content on it anymore.
Once your website has been removed from the Google blacklist, it is necessary that you check your website regularly for copyrighted content, strange links, malware, and prohibited SEO activities. Always be vigilant and take all the necessary measures to avoid getting hacked again. This is crucial because for repeat offenders, Google does not review websites again before a 30-day period.
To sum up, keep your WordPress website safe by installing all the required WordPress security plugins, change and update your user credentials regularly, avoid WordPress spam by installing the best WordPress anti-spam plugins, maintain a firewall for your site, secure your login page by using two-factor authentication, scan for malicious codes frequently and remove them, and always keep backups.