Google Search Result for our website have been hijacked by spam results

We discovered a week ago that the Google Search Results for our website https://adv-plastics.com/ is going to a variety of spam sites. I do NOT know if this is a DNS problem, malware issue, or other problem, and did not see this answered in the cloudflare community. I am looking for a solution, any help is appreciated.

Here is the google search result: (type in advanced plastics in google and it will list within the first 5 listings):

Cialis prices canada, buy cialis pills generic - Adv-plastics …

Adv- plastics Canadian Pharmacy. Best Prices! Only today - viagra lowest price. Fast online consultation! Refund Policy. Special saving program!
Cheap Discount Viagra · ‎Supplier Uk Viagra · ‎Cialis Preise


attempted solutions:

Once we saw this was a problem, I have set up cloudflare for our site, reported the abuse to cloudflare, reported it to google, updated to cloudflare nameservers and tried to resolve it with GoDaddy who has the hosting and domain name.

I also updated the site PHP, wordpress and plugins, installed Malcare and ran diagnostics with no errors.

I did run another scan at quttera, and it stated there were 27 Malicious files. However, I have downloaded the site on my computer and did a scan for any of the file names that were listed in the scan, and I was not able to locate any malicious code.

Wow! That’s a big one.

Well, if your database still contains hidden malicious code, even links to spammy websites and doing possible redirects, then you would have to consider and inspect your database as well.

For Google, it could take up to few days to clear and update the search results.

If you are sure there is no more, but Google still displays the “malicious” and “spam” content, you could try to ping your sitemap directly to Google using below link (just modify it to your actual domain.com/sitemap.xml file) and wait up to 48 hours for any changes (due to their index crawler and some other factors like priority, etc.):

  • https://www.google.com/ping?sitemap=https://www.domain.com/sitemap.xml

Helpful tool and article here:

But I am afraid Cloudflare has nothing to do with it as far as Cloudflare does not (yet) have an anti virus and/or malware tool/provide service for your website/public.

In that case, you should use online tools like Sucuri.

Moreover, if using Linux, there are tools like rkhunter, chkrootkit, clamav, etc. Otherwise, you would use and pay some tools like Patchman, KernelCare, Imunify360, Wazuh etc.

You could try out with Imunify AntiVirus (Free version) and scan your files (some cPanel hosting providers have it installed too).

Firstly you would have to clearify that at the origin host / server and with your hosting (GoDaddy) provider to scan and clean the infected Website.

If you think your WordPress website is being hacked, kindly see below articles as far as I am afraid Cloudflare currently cannot clean your WordPress hacked website even do something about it.

WordFence plugin is also good to scan files for malware and remove them and also enable protection for your Website. Moreover, if using Cloudflare and WordFence, do not forget to enable CF-Connecting-IP .

I think you have done all you could up for now at least.

1 Like

Clamav isn’t designed for WordPress. Using this and thinking it will help is not correct as it’s well known it does not focus on php and web files, if at best it does very basic. You would instead, at minimum, use maldet that can use clamav as well but maldet is designed with signatures for server side.

Alternatively, there are many open-source tools to scan PHP files, but you need to have backend access, know how to use the Linux terminal and have an idea about PHP. Even then, there is more to it.

Secondly, download Kali Linux, learn some pen-testing tutorials, allow your IP with cloud flare and smash your server. I can suggest several tools on it that are decent, and it’s what the criminal scum are using. You will never stop 0-day attacks with it, but most WordPress hacks are old and well known for servers that never update.

Also, updating your PHP is useless unless you have not got it locked down. Read some tutorials about hardening PHP.ini, and you should be on 8.0, which is safer than anything below it.

Also, makes sure your folders have a minimum of 755 permission and all files 644.

Personally spend 200 bucks, get it cleaned and learn how to harden. You had to do so much updating. I am sorry to say this was bound to happen. Don’t feel bad. Many sites do this and get hacked, and it’s a learning curve just not a fun one.

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.