Introduction to Manual Actions in Google
Most people have been victims of hacking, whether they know it or not. Any website owner will have suffered attempts to compromise their website. Sometimes these don’t work – good news. Other times, the hackers get what they want so you then have to deal with manual actions in Google Search Console.
As we have built and managed hundreds of websites, we can offer an insight into the type of activity currently going on by hackers and spammers. We can also help you fix those issues if you contact us. Before that, here is some information and advice, particularly concerning something known as manual actions in Google Search Console.
What is a Manual Action in Google?
A manual action is given when Google Search Console detects malicious activity on a website which is listed in Google Search index. Malicious activity can be anything from spam to malware, which are activities performed by ‘hackers’ or ‘bots’. If Google detects that your website has been compromised by a hacker, it alerts you via Google Search Console.
If you are given a manual action, you need to act fast because Google will mark your website as insecure by displaying a line of text under your search results. It will say something like “This site may be hacked.” This isn’t great, as it will put people off visiting your website and could have devastating results for your visitors and ultimately your revenue.
If you are given a manual action, you will receive an email via your Google Search Console account, which will say something like this…
“Google has detected that your site has been hacked by a third party who created malicious content on some of your pages. This critical issue utilizes your site’s reputation to show potential visitors unexpected or harmful content on your site or in search results. It also lowers the quality of results for Google Search users. Therefore, we have applied a manual action to your site that will warn users of hacked content when your site appears in search results. To remove this warning, clean up the hacked content, and file a reconsideration request. After we determine that your site no longer has hacked content, we will remove this manual action.”
What is Google Search Console?
Anyone who manages a website should be using Google Search Console. It is a free tool, provided by Google to help you manage the health, performance and security of your website.
If you are not using Google Search Console, you should be. If you need help or advice on how to set it up and use it, please get in touch. In brief, the setup requires you to create a Google account (if you haven’t already). You will then need to register for Google Search Console and add your website(s) as a ‘property’.
Finally you will then need to verify your property, which is the part you might need the most help with. Verifying a property can involve having to add a snippet of code to your website in the background. This can be tricky for a layperson, so please don’t do this without help.
How Do I Deal With a Manual Action in Google Search Console?
This is the tricky part. There are many different things that Google can award a manual action for. The most common example, however, is when a hacker inserts their own content into your website. Most of the time, this will be a result of ‘bots’ (automated programmes, as opposed to real people). Bots will try to find vulnerabilities in a website in order to access it through a back door. It will then add content, usually in order to divert traffic to another website.
When Google Search Console alerts you to a manual action, it will tell you why it has been issued and you then need to follow the advice it gives you. For example, if some malicious files have been added to your site, Google will tell you what they are and will ask you to delete them.
Deleting Malicious Files from a Website
Deleting these files should be done with care. I would always recommend speaking to an experience Web Developer such as Go Web. We can help locate the malicious files and fix the problem for you.
Assuming you have deleted the files in question, the next step would be to secure your site from future attacks. There are many ways to do this, such as using a firewall, a security plugin for platforms such as WordPress, changing passwords, and so on.
Once you have deleted the files in question and secured your site, you need to then submit a reconsideration request. When you do this, Google will ask you what steps you have taken to secure your website.