![\"security-issues-page-1\"](\"https:\/\/www.whitefirdesign.com\/blog\/wp-content\/uploads\/2016\/04\/security-issues-page-1.png\")
<\/p>\n
<\/p>\n
In this case Google detected that spam pages were being added to the website, which they refer to as an URL injection.<\/p>\n
Before requesting a review last Monday, we doubled checked that the spam pages no longer existed using the Fetch as Google tool in the Search Console, which allows you to see that what is served when a page is requested by Google. The URL they listed on the Security Issues page was “Not found” when we used the tool, indicating that the spam page was no longer being served to Google.<\/p>\n
On Tuesday a message was left in Google’s Search Console for the non-www version of the website’s domain indicating that\u00a0hacked content had been detected:<\/p>\n
![\"seach-console-message-non-www\"](\"https:\/\/www.whitefirdesign.com\/blog\/wp-content\/uploads\/2016\/04\/seach-console-message-non-www.png\")
<\/p>\n
Considering that Google was already listing the website as having a security issue for several days you might think this was a new detection, but it wasn’t. In the security issues section it still listed the old last detected date:<\/p>\n
![\"security-issues-page-2\"](\"https:\/\/www.whitefirdesign.com\/blog\/wp-content\/uploads\/2016\/04\/security-issues-page-2.png\")
<\/p>\n
Using the Fetch as Google tool in the\u00a0Search Console we requested the URL again and it was still “Not found”:<\/p>\n
![\"fetch-as-google-4-19-2016\"](\"https:\/\/www.whitefirdesign.com\/blog\/wp-content\/uploads\/2016\/04\/fetch-as-google-4-19-2016.png\")
<\/p>\n
Then on Wednesday the same message was left for the www version of the domain:<\/p>\n
![\"seach-console-message-www\"](\"https:\/\/www.whitefirdesign.com\/blog\/wp-content\/uploads\/2016\/04\/seach-console-message-www.png\")
<\/p>\n
Again the last detected date in the Security Issues section hadn’t been changed and the using the Fetch as Google too the URL was still “Not found”:<\/p>\n
![\"fetch-as-google-4-20-2016\"](\"https:\/\/www.whitefirdesign.com\/blog\/wp-content\/uploads\/2016\/04\/fetch-as-google-4-20-2016.png\")
<\/p>\n
Then on\u00a0Saturday\u00a0the Security Issues page indicated that URL injection had been detected as of that day:<\/p>\n
![\"security-issues-page-3\"](\"https:\/\/www.whitefirdesign.com\/blog\/wp-content\/uploads\/2016\/04\/security-issues-page-3.png\")
<\/p>\n
We again used the Fetch as Google tool and it was still “Not found”:<\/p>\n
![\"fetch-as-google-4-23-2016\"](\"https:\/\/www.whitefirdesign.com\/blog\/wp-content\/uploads\/2016\/04\/fetch-as-google-4-23-2016.png\")
<\/p>\n
At this point we also checked the website over to make sure the malicious code hadn’t returned and it hadn’t.<\/p>\n
Then this morning the warning was gone from the search results and the Security Issues page was clear:<\/p>\n
![\"security-issues-page-4\"](\"https:\/\/www.whitefirdesign.com\/blog\/wp-content\/uploads\/2016\/04\/security-issues-page-4.png\")
<\/p>\n
Considering that nothing changed between Saturday and today, that detection on Saturday would seem to be some kind of a mistake. Seeing at the page wasn’t even being found this doesn’t seem like an understandable false positive, but something seriously wrong with their system. If you weren’t aware of that how problematic the process is, you might have been very concerned upon seeing the new false detection.<\/p>\n
The fact that it took them a week to finally clear the website also doesn’t seem to be an acceptable in this case.<\/p>\n
<\/p>\n","protected":false},"excerpt":{"rendered":"
Early last year Google changed some of the underlying technology used in their process of of handling\u00a0websites they suspect of being hacked (which leads to a “This site may be hacked” message being added to listings for the websites on Google’s search results). More than a year later\u00a0we are still finding that the review process … Continue reading “Google Needs to Improve the Review Process for Websites Labeled “This site may be hacked””<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[25,4],"tags":[56],"class_list":["post-2647","post","type-post","status-publish","format-standard","hentry","category-bad-security","category-google","tag-this-site-may-be-hacked"],"_links":{"self":[{"href":"https:\/\/www.whitefirdesign.com\/blog\/wp-json\/wp\/v2\/posts\/2647","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.whitefirdesign.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.whitefirdesign.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.whitefirdesign.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.whitefirdesign.com\/blog\/wp-json\/wp\/v2\/comments?post=2647"}],"version-history":[{"count":7,"href":"https:\/\/www.whitefirdesign.com\/blog\/wp-json\/wp\/v2\/posts\/2647\/revisions"}],"predecessor-version":[{"id":2664,"href":"https:\/\/www.whitefirdesign.com\/blog\/wp-json\/wp\/v2\/posts\/2647\/revisions\/2664"}],"wp:attachment":[{"href":"https:\/\/www.whitefirdesign.com\/blog\/wp-json\/wp\/v2\/media?parent=2647"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.whitefirdesign.com\/blog\/wp-json\/wp\/v2\/categories?post=2647"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.whitefirdesign.com\/blog\/wp-json\/wp\/v2\/tags?post=2647"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}