The next thing you’ll need to do, now that your site is clean, is to determine whether the compromise got your site blacklisted. The first thing to do in order to determine that is to join Google Search Console. As might be expected, you’ll need a Google account for this, so if you don’t have one, now is an excellent time to remedy that.
To joint Google Search Console, go to:
Google Search Console
You’ll receive the following screen.
Type in the name of the website you wish to add & click the ‘ADD A PROPERTY’ button.
The following screen appears.
I’m going to choose the recommended method, which involves downloading a file & then uploading it to the site’s web root folder.
When I click the ‘this HTML verification file. [google7d6c00f922202225.html]’ link, I get the standard dialog to save a file.
I then used my FTP client to upload it to the web root of my site. Press the ‘Verify’ button, & that’s all there is to it. The following congratulatory screen appears.
Click The ‘Continue’ link.
You may have to verify a captcha the first time you use the search console. Simply check the box, enter in the text you see or the words you hear (the audio is sucky, BTW, but it seems like if you’re anywhere near close they verify you), & press the ‘Verify’ button. You’ll need to press it a 2nd time to actually verify the site if you indeed are presented w/a captcha.
Once the site has been successfully verified, click The link containing the name of the newly verified site, in this case, https://www.mysitesbeenhacked.com.
There are 2 areas you’ll want to pay particular attention to. The first is the ‘Security Issues’ link. Clicking that will let you know if Google found anything on your site that could infect your visitors.
The 2nd area of interest is the ‘Search Traffic’ tab. Clicking on it causes it to expand to provide more options, one of which is a link called ‘Manual Actions’. Clicking on that link will notify you of any spam content that Google has flagged on your site. This is also where you can request a reconsideration review of your site, if that link is available. Note you may have to do this for various iterations of your site like www.yoursite.com https://yoursite.com, etc.
Also, bear in mind that Google is not the only blacklist your site may be on. Your next stop should be:
You can enter your site into the search box to see if it’s on any blacklist. Click the ‘Request Review’ link if so in order to have your site re-examined. Google & other sites tell you the review might take a week or more, but my experience is that they’re generally done in far less time, especially if you’ve followed all the steps & truly gotten rid of the compromise.
A site hack is always a hard thing to have to go through. Hopefully, though, the experience has helped you learn how to better secure your site & how to prevent a recurrence in the future.