Test “Unreachable” hacked response manually on Google Webmaster Tools – can it fetch and index your site

Came across an interesting and frustrating problem with a client website.

His WordPress site had been hacked -it was an advertisement hacking and swamped his site with adverts for clothing and also cleverely re-indexed the site on Google to advertise these clothes. I managed to restore and remove the hacked parts of the site, then updated the WordPress version and plugins. The site displayed perfectly well, but I later found there were numerous entries still in posts that had to be removed, so got rid of them.

Succuri scanned and found no malware - BUT I later discovered that for some unknown reason Google Webmaster Tools woulnd't index or re-fetch the site. It was most odd - every time I tried a "Fetch" - it just reported "Unreachable", but the website was online!

Eventually I found a manual test from Linux to test using the Google agent :

curl -D - -A '/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)' http://website.com

Running this with any other website worked fine, but try it with my website and it froze.

I evenetually tracked the problem down to being some hidden PHP eval urldecode code in the footer.php and functions.php of the WordPress theme, obviously left by the clever hacker - got rid of that and hey presto the curl command line worked!


Leave a Reply