Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
P
P
pihachu2020-03-16 08:42:25
Search Engine Optimization
pihachu, 2020-03-16 08:42:25

How is it possible that a third party user is added and verified in the google search console?

Hello. I received a notification in the mail that a third-party user was added and confirmed as the owner (by adding to the root of the html token) in the google search console.

I am the sole owner of the site, I did not give access to anyone, except for the developers (I created sub-accesses).

I checked the root, I did not find the html token. Ownership of a third-party user has been revoked.

I checked the files by date of modification - it seems to be clean (but the date of modification of some folders coincides with the time of hacking, although the files in these folders are not changed).

How can this user access the root of the site? What is the danger in the future?

Help, please, to understand.

UPD. Does restoring a full backup completely remove the consequences of a hack?

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

2 answer(s)
Report
G
Gooooroooo, 2020-03-16
@pihachu

So, in order:
1) How you got access: Check your computer and the developer's computer for malware, viruses, trojans (passwords could be saved in the browser or on the computer, from where the trojan successfully extracted them).
2) Restore backup before hacking: you can remove all the consequences of hacking, but without changing passwords, this is such a solution to the problem.
3) What to do next:
a) Change passwords from the admin panel, hosting, FTP;
b) Contact the hosting, the server may have been hacked and then you need to wait for
recovery;
c) If the first two subparagraphs cannot be completed for some reason, then first parse
the site and check what has changed or is changing. Also, set up a "stub" with a 200 response and
write what is being done. work. So at least you won't lose your positions so much.
For more details on how to implement all this, see here: https://siteclinic.ru/blog/raznoe/chto-delat-yesli...

Report
P
Puma Thailand, 2020-03-16
@opium

You were stupidly hacked or stolen passwords and attendance from you or programmers
Restoring from backup levels the consequences of hacking but does not affect the hole through which you entered

Similar questions
A
Alexey Korolev2016-04-18 22:22:06
Should I hide non-unique articles from indexing in DLE? 4Reply
A
AC2018-09-16 06:58:08
Do ads with the same text and a backlink negatively affect positions in the search engine? 1Reply
A
alex1nd2018-09-17 20:00:21
The site has slipped in Yandex, how to return? 3Reply
R
ruhareinc2016-04-20 15:37:14
Text on the main page, is it necessary? 1Reply
S
stalker13132018-09-19 14:38:13
Who can audit a site? 2Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question